Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Pay Pal IPN Hack Attack!


thatsmagic

Recommended Posts

Hi there,

 

Iv been asked by a friend to have a look at his oscommerce site as he has a paypal module installed, the problem being the IPN address keeps being changed to a hacker.

 

Im fairly new to oscommerce so thought id ask if any of you guys have had this happen and how to go about stopping it.

 

Iv emailed his hosting company, and basically recieved a rather short reply of 'its not us its you'. - Helpful i know.

 

So i throw it open to your superior wisdom!

Link to comment
Share on other sites

  • 2 weeks later...
Hi there,

 

Iv been asked by a friend to have a look at his oscommerce site as he has a paypal module installed, the problem being the IPN address keeps being changed to a hacker.

 

Im fairly new to oscommerce so thought id ask if any of you guys have had this happen and how to go about stopping it.

 

Iv emailed his hosting company, and basically recieved a rather short reply of 'its not us its you'. - Helpful i know.

 

So i throw it open to your superior wisdom!

 

 

Ive had exactly the same problem and exactly the same response! if anyone could shed any light i would be most appreciative, if thats a word!

Link to comment
Share on other sites

Someone keeps on changing the email address from the admin section?

If this is correct any idea how they are getting in?

 

 

No Idea!!

 

I really dont think that it is being done through the admin panel because we have changed all the logins numerous times and if it was im sure he would be getting up to more michevious crimes than that.

 

The hacker was a customer who signed up to our site. He requested a payment to Indonesion orphans then started changing the IPN.

 

At first it as to a non existant Paypal Email but now he is doing it ot an account that is taking the money for orders. We are literally having to check back every 5 minutes to see if he has changed it. He normally does it around 3am Uk time which is not ideal!

 

We have reason to believe he is somehow accessing it through the checkout, although this may not be true.

Link to comment
Share on other sites

Why don't you check your server logs.

 

To be honest none of this is my skill!

 

im just trying to piece together some info that i can fire at the Hosting company to look into it rather than 'no, you must have a virus because we are secure'.

Link to comment
Share on other sites

if this story is worth more than a pinch of salt and you are losing money, then i can't see why you have not (in addition to some suggestion above):

 

1. reported it to paypal;

2. hired someone who knows this business to look into it;

3. hardcoded the email address (ID) in the paypal module;

4. considered changing host to one that takes security seriously.

Ken

commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile).

over 20 years of computer programming experience.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...