Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

alureon.s virus attacked a customer


guavatone

Recommended Posts

It seems that the alureon.s virus attacked a customer. and wiped his PC out.

 

I tested going to my site with a Virtual WIN XP SP2 image.

 

bam!! shortly after going to the site. BSoD!

Restarted and the desktop had the basic icons and a bogus window

appeared asking to scan system with some bogus tool.

 

 

 

I was using the following deterrents to hackers:

 

honeypot

KISS notification (only error log and images were changed)

IP Blocker to block IPs after 3 failed logins

used random name for my admin folder

 

 

I think it's version 2.2

my headers say " 1739 2007-12-20"

 

My permissions were pretty locked up except for the images folder.

 

The site is a subdomain with a a htacces file that points another level down into the catalog folder.

Link to comment
Share on other sites

Charles,

 

 

Did you apply all the security patches and install the required security contributions of v2.2 ??? Your site is obviously hacked and should be password protected until it is cleaned so it does not infect your customers computers.

 

 

 

Chris

Link to comment
Share on other sites

Linux

PHP 5.2.13

MySQL 5.0.92-community-log

Apache 2.2.15

 

I have renamed my catalog folder and users cannot go to the site for now.

 

I know there were various security add-ons, but I was not aware of any OScomerce patches.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...