The paypal email has been changed in the admin, how is this possible if no one has the logins? Is this a potential hack?
I have ran the website through security sites such as https://sitecheck.sucuri.net// but no malicious code was found.
All magento patches where previously installed also.
Is this a common hack?
We have been having this exact same problem. It happened 4 times in 4 days, then again after a site rebuild on the latest version of Magento.
So they may have either have gotten in via a module/extension or something in my template files...
Did you have any luck on solving this?
Same problem. We are getting hacked daily and they are able to determine the new admin URL, Admin User Name and Password and access the admin section to change PayPal
Anyone know how they are doing this ?