Magento Security Tool False Positive? prototype.js identified as compromise injection The Next CEO of Stack OverflowMagento Security Scan not able to verify siteMagento Security Scan : some of results are UNKNOWNMagento Security Scanner does not detect SUPEE-8788Magento 2 : Security Check Can Not be Verified!Having issue with Magento 2 security scan. Magento Compromise InjectionGetting errors in Magento 1.9.3 SECURITY SCAN - Total four error critical errorSecurity Scan returning an empty reportSecurity Scan supee-10415 false positive?Is there something mad going on with Magento critical vulnerability scanner

Should I tutor a student who I know has cheated on their homework?

Anatomically Correct Strange Women In Ponds Distributing Swords

Why didn't Khan get resurrected in the Genesis Explosion?

Sending manuscript to multiple publishers

Is it ever safe to open a suspicious html file (e.g. email attachment)?

Is micro rebar a better way to reinforce concrete than rebar?

How did the Bene Gesserit know how to make a Kwisatz Haderach?

I believe this to be a fraud - hired, then asked to cash check and send cash as Bitcoin

What connection does MS Office have to Netscape Navigator?

Is it professional to write unrelated content in an almost-empty email?

Is it possible to search for a directory/file combination?

What is the result of assigning to std::vector<T>::begin()?

Are there any limitations on attacking while grappling?

What flight has the highest ratio of time difference to flight time?

Real integral using residue theorem - why doesn't this work?

Solidity! Invalid implicit conversion from string memory to bytes memory requested

Received an invoice from my ex-employer billing me for training; how to handle?

Several mode to write the symbol of a vector

If Nick Fury and Coulson already knew about aliens (Kree and Skrull) why did they wait until Thor's appearance to start making weapons?

sp_blitzCache results Memory grants

How do I reset passwords on multiple websites easily?

Can we say or write : "No, it'sn't"?

How long to clear the 'suck zone' of a turbofan after start is initiated?

Can I equip Skullclamp on a creature I am sacrificing?



Magento Security Tool False Positive? prototype.js identified as compromise injection



The Next CEO of Stack OverflowMagento Security Scan not able to verify siteMagento Security Scan : some of results are UNKNOWNMagento Security Scanner does not detect SUPEE-8788Magento 2 : Security Check Can Not be Verified!Having issue with Magento 2 security scan. Magento Compromise InjectionGetting errors in Magento 1.9.3 SECURITY SCAN - Total four error critical errorSecurity Scan returning an empty reportSecurity Scan supee-10415 false positive?Is there something mad going on with Magento critical vulnerability scanner










2















Is anyone else having issues with Magento Security Tool Scanner?
https://account.magento.com/scanner/



Your site is compromised with injected JavaScript. (79)
The malicious code signature(s) has been found in resources:



/js/prototype/prototype.js
/js/prototype/validation.js
/js/scriptaculous/controls.js


I am getting this scan failure on 12 different magento sites so it must be a false positive. Yesterday all sites were passing the scanner. Today they all say they are compromised injected with malware.



All warnings on all sites are pointing to prototype.js






security-scan-tool







share|improve this question
























  • Having the same issue.

    – chirag
    Apr 16 '18 at 14:29















2















Is anyone else having issues with Magento Security Tool Scanner?
https://account.magento.com/scanner/



Your site is compromised with injected JavaScript. (79)
The malicious code signature(s) has been found in resources:



/js/prototype/prototype.js
/js/prototype/validation.js
/js/scriptaculous/controls.js


I am getting this scan failure on 12 different magento sites so it must be a false positive. Yesterday all sites were passing the scanner. Today they all say they are compromised injected with malware.



All warnings on all sites are pointing to prototype.js






security-scan-tool







share|improve this question
























  • Having the same issue.

    – chirag
    Apr 16 '18 at 14:29













2












2








2


2






Is anyone else having issues with Magento Security Tool Scanner?
https://account.magento.com/scanner/



Your site is compromised with injected JavaScript. (79)
The malicious code signature(s) has been found in resources:



/js/prototype/prototype.js
/js/prototype/validation.js
/js/scriptaculous/controls.js


I am getting this scan failure on 12 different magento sites so it must be a false positive. Yesterday all sites were passing the scanner. Today they all say they are compromised injected with malware.



All warnings on all sites are pointing to prototype.js






security-scan-tool







share|improve this question
















Is anyone else having issues with Magento Security Tool Scanner?
https://account.magento.com/scanner/



Your site is compromised with injected JavaScript. (79)
The malicious code signature(s) has been found in resources:



/js/prototype/prototype.js
/js/prototype/validation.js
/js/scriptaculous/controls.js


I am getting this scan failure on 12 different magento sites so it must be a false positive. Yesterday all sites were passing the scanner. Today they all say they are compromised injected with malware.



All warnings on all sites are pointing to prototype.js






security-scan-tool




security-scan-tool






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 42 mins ago









Teja Bhagavan Kollepara

3,01241949




3,01241949










asked Apr 3 '18 at 14:31









mpersingermpersinger

111




111












  • Having the same issue.

    – chirag
    Apr 16 '18 at 14:29

















  • Having the same issue.

    – chirag
    Apr 16 '18 at 14:29
















Having the same issue.

– chirag
Apr 16 '18 at 14:29





Having the same issue.

