Jump to content

js/spy.banker.iz on checkout page (false positive?)


Go to solution Solved by Marcos,

Recommended Posts

Hi all,

My company is ready to move forward with a digital agency - and when landing on their signup page to enter my billing information, I'm met with the attached screen.

They've advised it's a false positive, but I'd appreciate it if you investigate further.

The main webpage https://www.hubsnacks.com/pricing seems to be fine.

It's when you progress to the basket and checkout pages.

If it is a genuine positive, could you pinpoint where the bad code is so I can highlight it to the person I'm dealing with please?

Thanks in advance,

Nigel

 

 

Screenshot 2022-11-09 at 09.17.47.png

Edited by Marcos
Links removed
Link to comment
Share on other sites

  • Administrators
  • Solution

The detection is correct. Searching for "var _0x174c56=_0x3e37;" should help you locate the malicious JavaScript.

Link to comment
Share on other sites

Thank you Marcos,

I've located that particular section. Forgive me, but it is that entire block of code or a specific line?

I'm trying to be as precise as possible with my messages to them 😤

Nigel

Link to comment
Share on other sites

Hi @Marcos,

The sales guy I'm speaking to says they've updated their site to remove any malicious code.

Are you able to re-test and see if it's negative now? I'm not ready to enter my billing info until I'm fully confident.

Thanks for your help.

 

Nigel

Link to comment
Share on other sites

  • Administrators

I didn't get any alert now after proceeding to checkout so the malware seems to have been removed indeed.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...