Aren’t the stickers supposed to go to the sides of the enclosure?
They were intended for that. It is the “Flying Tigers” logo. The Flying Tigers were three squadrons of fighter pilots and aircraft that volunteered to fight for China against Japan under US command before the US joined WWII. The logo is cut to go on either side of an aircraft nose.
The height to width ratio only works on the front of the enclosure because of the longer sloped flat there. I will push the two stickers together.
Awesome dude:heart_eyes: The shark teeth u can use as a bottle opener:heart_eyes:
@Eboosted Hi Alan, has your website been hacked? I just went on to get the Vanguard enclosures link for somebody on Facebook and I got a load of strange stuff pop up, it happens whenever you click a link to take you to a different part of your website! Below is just one example:
looks that way; don’t click enclosures
i also have the issue from my iphone, but not the computer…
Unsure why it’s working for me then. Both my phone and my laptop dont have the problem.
Edit: maybe location has something to do with it? It’s possible that since im EU im getting a cached Cloudflare image of the site or something
Yeah there’s definitely something afoot
I got this and 4/5 other pop ups on my note 8
I wonder if it’s an individual attack, or just the hosting platform Alan uses
OMG!
I have no idea how to fix this
Works fine for me using an adblocker. I reccomend ublock orgin, it blocks every ad I have come across.
Oh maybe it’s that! I also have ad block
It seems like there’s some kind of malicious code opening or attempting to open a new pop-up page on your first attempt to click the top menu.
If I close the pop-up I can still navigate to where I’m trying to go but something fishy is definitely going on.
Did you set the website up yourself or did someone else?
I think it might be this. Says you need to update the plugin for your Wordpress site to fix the issue.
Why do I think so? Because in the HTML page under the comment “WPLC custom JS” there’s a script that gets included. In your browser’s dev tools under sources if you open yourservice.live/javascript-mini.js there’s a line
var _td = String.fromCharCode(a bunch of numbers)
and then the next line evaluates that. Those numbers are just there to obfuscate the malicious script that runs.
I’ve heard from others in the web dev industry that wordpress sites and their plugins get security flaws like this constantly. If you can, move over to something else in the future
This is exactly what has happened, I updated the plug in now but the malicious code still remains on the website and I have no idea how to clean it
Have you tried clearing your browser cache? maybe you are seeing a cached version even if the problem is fixed?
Do you have access to your site’s raw files and code? You can try to find it and manual delete the script that way.
Similarly, try to see if there is a backup you can restore?
Hopefully without impact any purchases that may have occurred.
Additionally, I hope that no data was stored locally regarding payment options and such…
Ask your host to roll the site back to a working snapshot from a few days ago. After that is done confirm that the update is still in place and move on.
To quote from the article I sent:
Since “admin_init” hooks can be called visiting either /wp-admin/admin-post.php or /wp-admin/admin-ajax.php, an unauthenticated attacker could use these endpoints to arbitrarily update the option “wplc_custom_js”. “
So you should go into your site’s admin panel or what have you, and find that option (wplc_custom_js) and reset it / remove the attacker’s malicious script include / maybe clear it?
Edit: Brent’s suggestion is probably the best, you can never be too sure that’s the only thing the attackers had access to.
Edit no. 2: Realized there’s a dedicated thread about this. Whoops. Mods can move these messages over to there if they care.