– chirag
Apr 16 '18 at 14:29










1 Answer
1






active

oldest

votes


















0














Run head against the files and tail and see if you have any base64 etc at the top or bottom. Don’t just edit in nano or something. It might be a false positive but most likely will be revealed by head command or tail.






share|improve this answer























    Your Answer








    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "479"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f220901%2fmagento-security-tool-false-positive-prototype-js-identified-as-compromise-inje%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    Run head against the files and tail and see if you have any base64 etc at the top or bottom. Don’t just edit in nano or something. It might be a false positive but most likely will be revealed by head command or tail.






    share|improve this answer



























      0














      Run head against the files and tail and see if you have any base64 etc at the top or bottom. Don’t just edit in nano or something. It might be a false positive but most likely will be revealed by head command or tail.






      share|improve this answer

























        0












        0








        0







        Run head against the files and tail and see if you have any base64 etc at the top or bottom. Don’t just edit in nano or something. It might be a false positive but most likely will be revealed by head command or tail.






        share|improve this answer













        Run head against the files and tail and see if you have any base64 etc at the top or bottom. Don’t just edit in nano or something. It might be a false positive but most likely will be revealed by head command or tail.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Apr 3 '18 at 20:04









        Timothy FrewTimothy Frew

        31929




        31929



























            draft saved

            draft discarded
















































            Thanks for contributing an answer to Magento Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f220901%2fmagento-security-tool-false-positive-prototype-js-identified-as-compromise-inje%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            HP P840 HDD RAID 5 many strange drive faiuresHP SmartArray P400: How to repair failed logical drive?Reusing Raid 5 Drive?reliably and automatically determine connection path of physical position of HDD from /dev/sdX device fileHow to replace failed drive in RAID 5 array in HP DL380 G4 serverQuestions on increasing RAID 5 arrayRaid 10, Logical device are missingHP Code 341 “Physical Drive State: Predictive failure. This physical drive is predicted to fail soon.”HPE 1.92TB SATA 6G Mixed Use SFF SSD very slow compared to SAS HDD HP disksHP drive array “ready for rebuild” (RAID5)Hard Disc Failure or RAID Glitch

            Image
            What is better - deleting a copy constructor as private or public? Had had (Is it a past perfect or past simple) Different outputs for `w`, `who`, `whoami` and `id` Why does a Star of David appear at a rally with Francisco Franco? How could a scammer know the apps on my phone / iTunes account? This word with a lot of past tenses If I can solve Sudoku, can I solve the Travelling Salesman Problem (TSP)? If so, how? Is honey really a supersaturated solution? Does heating to un-crystalize redissolve it or melt it? Employee lack of ownership Four married couples attend a party. Each person shakes hands with every other person, except their own spouse, exactly once. How many handshakes? How to make healing in an exploration game interesting Calculate the frequency of characters in a string Could the Saturn V actually have launched astronauts around Venus? HP P840 HDD RAID 5 many strange drive faiures Unnormalized Log Probability - RNN Does .bashrc contain syntax...
            Read more

            Jalkaväkirykmentti 49 (jatkosota) Sisällysluettelo Perustaminen | Keskittäminen | Komentaja(t) | Lähteet | NavigointivalikkoInfobox OKlaajentamalla

            Image
            Jatkosodan suomalaiset jalkaväkirykmentitSavon prikaati2. divisioona (jatkosota) ylimääräisistä kertausharjoituksistaPieksämäkiSulkavaPuumalaJuvaKangasniemiVirtasalmiHaukivuori2. divisioonaanjatkosodantalvisodanmäärävahvuuksiaII armeijakunnan18. divisioonalle Jalkaväkirykmentti 49 Rykmentin komentaja eversti Wahlbeck (edessä oikealla) ja hänen tykistökomentajansa everstiluutnantti Swendelin (Wahlbeckin takana) I pataljoonan komentopaikalla Äyräpään sillanpääasemassa. Toiminnassa 1941–1944 Valtio   Suomi Puolustushaarat Maavoimat Aselajit Jalkaväki Infobox OK Jalkaväkirykmentti 49 ( JR 49 ) oli Saimaan suojeluskuntapiirin perustama rykmentti. Se perustettiin 17. kesäkuuta 1941 annetun yleisen kutsun ylimääräisistä kertausharjoituksista jälkeen. Reserviläisistä muodostetun rykmentin perustamispaikkoina toimivat Pieksäm...
            Read more

            Can Not View Content Blocks due to require.js error - Magento 2 theme change Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) Announcing the arrival of Valued Associate #679: Cesar Manara Unicorn Meta Zoo #1: Why another podcast?get requirejs-config.js to load declared cdn's for jqueryOverride Magento/Checkout/view/frontend/web/js/view/shipping.js in custom theme not workingAdding Custom JS to Magento 2 Themerequire.js error on Magento 2Magento 2 require js throw errorMagento 2.1.2 regionUpdater js error on register.phtmlError loading popper.js on Magento 2 Theme (require js)requirejs error in my child themeIssue with bootstrap 4 in magento 2Magento 2 checkout page keeps on loading.In console,$.event.props is undefined in jquery.mobile.custom.js:44:2.How to clear that?Magento 2 Stuck on Checkout page

            Image
            Dominant seventh chord in the major scale contains diminished triad of the seventh? What is the meaning of new sigil in Game of Thrones Season 8 intro? Why aren't air breathing engines used as small first stages Do you forfeit tax refunds/credits if you aren't required to and don't file by April 15? How widely used is the term Treppenwitz? Is it something that most Germans know? How do I mention the quality of my school without bragging Does surprise arrest existing movement? Check which numbers satisfy the condition [A*B*C = A! + B! + C!] "Seemed to had" is it correct? Using et al. for a last / senior author rather than for a first author What do you call a phrase that's not an idiom yet? illegal generic type for instanceof when using local classes What are the possible ways to detect skin while classifying diseases? Identifying polygons that intersect with another layer using QGIS? Do I really need recursive chmod to restrict acce...
            Read more