My website’s checkout was hacked this 4th time.
The hacker somehow modifies the following files:
- lib/web/jquery.js
- vendor/magento/framework/Interception/Interceptor.php
- vendor/magento/framework/Message/Session.php
and adds some kind of encrypted scripts and code, which hides all the payment methods and shows a custom credit card payment option.
I have tried multiple solutions:
- changing passwords (FTP/ssh/db/admin),
- making ssh access with a private key only,
- changing admin URL, and website folder permissions.
But still, he is able to hack again n again.
My hosting is on a managed server. I asked the hosting provider (since they have the root access) and they told me that it could be because of some kind of plugin (not sure).
What could be the possible solution? Please help. The upgrade to the latest magento is already in progress, but don’t know whether it would be the solution.
