How to Clean away.linestoget.com Malware

By Adrian StoianGuides

This relatively new type of malware attack is related to a previous mass contamination, documented in this article.

If your WordPress site is being redirected to away.linestoget.com links, it’s likely that your site has been compromised or infected with malware.
Your site may have vulnerabilities that attackers can exploit, if you are using an outdated version of WordPress.

If your website is affected, it is important to address the matter a soon as possible to prevent reputation damage.

MAGEFIX SecurityMalware cleanup & protection

Try our Free site check.

How to recover from linestoget.com malware

  1. Review each website component, including plugins, themes and core files.
  2. Stop using outdated plugins.
  3. Review the web files structure, users with administrator rights, check for SEO spam, review FTP accounts, Cron jobs, SSH access, etc.
  4. Ask for a site reindex via Google search console, most likely the Google cache pages are still infected.
  5. Apply any future security updates a soon as possible.
  6. Scan neighbour sites for cross-site contamination.

Malicious URLs:
https://go.linestoget.com/go.php?id=776&gid=5578775564
https://get.linestoget.com/scripts/global.js
https://stay.linestoget.com/scripts/check.js
https://go.linestoget.com/final.php?id=7457648&sid=34257&lid=576586
https://click.clickandanalytics.com/social/main.js?id=324-64-236374
https://away.linestoget.com/come.php?id=4643637&lid=346&cid=575342
https://new.weatherplllatform.com

Malicious IPs & networks: 2.59.222.119, 2.59.222.122, 91.238.104.193, AS50321, 134.209.192.77 AS14061.
Malicious domains: dr22.biz, ulmoyc.com, clickandanalytics.com, cqwajn.com, qzgxqt.com, rockblackstep.com, linestoget.com, desirebluestock.com, desirepurplestock.com, dm20.biz, 0.blueskymotions.com, 0.trackspecialsdomain.com, 0.bluelabelsky.com, 0.blueskymotions.net, 0.flowersforsunshine.com, 0.blueskyactivecontrol.net, 0.strongwhitespaces.com, 0.blueskyactivecontrol.com, goldflowerservice.net, weatherplllatform.com.

Malicious linestoget.com redirects are techniques used by hackers to divert web traffic from its intended destination to a different, often harmful, website. These redirects can lead to various malicious activities such as generating fraudulent ad revenue.

If your website is affected by malicious redirects, you should follow security best practices, such as: keeping software up to date, and regularly monitoring server logs.

Need more help?

Try our Free site check.