Your Magento Store May Be At Risk
Being a client oriented organization, Dotsquares like to share recent updated with their valuable clients. We recently received reports of a new malware that appears to capture information from all fields of the checkout process, including credit card information. Attackers are likely using Admin or database access to implement the exploit. We do not have specific information on how the attackers are gaining Admin access, but it is common for them to guess weak passwords, target unpatched sites, or use Admin accounts they may have set up before a site was patched. 
We, at Dotsquares, recommend that you run a scan on magereport.com to determine if you are at risk for a “Credit Card Hijack” and check to see if you have any unknown Admin accounts. You can also review your code for the malware. Our investigations indicate that the malware typically includes the text, “onepage|checkout” and resides in one of two places: Kindly implement the patches or upgrades referred below:
- Admin->Configuration->General->Design->HTML Head->Miscellaneous Scripts, or
- Admin->Configuration->General->Design->Footer-> Miscellaneous HTML
If you are infected, please take immediate steps to remove this malware and review your code for any other changes of unknown origin. As per best practices, you should also remove any unknown Admin accounts and update all Admin passwords to prevent further access to the site. If you required technical assistance that can do the needful on your behalf, please contact us. This is another reminder of the importance of following strong security practices. Please review and follow the security best practices posted on the Magento Security Center. For any kind of assistance while installing patches on your webstore please feel free to contact us any time without any second thoughts. If you need assistance with this procedure please contact us immediately and we will assign one of our Magento developers to assist. This is the highest priority issue and must be checked. We will update you as we get more information.
Related Post
.webp)
June 22, 2026London Mayor Announces £12M AI Support Package for SMEs
London's £12M AI support package aims to help SMEs adopt AI and boost productivity. Discover why AI readiness is the key to successful AI adoption and long-term business growth.
Keep Reading
May 26, 2026Bankim Chandra Wins Best CEO in AI, Cybersecurity, IT & Tech at the Best CEO Awards Europe
Bankim Chandra, founder of Dotsquares, was recognised at the Best CEO Awards Europe 2026 for leadership in AI, Cybersecurity, IT & Tech.
Keep Reading
March 31, 2026Celebrating Our "Highly Commended" AI/ML Security Award
Dotsquares wins “Highly Commended” for AI & Security at the 2026 awards. Discover how we build AI and ML solutions with a strong focus on security and real-world impact.
Keep Reading