Problem of rogue credit card form, woocommerce hacked

I have hidden the checkout with css, you have to display block on .woocommerce to show it thank you

Hi @riccardo644

Thanks for reaching out!

I have hidden the checkout with css, you have to display block on .woocommerce to show it thank you

I’m glad you were able to find a solution to your inquiry here and thanks for sharing it with the community too! ??

Meanwhile, I checked the rogue credit card form, however, I’m only seeing a white page on my end here.

Additionally, I checked your site, added a product to my cart, checked the Checkout page and the rogue credit card form was not opened on my end.

Should you wish to investigate this further, please share your System Status Report that you can find via WooCommerce > Status. Select Get system report and then Copy for support. Once you’ve done that, you can paste it into your reply here.

Thanks!

Hi @xue28,

Chiming in here as we referred @riccardo644 to the WooCommerce support team. We figured that maybe you have seen this behavior reported before.
The regular payment methods (including the PayPal Payments specific gateways) from linked site should look like this.

Before implementing the workaround with CSS, all WooCommerce gateways were overridden by this card form after a short delay.
So buyers could only use this credit card form which, to our knowledge, is not coming from any payment plugin.

We have seen this exact behavior and card form fields a while back. In that case, an unknown actor modified WooCommerce core plugin files without the knowledge of the store owner. Reinstalling WooCommerce resolved the problem, as the code that inserted these card fields was inside of WooCommerce template files.

There is certainly some unwanted code somewhere on the site that results in these card fields. But from a glance, we haven’t been able to pinpoint it.
So performing a full conflict test to isolate the cause of it to the theme or a different plugin can help. This includes activating the default theme Storefront and disabling all other plugins except for?WooCommerce to see if the behavior persists.

Here’s a guide that explains the steps in more detail: How to test for conflicts
I hope this helps isolate the origin of these card fields.

Kind regards,
Niklas

Hi there @niklasinpsyde ??, thanks for chiming in.

we referred @riccardo644 to the WooCommerce support team. We figured that maybe you have seen this behavior reported before.

From what I gather, the other thread is linked here. Correct?

I’m afraid I have not come across such a case, yet. I’m glad re-installing WooCommerce did sort things out though.

Hi there @riccardo644 ??

Feel free to have a look at best practices, to avoid malware infections.

This page describes the steps we recommend you take, to protect your site and your personal data; as well as those of the store’s clients.

Additionally, I suggest you check out Jetpack Security. It offers real-time malware scanning, among other features.

I trust that points you in the right direction, but if you have more questions, let us know. We’re happy to help.

• This reply was modified 1 year, 11 months ago by anastas10s. Reason: added clarification
• This reply was modified 1 year, 11 months ago by anastas10s. Reason: typo