JUL 11 2017

Magento redirects to another site


July 10, 2017: We are receiving reports about massively infected Magento sites with Javascript redirect malware to one of the following sites:





To this time, it seems like caused by old unpatched vulnerabilities, same as Guruincsite malware, so mitigation is very similar.


  • navigate in Backend to System > Configuration > Design > Footer > Miscellaneous HTML and System > Configuration > General > Design > HTML Head > Miscellaneous Script and delete all code there:
    Removing Malware code from footer in Magento
    Removing GuruIncSite Malware code from footer in Magento
  • IMPORTANT: Navigate to System > Magento Connect > Magento Connect Manager and check for updates. Update all third-party extensions, uninstall any non-used third-party extensions
  • delete any unknown users at System > Permissions > Users
  • Flush Magento cache to apply changes
  • Scan your store with our security tester and ensure store is safe, GuruIncSite Malware not found. If not, repeat the steps above (for other CMS pages / static blocks / extensions)
If you have any difficulties with removing this malware or have some additional details on the hack, please share this info in comments.

Posted in: Magento Maintenance

Magento redirects to another site
1 vote, 5.00 avg. rating (92% score)