I work for Getsitecontrol, the platform that provides a set of widgets for websites. We have common customers with Magento, who put our widgets on Magento-built websites. One of them has contacted us and informed us about an issue, which you can see in the screenshot below.
The code which is considered malware is used to connect the user's GSC dashboard to a website - in other words, it is used to make Getsitecontrol widgets work on users' sites. It is not malware and should not be marked as such.
We have two versions of the code where ID (in bold) is unique for each customer. Here is the first one: <script> (function (w,i,d,g,e,t,s) {w[d] = w[d]||[];t= i.createElement(g); t.async=1;t.src=e;s=i.getElementsByTagName(g)[0];s.parentNode.insertBefore(t, s); })(window, document, '_gscq','script','//widgets.getsitecontrol.com/193025/script.js'); </script>
This is the second one: <script type="text/javascript" async src="//l.getsitecontrol.com/k4y9lm7e.js"> </script>
I would extremely appreciate if anyone could provide any help with this.