MALWARE in ALIDROPSHIP FILES? Malicious activities in my site! -- NEW UPDATE: Website CAN NOT Be accessed on MOST COUNTRIES!

Jefri

Active Member
Hello.. i saw some malicious activities in my site.
It came from Alidropship IP address.

I don't know is it a normal activities or there is a malware in Alidropship file? Still not sure.
If there is some malware in files, then it will not good for our SEO rank in Google


unknown activity1.png
 
E

Ekaterina Sayapina

Guest
Hello.. i saw some malicious activities in my site.
It came from Alidropship IP address.

I don't know is it a normal activities or there is a malware in Alidropship file? Still not sure.
If there is some malware in files, then it will not good for our SEO rank in Google


View attachment 3864
Jefri, could you please pm me your WP access details?
 

Jefri

Active Member
@Jefri
Looking forward to how was resolved

Most concerning:(

Yes, homework for Yaros to re-check again all files in Alidropship if there are malware code inside.
I believe to Yaros and his team can resolve this.
Don't let Alidropship become the second facebook today
 

wahmmo

New Member
I noticed the same activities on my site, please give us an update soon about what these activities are shown by wp cerber that seems to point to alidropship causing them, thanks.
 

Jefri

Active Member

@ZAPPY : No i haven't. I just read it. Thanks!
by the way, in that article, do you see that suspicious IP address came from Russia IP ( .ru)

I noticed the same activities on my site, please give us an update soon about what these activities are shown by wp cerber that seems to point to alidropship causing them, thanks.

@wahmmo : wp cerber is a plugin to protect our site, and now he/she (wp cerber) has become a suspect! LOL

The full encryption of Alidropship and Social Rabbit codes make it just worse, we can't even know what's in there or why it's connecting to those servers, and this https://forum.alidropship.com/threa...-every-michelangelo-and-rembrandt-theme.4232/ doesn't look good neither

@aminech : i don't use social rabbit. but another auto poster plugin


Well, it seems "someone" is watching our sites.
I don't know for what, but i am sure it's for criminal work!
When i noticed this suspicious activities, i changed my custom login url on WP Cerber and other setting to make it more harder. But this "unknown thing" still can connect to my site.

Maybe i am wrong, but i think there is a MALWARE CODE inside Alidropship plugin.
As i know, Alidropship plugins is build by Alidropship official team with others 3th party Developers.
And of course, it is very hard for Yaros and his trusted team to check one by one of files each time an update was released!

So, What will happen for this issue?
* Very bad for our SEO Rank on Google. Google will blacklist our site if a malware found in our site.
* Very bad for our buyers. Their PayPal email address will be used for criminal.
 

Jess

Active Member
If there really is something suspicious going on, SEO rank in Google is going to be the least of your worries if you have a site that's making money and sales.
 

Jefri

Active Member
If there really is something suspicious going on, SEO rank in Google is going to be the least of your worries if you have a site that's making money and sales.
Hahahaha yes you're right!
Actually my most worries is "they" can steal all my buyers!
They will send marketing emails to my buyers and offer cheaper price to them, say something bad about my site, bla.. bla.. bla.. and other fu*king sh*t.. :mad:
 

aminech

Active Member

That's the IP of srv24.alidropship.com.
Alidropship are hosting their contents at 3NT Solutions, I have checked google, 3NT Solutions has a bad reputation and some shady activities.
Im also wondering why the plugin is connecting to those servers multiple time per hour ?
And this post raises more concerns https://forum.alidropship.com/threa...-every-michelangelo-and-rembrandt-theme.4232/
If any data is collected they should make a privacy statement about it, I hope we can get some answers from alidropship team.
 

Victoria Kudryashova

Administrator
That's the IP of srv24.alidropship.com.
Alidropship are hosting their contents at 3NT Solutions, I have checked google, 3NT Solutions has a bad reputation and some shady activities.
Im also wondering why the plugin is connecting to those servers multiple time per hour ?
And this post raises more concerns https://forum.alidropship.com/threa...-every-michelangelo-and-rembrandt-theme.4232/
If any data is collected they should make a privacy statement about it, I hope we can get some answers from alidropship team.


3NT Solutions is one of the most popular and trusted provider of IT-solutions. We use them as a provider of IP address subnet , that's it. Our servers are totally set up and supported by AliDropship technicians. No 3rd parties developers are not involved neither here nor in AliDropship plugin development process.
 

wahmmo

New Member
3NT Solutions is one of the most popular and trusted provider of IT-solutions. We use them as a provider of IP address subnet , that's it. Our servers are totally set up and supported by AliDropship technicians. No 3rd parties developers are not involved neither here nor in AliDropship plugin development process.

so should we block the ip address as advised by @Jefri? Please advise us asap as it's really very suspicious...
 
Top