Jetpack 3.9.6 affected by trojan :D

[junior riau]

hallo

langsung aja, pagi ini doi (email admin) terima notifikasi 89 file hits
langsung cek semua file berasal dari jetpack
sore ini ta scan beneran affected loh

Spoiler: cekapeh jetpack 3.9.6

https://www.virustotal.com/en/file/...aabbcb6f5a73a652682b159b/analysis/1461152937/

tiati yak yang pakai wp + jetpack

 

[GPLHosting]

Alhamdulillaah ... masih pake Pure HTML

 

[dhyhost]

Jetpack bnyk yg pakai tuh, plugin terkenal

 

[pangeran1995]

sepertinya harus reinstall jetpack

 

[iidbae]

jetpack, plugin umat wordpress.
Kalau emang iya, bakalan heboh dunia per wordpress an.

kayaknya salah deh
wordpress.org/support/topic/jetpack-treated-as-trojan

 

[pluto01]

sip, nice shared kang mas

 

[paijo2]

bukan kang, itu false-positive dari clamav nya, coba baca komentar dari kontributor pluginnya dari url yg diberikan sama iidbae. klo dibaca itu file js juga tidak ada code yg mencurigakan.

We're looking into this now and believe it to be a false-positive from ClamAV.

The virus described is a system level trojan which tricks you into manually downloading malware, which really isn't possible from plugin on a site (it would have to exist and run on your local PC), and the file has not been changed since 3.9.6 was released (at which time it was clean). Meanwhile, the file itself is simply a display fix for responsive videos on a few select themes.

In addition, responsive-videos.js (the source from which responsive-videos.min.js is minified) is not listed as infected.

The false-positive has been reported to ClamAV (the source of the majority of the reports we've received, VirusTotal doesn't disclose who they use), and we're hoping for a quick resolution.

From what we can tell so far, there is no cause for concern.

 

[pangeran1995]

dilihat dari updatenya saat ini aman sekarang

 

[idnix]

trojan itu apa kk?

 

[sigmabisnis]

hmm iya nih, beberapa situs ada yang kena Scan berasal dari jetpack , jadi sebenarnya itu false-positive aja yaaa?