Scanning tool points "tmp/assets/asset_manager_core_js.js" to be a possible hacker file - is it a valid piwik file?


Our site has had some nasty visitors overnight - yes, got hacked. Scanning are running and stumble over the file “tmp/assets/asset_manager_core_js.js” as it contains “unpack” functions. Before deleting this file, I want to know if this file is by piwik originated & if it necessary to the working of piwik?

Thank you,
Kind Regards,



I think it is the file where Matomo merges all JS files into one which is then delivered to the browser.

But that doesn’t mean it isn’t possible that it has been tempered with. So I’d recommend you to delete everything inside the tmp/ folder as Matomo recreates it on demand.