MALWARE in ALIDROPSHIP FILES? Malicious activities in my site! -- NEW UPDATE: Website CAN NOT Be accessed on MOST COUNTRIES!

J

Jefri

Active Member
Hello.. i saw some malicious activities in my site.
It came from Alidropship IP address.

I don't know is it a normal activities or there is a malware in Alidropship file? Still not sure.
If there is some malware in files, then it will not good for our SEO rank in Google


unknown activity1.png
 
E

Ekaterina Sayapina

Guest
Jefri said:
Hello.. i saw some malicious activities in my site.
It came from Alidropship IP address.

I don't know is it a normal activities or there is a malware in Alidropship file? Still not sure.
If there is some malware in files, then it will not good for our SEO rank in Google


View attachment 3864
Click to expand...
Jefri, could you please pm me your WP access details?
 
J

Jefri

Active Member
ZAPPY said:
@Jefri
Looking forward to how was resolved

Most concerning:(
Click to expand...

Yes, homework for Yaros to re-check again all files in Alidropship if there are malware code inside.
I believe to Yaros and his team can resolve this.
Don't let Alidropship become the second facebook today
 
W

wahmmo

New Member
I noticed the same activities on my site, please give us an update soon about what these activities are shown by wp cerber that seems to point to alidropship causing them, thanks.
 
J

Jefri

Active Member
ZAPPY said:
@Jefri
Did you read this posting?
AliDropship themes infected
Click to expand...

@ZAPPY : No i haven't. I just read it. Thanks!
by the way, in that article, do you see that suspicious IP address came from Russia IP ( .ru)

wahmmo said:
I noticed the same activities on my site, please give us an update soon about what these activities are shown by wp cerber that seems to point to alidropship causing them, thanks.
Click to expand...

@wahmmo : wp cerber is a plugin to protect our site, and now he/she (wp cerber) has become a suspect! LOL

aminech said:
The full encryption of Alidropship and Social Rabbit codes make it just worse, we can't even know what's in there or why it's connecting to those servers, and this https://forum.alidropship.com/threa...-every-michelangelo-and-rembrandt-theme.4232/ doesn't look good neither
Click to expand...

@aminech : i don't use social rabbit. but another auto poster plugin


Well, it seems "someone" is watching our sites.
I don't know for what, but i am sure it's for criminal work!
When i noticed this suspicious activities, i changed my custom login url on WP Cerber and other setting to make it more harder. But this "unknown thing" still can connect to my site.

Maybe i am wrong, but i think there is a MALWARE CODE inside Alidropship plugin.
As i know, Alidropship plugins is build by Alidropship official team with others 3th party Developers.
And of course, it is very hard for Yaros and his trusted team to check one by one of files each time an update was released!

So, What will happen for this issue?
* Very bad for our SEO Rank on Google. Google will blacklist our site if a malware found in our site.
* Very bad for our buyers. Their PayPal email address will be used for criminal.
 
Jess

Jess

Active Member
If there really is something suspicious going on, SEO rank in Google is going to be the least of your worries if you have a site that's making money and sales.
 
J

Jefri

Active Member
Jess said:
If there really is something suspicious going on, SEO rank in Google is going to be the least of your worries if you have a site that's making money and sales.
Click to expand...
Hahahaha yes you're right!
Actually my most worries is "they" can steal all my buyers!
They will send marketing emails to my buyers and offer cheaper price to them, say something bad about my site, bla.. bla.. bla.. and other fu*king sh*t.. :mad:
 
A

aminech

Active Member
Jefri said:
@ZAPPY @wahmmo @aminech @Shahin09 @Jess : Blacklist this IP address

View attachment 3890
Click to expand...

That's the IP of srv24.alidropship.com.
Alidropship are hosting their contents at 3NT Solutions, I have checked google, 3NT Solutions has a bad reputation and some shady activities.
Im also wondering why the plugin is connecting to those servers multiple time per hour ?
And this post raises more concerns https://forum.alidropship.com/threa...-every-michelangelo-and-rembrandt-theme.4232/
If any data is collected they should make a privacy statement about it, I hope we can get some answers from alidropship team.
 
Victoria Kudryashova

Victoria Kudryashova

Administrator
aminech said:
That's the IP of srv24.alidropship.com.
Alidropship are hosting their contents at 3NT Solutions, I have checked google, 3NT Solutions has a bad reputation and some shady activities.
Im also wondering why the plugin is connecting to those servers multiple time per hour ?
And this post raises more concerns https://forum.alidropship.com/threa...-every-michelangelo-and-rembrandt-theme.4232/
If any data is collected they should make a privacy statement about it, I hope we can get some answers from alidropship team.
Click to expand...


3NT Solutions is one of the most popular and trusted provider of IT-solutions. We use them as a provider of IP address subnet , that's it. Our servers are totally set up and supported by AliDropship technicians. No 3rd parties developers are not involved neither here nor in AliDropship plugin development process.
 
W

wahmmo

New Member
Victoria Kudryashova said:
3NT Solutions is one of the most popular and trusted provider of IT-solutions. We use them as a provider of IP address subnet , that's it. Our servers are totally set up and supported by AliDropship technicians. No 3rd parties developers are not involved neither here nor in AliDropship plugin development process.
Click to expand...

so should we block the ip address as advised by @Jefri? Please advise us asap as it's really very suspicious...
 
You must log in or register to reply here.
Top