Post by hmarcelino » Fri May 13, 2016 4:25 pm

Hi friends,

i have an testing opencart online (constructing and test the site) but yesterday it was hacked by "KingSkrupellos EtikTurk Digital Security Technological Islamic Army". Do you know this hacker team? Do you have idea what they use to hack my site?

I dunno how to start to try to protect the site and if i doesnt do nothing it will happen again.

If someone know whats happened and know what can i do it will be great. Thanks a lot!



They write this on site:

Message removed
Last edited by MarketInSG on Sun May 15, 2016 11:33 am, edited 1 time in total.
Reason: Sensitive message removed

Newbie

Posts

Joined
Fri May 13, 2016 4:19 pm

Post by paulfeakins » Fri May 13, 2016 7:01 pm

I'm glad they did no harm.

You might want to have a read of this:
http://www.antropy.co.uk/blog/securing-opencart/

UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk


User avatar
Guru Member
Online

Posts

Joined
Mon Aug 22, 2011 11:01 pm
Location - London Gatwick, United Kingdom

Post by lovol2 » Tue Aug 23, 2016 5:04 am

I got hacked too, you're lucky it didn't cost you £2000 like it did me.

(see here http://forum.opencart.com/viewtopic.php ... 56#p635256 )

I'm working on mod that will email you when you are hacked (any files changed/updated/added to your system)

This seems to be the only way to get notified of when things are changed without your knowledge!

Would you be interested in this? I doubt it, most people don't like paying for anti virus, or insurance, but having been stung for £2000 by VISA so far, I don't mind paying a bit more to ensure it doesn't happen again... or at least I get notified and I can fix it!)

New member

Posts

Joined
Wed Mar 24, 2010 6:41 am

Post by labeshops » Tue Aug 23, 2016 6:04 am

paulfeakins wrote:I'm glad they did no harm.

You might want to have a read of this:
http://www.antropy.co.uk/blog/securing-opencart/
I used to rename my admin folder but I understand this causes issues in v2?

Running Opencart v3.0.3.2 with multi-stores and the default template from https://www.labeshops.com which has links to all my stores.


User avatar
Expert Member

Posts

Joined
Thu Aug 04, 2011 4:41 am
Location - Florida, USA

Post by IP_CAM » Tue Aug 23, 2016 9:41 am

the same probably happen to geniuos MaxD:
http://openshop.org.ua/

Ernie

My Github OC Site: https://github.com/IP-CAM
5'200 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.


User avatar
Legendary Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by web-project » Tue Sep 06, 2016 9:14 pm

do you store the opencart on shared hosting or VPS, I do believe that firewall protection should be installed on any hosting and some .htaccess code is available to prevent any hacks of opencart or oscommerce (i know it's different software).

Under any circumstance you not supposed to store customer credit card details on your server, as transactions should be processed:
1) Offline via phone
2) Online - captured and authorised sales

If you wish to have the customer credit/debit cards stored use online payment gateway such as Stripe and only this way you will not get fines from Visa or MasterCard for storing the payment details

New member

Posts

Joined
Tue Sep 06, 2016 9:06 pm
Location - Stevenage, UK
Who is online

Users browsing this forum: No registered users and 52 guests