Our shop get repeatedly infected with a "crypto-miner" malware. Its a javascript code that mines cryptocurrency on the client's CPU.
Everytime this happens I can find and remove the code in the Backend under:
System->General->Design->HTML Head->Miscellaneous Scripts
We use Magento 1.9.3.7 with the latest security patches. I also changed the admin password but it doesn't help.
I would like to know how to prevent these attacks to happen again.
Best Answer
Even if you use Magento with all latest patches, it's possible you are using some outdated/exploitable 3rd party extensions.
It's important to find out when and where things go wrong, so maybe try to look through webserver access/error logs, change passwords etc.
I've seen a similar case with a fully patched Magento shop which had code injected in HTML header/footer via Magmi because the DB credentials where accessible via browser.
Good luck!