Post by OSWorX » Sat Nov 29, 2014 1:38 am

While that did not happend until yet (or I did not hear until today), it could happen very soon also with OpenCart scripts which are not from official sources, meaning so called 'nulled' scripts which are existing and available from different websites.

First I have to say if someone infects his own webserver / webshop with such a 'virus/worm/etc.' I have no sympathy with this guy.
It is his own fault if he install scripts form suspicious servers/services!

But - and this is the main fact - these servers are a potential risk for every customer who comes to your shop and want to buy products.
In the worst scenario these morons are giving customer data away (in sending them in the background to someone else).

The conclusio is: get templates, modules, extensions only from official websites!
There are too many stupid scriptkiddies out there who are trying to damage.

If you are not able to spend a few bucks for an extension, a template you are not qualified to operate a webshop.

The following article is in German:
http://www.heise.de/security/meldung/Cr ... 67962.html

But here is the pdf to read in English:
https://foxitsecurity.files.wordpress.c ... srt-v4.pdf

And here is a official script of the company who detected that bot to check if your server is compromised:
https://github.com/fox-it/cryptophp/tree/master/scripts

Full Stack Web Developer :: Dedicated OpenCart Development & Support DACH Region
Contact for Custom Work / Fast Support.


User avatar
Guru Member

Posts

Joined
Mon Jan 11, 2010 10:52 pm
Location - Austria
Who is online

Users browsing this forum: No registered users and 22 guests