Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

My Oscommerce email got hack, please help


ken0306

Recommended Posts

Hi, I recently found out that my oscommerce email got hack, every time my shopping cart send email to customer, the server send another spam email out. here is the deferred message header I got from the server

Received: by xxxxxxx.onlinehome-server.com (Postfix, from userid 502)

id 723FEC00139; Thu, 9 May 2013 03:14:50 -0400 (EDT)

To: "....No skills required to get started" <pozsonyij@@aaa.com>

Subject: Your friend ....Get paid $25 for each email you process................................................................. has recommended this great product from XXX Store

From: "....Get paid $25 for each email you process................................................................." <[email protected]>

MIME-Version: 1.0

X-Mailer: osCommerce Mailer

Content-Type: multipart/alternative;

boundary="=_015e731f66e8651590a4a7031e40dc64"

Message-Id: <20130509071450.723FEC00139@@xxxxxxxxxx.onlinehome-server.com>

Date: Thu, 9 May 2013 03:14:50 -0400 (EDT)

 

It only happen when there are some activate in my shopping cart, such as order status update, submit order.

 

can someone point me the right direction where to find the hack file? and which file that control shopping cart's email

thank you

ken

Link to comment
Share on other sites

I run another test with my site with difference language( default is english). it doesn't send out the spam mail.

would this narrow down the problem?

Link to comment
Share on other sites

The easiest way is to clear your site of any malicious code. You can do this file by file, or you could delete the complete site from the server and upload a known good backup. Your hosts may be able to help with this if they have a good clean backup. You have kept backups right.

REMEMBER BACKUP, BACKUP AND BACKUP

Link to comment
Share on other sites

The easiest way is to clear your site of any malicious code. You can do this file by file, or you could delete the complete site from the server and upload a known good backup. Your hosts may be able to help with this if they have a good clean backup. You have kept backups right.

 

I did a weekly backup, I am not sure how long has it been hack. so I may have to check the file one by one.

ken

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...