I have an opencart site (18.104.22.168) that was hacked via the authorize.aim hack a few months ago. I fixed it, but think something may have been left behind. I found this script that only appears at the checkout:
Kapersky labels it as a hostile script.
Any idea where I should look to find where this script has been inserted? Its definitely not in the twig files and does not appear to be in the /catalog or /system folders.
Any help would be appreciated, as I'm sitting here scratching my head.
why is that in your database?I they were able to rewrite your Google Analytics code in the database
Crystal Light Centrum Taiwan
Extensions: MailQueue | SUKHR | VBoces
“Data security is paramount at [...], and we are committed to protecting the privacy of anyone who is associated with our [...]. We’ve made a lot of improvements and will continue to make them.”
When you know your life savings are gone.
Users browsing this forum: No registered users and 38 guests