sweet captcha site has been hacked – rhpop javascript


Fresh after recovery, I figured I write a small piece before I go home. If you’re seeing ad pop-ups or pop-unders from sites that load up something like rhpop-xxxxxx.js then you might have the sweetcaptcha plugin installed on your wordpress site. Let’s hope you’re the one who installed it — not the hacker :-), you might want to de-activate it and remove it from your system. Their site has been compromised and the wordpress plugin has also been pulled off the list. More general info here:

https://blog.sucuri.net/2015/06/sweetcaptcha-service-used-to-distribute-adware.html

Happy hunting…..


Leave a Reply