Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

My Shop was hacked !

DazWilliams

By DazWilliams
in General Support

Recommended Posts

DazWilliams

DazWilliams

Posted
Posted

In the early hours of Saturday morning an email was sent (supposedly from our online shop) to all of our 5500 customers telling them they had won a free gift, and all they had to do was reply with a scanned in copy of their utility bill.

 

A lot of angry customers emailed telling us what had happened, and that we must of been hacked into. (Thats how we found out).

 

I have since replied to all of our customers telling them what has happened. A nightmare for us as we could lose alot of customers through this.

 

I have also changed all passwords, root, database, admin, ftp, etc..

 

We are using oscommerce v2.2........I would like to ask for your help please, to find out what to do next?

 

The hacker has registered 2 domain names that closely resemble ours, and they've used that as the reply to address on the email they sent out.

 

1) Who do i report this to?

2) How do i find out how they compromised dedicated server?

3) Did they use SQL Injection?

4) Nothing appears to have been deleted or tampered with

5) Should i try and secure the shopping cart or find a new one?

6) What else do i need to do?

 

 

Your help is greatly appreciated!

FIMBLE

FIMBLE

Posted
Posted
BUMP -

 

I'm just about to go live -

Should I be having second thoughts on OSC -

 

 

Ta

 

Nic

 

ANY package is going to be subject to hacker attacks, before the software is blamed attention should also be drawn to

the host, are they secure?

the user, do they use unsafe permissions on the site folders?

 

Any software package is going to protect you only so far, the user must take steps also.

There are loads of security add ons here to help you in this.

Many users use OSC and pass the PCI checks.

Nic

Sometimes you're the dog and sometimes the lamp post

[/url]

My Contributions

SpottyNic

SpottyNic

Posted
Posted

Sorry for the Blond moment ... what is a PCI check....

 

ta muchly

 

Nic

 

 

Added - Ah! found what you mean..... I just build em... not run them...

 

Payment Card Industry Data Security Standard

FWR Media

♥FWR Media

Posted
Posted
Sorry for the Blond moment ... what is a PCI check....

 

Added - Ah! found what you mean..... I just build em... not run them...

 

If I was a customer I'd be scared right about now.

Ultimate SEO Urls 5 PRO - Multi Language Modern, Powerful SEO Urls

 

KissMT Dynamic SEO Meta & Canonical Header Tags

 

KissER Error Handling and Debugging

 

KissIT Image Thumbnailer

 

Security Pro - Querystring protection against hackers ( a KISS contribution )

 

If you found my post useful please click the "Like This" button to the right.

Please only PM me for paid work.

Guest

Guest

Posted
Posted
In the early hours of Saturday morning an email was sent (supposedly from our online shop) to all of our 5500 customers telling them they had won a free gift, and all they had to do was reply with a scanned in copy of their utility bill.

 

A lot of angry customers emailed telling us what had happened, and that we must of been hacked into. (Thats how we found out).

 

I have since replied to all of our customers telling them what has happened. A nightmare for us as we could lose alot of customers through this.

 

I have also changed all passwords, root, database, admin, ftp, etc..

 

We are using oscommerce v2.2........I would like to ask for your help please, to find out what to do next?

 

The hacker has registered 2 domain names that closely resemble ours, and they've used that as the reply to address on the email they sent out.

 

1) Who do i report this to?

2) How do i find out how they compromised dedicated server?

3) Did they use SQL Injection?

4) Nothing appears to have been deleted or tampered with

5) Should i try and secure the shopping cart or find a new one?

6) What else do i need to do?

 

 

Your help is greatly appreciated!

 

Sounds familiar.

 

Get rid of your customer_testimonials.php files and this contribution or use the latest version.

Have a look in your log files and you will see the statement in the browser that they used just before the time or date it occured.

I think this was very wide spread.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...