wordpress malware with a database injection that has a Brizy association

Jose Olivas

• June 01, 2026 21:19

I had a site get a malware infection in the database. The database table was 
xx_option
with two rows that had what was deemed malicious code:

with my search coming from this code query:

 

 

Is this a false positive or can I remove the entries.

 

0

• 

  Ariel H.

  • June 02, 2026 08:53

  Hi Jose,

  Thank you for reaching out.

  We compared this with a clean Brizy installation, and the brizy-header-injection option is not created by default.  It appears to point to an obfuscated JavaScript snippet loading an external script from an unknown domain (best.collectfast.tracks.com), so unless you intentionally added this tracking code, I would treat it as suspicious.

  Before making changes, please take a full database backup. After that, you can remove these entries:

  brizy-header-injection
  brizy-footer-injection

  We also recommend continuing with a full malware cleanup/security audit to make sure the code is not being reinserted by another plugin, theme, user account, or server-level infection.

  Best regards,  
  Ariel H.

  0

Please sign in to leave a comment.