BigNigel 0 Posted November 9, 2022 Share Posted November 9, 2022 (edited) Hi all, My company is ready to move forward with a digital agency - and when landing on their signup page to enter my billing information, I'm met with the attached screen. They've advised it's a false positive, but I'd appreciate it if you investigate further. The main webpage https://www.hubsnacks.com/pricing seems to be fine. It's when you progress to the basket and checkout pages. If it is a genuine positive, could you pinpoint where the bad code is so I can highlight it to the person I'm dealing with please? Thanks in advance, Nigel Edited November 9, 2022 by Marcos Links removed Link to comment Share on other sites More sharing options...
Administrators Solution Marcos 4,705 Posted November 9, 2022 Administrators Solution Share Posted November 9, 2022 The detection is correct. Searching for "var _0x174c56=_0x3e37;" should help you locate the malicious JavaScript. Link to comment Share on other sites More sharing options...
BigNigel 0 Posted November 9, 2022 Author Share Posted November 9, 2022 Thank you Marcos, I've located that particular section. Forgive me, but it is that entire block of code or a specific line? I'm trying to be as precise as possible with my messages to them 😤 Nigel Link to comment Share on other sites More sharing options...
Administrators Marcos 4,705 Posted November 9, 2022 Administrators Share Posted November 9, 2022 The whole JS bounded by the script tag should be removed. Link to comment Share on other sites More sharing options...
BigNigel 0 Posted November 9, 2022 Author Share Posted November 9, 2022 Gotcha! Thank you for the speedy response, Marcos! Nigel Link to comment Share on other sites More sharing options...
BigNigel 0 Posted November 9, 2022 Author Share Posted November 9, 2022 Hi @Marcos, The sales guy I'm speaking to says they've updated their site to remove any malicious code. Are you able to re-test and see if it's negative now? I'm not ready to enter my billing info until I'm fully confident. Thanks for your help. Nigel Link to comment Share on other sites More sharing options...
Administrators Marcos 4,705 Posted November 9, 2022 Administrators Share Posted November 9, 2022 I didn't get any alert now after proceeding to checkout so the malware seems to have been removed indeed. Link to comment Share on other sites More sharing options...
BigNigel 0 Posted November 9, 2022 Author Share Posted November 9, 2022 Thanks again, @Marcos Nige Link to comment Share on other sites More sharing options...
Recommended Posts