thatsmagic Posted January 7, 2009 Share Posted January 7, 2009 Hi there, Iv been asked by a friend to have a look at his oscommerce site as he has a paypal module installed, the problem being the IPN address keeps being changed to a hacker. Im fairly new to oscommerce so thought id ask if any of you guys have had this happen and how to go about stopping it. Iv emailed his hosting company, and basically recieved a rather short reply of 'its not us its you'. - Helpful i know. So i throw it open to your superior wisdom! Link to comment Share on other sites More sharing options...
mcnulty85 Posted January 15, 2009 Share Posted January 15, 2009 Hi there, Iv been asked by a friend to have a look at his oscommerce site as he has a paypal module installed, the problem being the IPN address keeps being changed to a hacker. Im fairly new to oscommerce so thought id ask if any of you guys have had this happen and how to go about stopping it. Iv emailed his hosting company, and basically recieved a rather short reply of 'its not us its you'. - Helpful i know. So i throw it open to your superior wisdom! Ive had exactly the same problem and exactly the same response! if anyone could shed any light i would be most appreciative, if thats a word! Link to comment Share on other sites More sharing options...
FIMBLE Posted January 15, 2009 Share Posted January 15, 2009 Someone keeps on changing the email address from the admin section? If this is correct any idea how they are getting in? Sometimes you're the dog and sometimes the lamp post [/url] My Contributions Link to comment Share on other sites More sharing options...
mcnulty85 Posted January 15, 2009 Share Posted January 15, 2009 Someone keeps on changing the email address from the admin section?If this is correct any idea how they are getting in? No Idea!! I really dont think that it is being done through the admin panel because we have changed all the logins numerous times and if it was im sure he would be getting up to more michevious crimes than that. The hacker was a customer who signed up to our site. He requested a payment to Indonesion orphans then started changing the IPN. At first it as to a non existant Paypal Email but now he is doing it ot an account that is taking the money for orders. We are literally having to check back every 5 minutes to see if he has changed it. He normally does it around 3am Uk time which is not ideal! We have reason to believe he is somehow accessing it through the checkout, although this may not be true. Link to comment Share on other sites More sharing options...
FIMBLE Posted January 15, 2009 Share Posted January 15, 2009 dont see how he can, more likely he has hacked into your site, might be worth changing your database names also, sounds serious. Hard to say with out looking, check for any files you do not recognise. What is your URL? Nic Sometimes you're the dog and sometimes the lamp post [/url] My Contributions Link to comment Share on other sites More sharing options...
burt Posted January 15, 2009 Share Posted January 15, 2009 Why don't you check your server logs. Link to comment Share on other sites More sharing options...
mcnulty85 Posted January 15, 2009 Share Posted January 15, 2009 Why don't you check your server logs. To be honest none of this is my skill! im just trying to piece together some info that i can fire at the Hosting company to look into it rather than 'no, you must have a virus because we are secure'. Link to comment Share on other sites More sharing options...
GemRock Posted January 15, 2009 Share Posted January 15, 2009 if this story is worth more than a pinch of salt and you are losing money, then i can't see why you have not (in addition to some suggestion above): 1. reported it to paypal; 2. hired someone who knows this business to look into it; 3. hardcoded the email address (ID) in the paypal module; 4. considered changing host to one that takes security seriously. Ken commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile). over 20 years of computer programming experience. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.