One of my clients recently got one of those "Your site has been flagged for malware" messages.
The file being flagged was:
That is a file for iThemes Security. I'm highly doubting that this is a legitimate malware. Has anyone else gotten one of these? I seen someone on WordPress.org had a similar situation, they didn't mention the host but I'm guessing that it was GoDaddy and that GoDaddy is giving false positives for iThemes Security users?
@Jwiere03 Where do you see the alert?
Can you please share the URL of the site?
@Jwiere03 Where do you see the alert? In your browser when you try to visit the site? In your GD dashboard? In a webscan?
@Jwiere03 well, that is not clear. Where did the email came from?
Also, sucuri doesn't show it as having malware. You should disregard the notice. Probably is a false positive, since it's a json file containing a wordlist that is used by the plugin to compare passwords in the site that it's installed.
Hope it helps!