1

When I log into Magento & get redirected to the dashboard, I see a QR code where once there was a chart. Has anybody ever experienced this? I can see that that the image itself refers to:

/dashboard/tunnel/key/

The problem is intermittent. Has anybody experienced this before? Am I losing my mind?

Edit: I can see that Google's API is referenced in app/code/core/Mage/Adminhtml/Block/Dashboard/Graph.php.

Round about line 40:

const API_URL = 'http://chart.apis.google.com/chart';

Could this be related to an issue with Google?

Edit 2: When scanning the QR code, it points to the following url: http://www.wisknow.com/books/?p=5556

Edit 3: I've spoken to Nexcess, and got the following response:

Your site has not been hacked. Magento uses google charts API and it appears they are having an issue. We are also seeing weird results with google images search. As soon as we get more details, we will update you.

asked Aug 26, 2014 at 13:14
4
  • from the description and as it does not affect everyone, it sounds like the Network, not the server got hacked/redirected Commented Aug 26, 2014 at 14:08
  • A good example of why linking to external potentially untrusted content in the admin backend of any web application is a "Realy Bad Idea (tm)". Commented Aug 26, 2014 at 20:27
  • @FiascoLabs, true that. One would like to think that a Google API could be trusted though, being the giants that they are. Commented Aug 27, 2014 at 6:05
  • oh they are, but if your request is intercepted before it reaches google like in this case, thats not much help Commented Aug 27, 2014 at 8:38

2 Answers 2

4

We are seeing this on several of our Magento sites this morning. It appears that someone has been able to intercept or modify the results of the google charts API call. We are looking into it and I'll update this with any info we find.

answered Aug 26, 2014 at 13:50
4
  • Currently we are only seeing these on our sites that are hosted at Nexcess. Commented Aug 26, 2014 at 14:00
  • The results of pinging chart.apis.google.com - Local results show 74.125.228.225 Nexcess shows 206.181.8.226 which seems to be owned by xo.net. Is that legit? Commented Aug 26, 2014 at 14:09
  • The QR code is now gone on our sites. Nexcess reported that it was a problem at Google. Pinging charts.apis.google.com on the effected servers now shows the proper Google IP address. Wonder what happened? Commented Aug 26, 2014 at 14:20
  • 1
    Nexcess informed me that a Google employee did mention it was an issue on their side. It is resolved now. Commented Aug 27, 2014 at 8:42
2

This seem to be a google chart issue, where "they" are replacing the dashboard graph with a qr code.

According to our magento hosting company, alot of other user are also having issue.

answered Aug 26, 2014 at 13:26

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.