Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Virus on my website


lauracone

Recommended Posts

Help if any one knows a fix for this problem please notify me at [email protected]

 

I haven't a clue how to fix the os commerce site and I don't want to do anything with the hosted site until this can get fixed.

 

Thanks a bunch

laura

 

Exploit file in Xp(1).htm

 

 

Ok the virus looks like it came from ip # 70.129.142(1).htm my husband just showed me how to find the virus file.

 

 

 

We have just confirmed the problem. AVG captured the virus on our end as well.

 

The root of the problem is the outdated version of osCommerce you have installed under your hosting account. Hackers managed to exploit a security flaw in osCommerce and gained virtually full access to your hosting account. They uploaded a web shell (/www/www/catalog/install1/admin.php; /www/www/catalog/install1/Admin.txt) which allowed them to make changes to your files. They included javascript code in several of your .htm files which actually call the virus.

 

The bad news is that the web site intrusion happened a long time ago and we do not have a backup from which we can restore a safe copy of your web site. We only keep our daily backups for seven days and the unauthorized access to your hosting account appears to have been gained a couple of months ago.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...