0

A client uploaded an Unsplash image to his Wordpress website back in February. Yesterday, a little known virus scanner flagged the image as having trojan.js.imgfake malware. What is it and why is there no information on the internet about this specific virus?

(I don't know what virus scanner my client uses. But it's definitely not WordFence. From my Google search, all I could figure out that a little known virus scanner - Virusdie - is the only entity that talks about this virus.)

Can it be a false positive? I uploaded the image to VirusTotal and it turned out to be clean.

I tried uploading the image to VirusTotal, and was expecting the presence of some malware. But it turned out to be clean.

Marifur Rahaman
  • 1
  • 1
  • Read https://virusdie.com/blog/how-to-find-images-infected-with-malware/ – James Mar 22 '23 at 04:36
  • What exactly does this so called malware do? And other than the Virusdie website, why isn't there a single mention of this malware elsewhere on the web? This makes me wonder whether Virusdie is deliberately trying to scare people. – Marifur Rahaman Mar 22 '23 at 05:39
  • Open the image in a **text editor** and visually look for any part of it that has php stuff. I don't know if most virus scanners look for wordpress-specific malware. I have no idea what it does exactly or approximately. – James Mar 22 '23 at 05:42
  • This is what the notepad output looks like- https://postimg.cc/JsvkH2RW - I don't think there is any PHP stuff. – Marifur Rahaman Mar 22 '23 at 05:54
  • There doesn't appear to be in that part of the file. If you don't spot anything php-ish, it's likely a false positive. – James Mar 22 '23 at 06:02

0 Answers0