cancel
Showing results for 
Search instead for 
Did you mean: 

checker11.com malware

checker11.com malware

Has anyone experienced a malicious javascript insertion, from checker11.com?  Found a script file in my header that led to what appears to be an attempt to collect user info. The script calls the co-billing and co-payment forms at checkout.

4 REPLIES 4

Re: checker11.com malware

Hi @sdowney2002

 

Is your site fully patched? You may check at system -> configuration -> Design -> footer -> Miscellaneous HTML for any suspicious script.

 

Please refer following post https://community.magento.com/t5/Magento-1-x-Technical-Issues/HELP-site-hacked/m-p/19304#M1501 it has links to Magento best practices and other precautions which can help you keep your site secured.

---
Problem Solved Click Accept as Solution!:Magento Community India Forum

Re: checker11.com malware

Yep, fully patched. And behind a firewall. And the admin login was obfuscated and IP restricted.  Smiley Wink

 

And "System -> Configuration -> Design -> Header -> Miscellaneous HTML" was exactly where the script was placed.

Re: checker11.com malware

Hi @sdowney2002

 

It is better to restrict the admin url access by IP address (If you have static IP) or use two factor authentication.

---
Problem Solved Click Accept as Solution!:Magento Community India Forum

Re: checker11.com malware

I've found a similar code in php placed in the mage.php file. I think this happened shortly after I hired a "reputable" company to do some work for me on Magento.  I'm not sure if its related or them or not, but it seems the file was accessed via ftp.