Showing results for 
Search instead for 
Did you mean: 

Checkout Page Hacked?

Occasional Visitor

Checkout Page Hacked?

Hi Guys


I hope someone can help.


Running Magento, website. When a customer click  at checkout page sudden there is a strange customer information and payment information popup.But I don't find this file in cpanel file manager.

Any ideas what this might be and how I can fix it?


Thank you in advance to anyone who can help.


Tags (1)

Re: Checkout Page Hacked?

Would you be able to share a screenshot of the popup please? 


If you think there has been an incident, this a great template to follow on what to do next:


On a more practical basis, you will want to validate that the pop-up form is indeed malicious in which case ideally you're going to want to:


  • Review admin users, delete any no longer needed and change passwords of all other users.
  • Review users that have access to server and do the same thing.
  • Identify the compromise and remove, this could be some malicious code on the server, or in the database (through something like the miscellaneous scripts section of system configuration). A developer will be needed here though if you're lucky might help confirm that you're compromised as they detect some common attacks.
  • Create a fresh new server with new credentials. 
  • Redeploy from version control to new server
  • Copy across cleaned database to new server
  • Relaunch/Migrate site on new server with new protections. 
If you've found one of my answers useful, please give "Kudos" or "Accept as Solution" as appropriate. Thanks!