Jey 0 Posted October 27 Share Posted October 27 Hi One of our customer has got this threat notification via ESET while he is trying purchase a product in e-commerce platform https://screwman.co.za/ But the same customer is able to purchase an item from the same e-commerce platform in another machine which does not have ESET protection. Please help us to resolve this issue and guide us how to remove this malware from our e-commerce platform Regards Jey Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 4,935 Posted October 27 Administrators Share Posted October 27 It's a so-called Magecart malware. Please check the line with the following JS which contains the offending script: https://sucuri.net/guides/how-to-clean-hacked-magento/ Quote Link to comment Share on other sites More sharing options...
Jey 0 Posted October 30 Author Share Posted October 30 Hi Marcos Thanks for your reply. Can you please specify the JS file name, which may help us to solve the issue. Regards Jey Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 4,935 Posted October 30 Administrators Share Posted October 30 We don't know where the malware is stored. Did you check the db as advised in the above article, section "To manually remove a malware infection from Magento database tables"? If you are unable to locate the malware, please contact a company that provides website cleaning and monitoring services, such as Sucuri.net. Quote Link to comment Share on other sites More sharing options...
Jey 0 Posted October 30 Author Share Posted October 30 We checked in db and do not find anything related to this threat. Please find screenshot below for your reference Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 4,935 Posted October 30 Administrators Share Posted October 30 Since you didn't find the malicious code, please contact Sucuri.net or another company that provides website cleaning and monitoring services. Quote Link to comment Share on other sites More sharing options...
itman 1,630 Posted October 30 Share Posted October 30 Trustwave has an article on how to check for magecart malware here; https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/anyone-can-check-for-magecart-with-just-the-browser/ . Jey 1 Quote Link to comment Share on other sites More sharing options...
itman 1,630 Posted October 30 Share Posted October 30 (edited) Also this website: https://www.magereport.com/scan/?s=https://screwman.co.za shows multiple issues with Magento software used by https://screwman.co.za web site. Edited October 30 by itman Jey 1 Quote Link to comment Share on other sites More sharing options...
Jey 0 Posted October 31 Author Share Posted October 31 Hi Thanks for sharing the additional the inputs and let us go thru the same. Regards Jey Quote Link to comment Share on other sites More sharing options...
SeriousHoax 83 Posted October 31 Share Posted October 31 FYI, I have tested some other top products on the site and none of them detected anything. ESET's detection is correct for sure as confirmed by Marcos. This once again proves (to me at least) that ESET is the best at detecting malicious scripts on websites. Many times, ESET is the only one/the first one to detect such things. peteyt 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.