Hello guys,
I have been working on a new website the last few days and everything was going great, until yesterday. Suddenly when I was viewing the front end of the website I got a message that it is trying to connect something identified as "Trojan:HTML/Brocoiner!rfn" apparently this is a program that attaches itself to the website and proceeds to use its users pcs to mine some sort of concurrency. There is a lot of info out there for how to remove it from pc but none on where it might be hiding on a server. Weird thing is I haven't uploaded any new modules or themes on the ftp only a few media files. However neither my friends nor I got that antivirus message before yesterday. Sucuri SiteCheck doesn't seem to find anything wrong.
Are you talking about a problem, related to some unknown yet OpenCart Version,Weird thing is I haven't uploaded any new modules or themes
or is this about your regular Website, and some Media-Files, you added ?
And did you check those Media Files first, to make sure, they're clean ?!
Ernie
My Github OC Site: https://github.com/IP-CAM
5'200 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.
Hello,
This is a regular 2.3.0.2, I didn't check all the media files but they were just pictures. Using notepad++ I found unwanted code linked to coinhive in header.tpl both in the default and my theme, I removed the code and people stopped getting a message and the site stopped abusing my processor as soon as I open it.
However there must still be something left because as soon as I change anything on the site through admin panel or through ftp the unwanted code is back in header.tpl, anyways this is how far I've gotten I'll post here if I find a complete fix to the problem.
This is a regular 2.3.0.2, I didn't check all the media files but they were just pictures. Using notepad++ I found unwanted code linked to coinhive in header.tpl both in the default and my theme, I removed the code and people stopped getting a message and the site stopped abusing my processor as soon as I open it.
However there must still be something left because as soon as I change anything on the site through admin panel or through ftp the unwanted code is back in header.tpl, anyways this is how far I've gotten I'll post here if I find a complete fix to the problem.
Well, it might be a regular v.2.3.0.2, but you possibly added some Mods,
or then, you use other Code like Wordpress e.t.c., on the same Server.
But without real Data, it's just filling useless topics...
Ernie
or then, you use other Code like Wordpress e.t.c., on the same Server.
But without real Data, it's just filling useless topics...
Ernie
My Github OC Site: https://github.com/IP-CAM
5'200 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.
Who is online
Users browsing this forum: No registered users and 279 guests