Post by KoalaBear » Mon Apr 24, 2017 10:11 pm

Hi guys,

I am object of blackmailing of hackers.

Recently they had downloaded my entire orders table with all of my customer information. It look like this:

Code: Select all

Array
(
    [1] => Array
        (
            [order_id] => 
            [firstname] => 
            [lastname] => 
            [email] => 
            [telephone] => 
            [payment_city] => 
            [total] => 
            [ip] => 
            [date_added] => 
        )

    [2] => Array
      ...
      
Any thoughts what might be the problem? How I can secure my website?

I am using OpenCart 2.0.3.1 Any help will be much appreciated.

Newbie

Posts

Joined
Mon Apr 24, 2017 10:04 pm

Post by IP_CAM » Wed Apr 26, 2017 6:43 am

well, this would be a Job for a real Pro, nobody else would be able to know.
But it's sure not an OpenCart Problem, it could by anything, even your own PC,
enabling someone else to access your site backdoor and/or Server.
Good Luck !
Ernie

My Github OC Site: https://github.com/IP-CAM
5'200 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.


User avatar
Legendary Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by KoalaBear » Wed Apr 26, 2017 7:42 am

IP_CAM wrote:
Wed Apr 26, 2017 6:43 am
well, this would be a Job for a real Pro, nobody else would be able to know.
But it's sure not an OpenCart Problem, it could by anything, even your own PC,
enabling someone else to access your site backdoor and/or Server.
Good Luck !
Ernie
Thank you, Ernie. I am able to pay to a security expert, so if anyone is a real pro, please PM me.

Newbie

Posts

Joined
Mon Apr 24, 2017 10:04 pm

Post by bccoop » Wed Apr 26, 2017 1:27 pm

I guess at this point you are asking about how to better secure your site moving forward since you said hackers already have your customer information in their hands.
How have you secured your site? Do you utilize database encryption (opencart's is weak, but be sure to configure your encryption key anyway) or website firewalls (cloudbric or modsecurity)?
Or do you code your security -- and in that case have you already secured your folders (/admin/, /system/, /catalog/, /image/) and modified your directory paths (for HTTP_SERVER, HTTPS_SERVER, DIR_APPLICATION, DIR_LANGUAGE, DIR_TEMPLATE)?
I don't know how you've been protecting your site (and which parts of your site) and so it's hard to suggest what you could do better..

Newbie

Posts

Joined
Wed Apr 26, 2017 10:26 am

Post by ADD Creative » Thu Apr 27, 2017 12:53 am

If you haven't already change your passwords for all admin users.

Check your files on your server have not been modified by comparing against a clean download.

Make sure you currently have JSON support enabled on your hosting. Check with phpinfo.

Look through your web server logs for anything suspicious.

www.add-creative.co.uk


Expert Member

Posts

Joined
Sat Jan 14, 2012 1:02 am
Location - United Kingdom
Who is online

Users browsing this forum: No registered users and 48 guests