Post by freshfitz » Tue Nov 07, 2017 10:49 pm

We are on opencart 2.0.1.1. We have stores setup for school stores and we got a call from a school saying 2 people got their credit card info stolen hours after they placed an order. Both orders came from the same IP so we figured they used a computer with a keystroke program on them. We just got another call from another school that they had the same thing their credit card was used in Germany hrs after they placed an order. Nothing in the code looks suspicious. I ran a scan for base64 code. We are using an SSL with auth.net AIM. How could this happen when the store does not even store credit cards. They would have to scrape the transmission from our server to authnet. Isn't that encypted also?

Newbie

Posts

Joined
Fri Jun 17, 2016 11:33 pm

Post by thekrotek » Tue Nov 07, 2017 10:58 pm

Not related to OpenCart. Like at all.

Professional OpenCart extensions, support and custom work.
Contact me via email or Skype by support@thekrotek.com


User avatar
Expert Member

Posts

Joined
Sun Jul 03, 2016 12:24 am


Post by freshfitz » Wed Apr 18, 2018 2:32 am

After yet another hack, I did end up finding code in authorizenet_aim.php that had an email address injected and the cart was emailing cc info to a foreign email

Newbie

Posts

Joined
Fri Jun 17, 2016 11:33 pm
Who is online

Users browsing this forum: No registered users and 156 guests