Malware and vulnerability report for [email protected], found 8 issues.
‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ 
Sanguine Security

eComscan report

On 2020-03-31 13:01:02 UTC, eComscan found 8 security issue(s) with your store.

Server: [email protected]
Path: /data/web/magento1

🔍 Check — Store Software
Identifying the system that powers your store.

✓ Found Magento 1 at /data/web/magento1

A supported store application was found.
🔍 Check — Global file scan
Analyzing your files for malware and known vulnerabilities, based on 7000+ threat intel signatures.

✗ malware found: form_grabber_with_jsencrypter_ea9bc
In file:/data/web/magento1/js/mage/require.js
Timestamps (C/M): 2020-03-31T12:59:31Z 2020-03-31T12:59:31Z

✗ malware found: fetch_cc_details_5d902
In file:/data/web/magento1/query.html
Timestamps (C/M): 2020-03-13T12:42:54Z 2018-09-30T17:18:22Z

✗ malware found: burner_domain_cloudfusion_me_2e731
In file:/data/web/magento1/checkout.html
Timestamps (C/M): 2020-03-13T12:42:54Z 2018-09-30T11:50:48Z

Successfully scanned 10862 code/executable files. What next?
🔍 Check — Exposed database managers
Database managers on production systems are a common attack vector for online stores.

✗ vulnerability found: Adminer database manager
In file:/data/web/magento1/willem/a.php
Timestamps (C/M): 2020-03-13T12:43:04Z 2018-02-20T08:24:43Z

What next?
🔍 Check — Magento SQL injection flaw
Unpatched versions of Magento have an SQL injection flaw that allows attackers to fetch your admin passwords.

✓ Did not find any malware or vulnerabilities.

More info about this check.
🔍 Check — Magento 2 XSS flaw (RIPSTECH)
Unpatched versions of Magento 2 have an XSS flaw that allows attackers to hijack admin sessions.

✓ Did not find any malware or vulnerabilities.

More info about this check.
🔍 Check — Magento 1 database scan
Analyzing relevant tables for injected malware.

✗ malware found: indonesian_hackers_c81f3
In db:core_config_data.design/head/includes

✗ malware found: rogue_admin_account_62f33
In db:admin_user.email
More info.

✗ malware found: burner_domain_mage_storage_pw_5e53b
In db:information_schema.triggers.sales_flat_order

Scanned 155 rows in 6 tables, using the database from /data/web/magento1/app/etc/local.xml. What next?
🔍 Check — Magento 1 Insecure extensions
Checking your installed extensions for known insecure versions.

✗ vulnerability found: VladimirPopov_WebForms
In module:/data/web/magento1/app/code/community/VladimirPopov/WebForms
Remove or upgrade to 2.8.0. More info.

NB. Even if modules are renamed or disabled, they may still pose a threat to your system. It is recommended to always upgrade or remove vulnerable code completely.

This report was generated by eComscan, the most effective malware and vulnerability monitor for online stores, scanning over 200.000 stores daily.

Please contact us at [email protected] for assistance or a manual root cause analysis.

Version: 1.2.0, running interactive
Command line: ecomscan [email protected] magento1/

Sanguine Security
Europalaan 20,
3526 KS Utrecht
The Netherlands

This report is based on the most recent and extensive threat intelligence. However, Sanguine Security provides this information "as is" without warranty of any kind, express or implied, including but not limited to the warranties of merchantability, fitness for a particular purpose, correctness and completeness.