Post by Daniel » Thu May 24, 2018 10:12 pm

A few members have contacted me to tell me that they have recieved an email from a fake opencart site.

https://opencart.us.com/update

Do not install this software because your site will probably be hacked!

Not sure how they got so many emails but it was not from opencart.com.

This is the email
From: Update Alert <noreply@opencart.com>
Date: Thu, May 24, 2018 at 5:06 AM
Subject: Enquiry Update Alert
To: ***@*****.com


OpenCart Security Update 3.0.4 – Update Immediately

OpenCart Core version 3.0.4 has just been released.All previous versions of OpenCart core are vulnerable to RCE attacks.
To update OpenCart, please follow the link in this message.

https://opencart.us.com/update

Best Wishes,
Opencart Security Team

OpenCart®
Project Owner & Developer.
OpenCart commercial support now available!


User avatar
Administrator

Posts

Joined
Fri Nov 03, 2006 6:57 pm

Post by IP_CAM » Fri May 25, 2018 1:40 am

Well, that additional JS File might contain a problem, at least, if it's not part
of a latest default version ... :
update\catalog\assets\js\jquery-2.js
exept for the YANDEX - insert, with really should not be part of a default OC anyway ...
it could even be against latest EU Regulations :D
---
Image

Attachments

oc_update_clone.jpg

oc_update_clone.jpg (556.72 KiB) Viewed 1528 times


For Sale: Top URL's, including an OpenCart V-Pro Shop!
A wide range of matching Designs can be seen here: http://www.opencart.li
For Information on URL's offered, please contact me at: jti@jacob.ch
Hundreds of Mods in 380+ Repositories for OC v.1.5.x - v.2.3.x
to be found on my Github Site: https://github.com/IP-CAM
Image


User avatar
Legendary Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by Johnathan » Fri May 25, 2018 10:31 pm

Thanks for the warning, Daniel.

Image
Image Image Image Image


User avatar
Global Moderator

Posts

Joined
Fri Dec 18, 2009 3:08 am


Post by miklcct » Tue May 29, 2018 6:09 pm

DO NOT INSTALL ANYTHING FROM THAT RUSSIAN SITE OR ENTER ANY INFORMATION INTO IT!

I have checked the package, it will install a backdoor using obfuscated code and send the information to a gateway located at http://opencart.us.com/gate.php

Please report such mail as spam immediately when you receive it.

Administrator

Posts

Joined
Wed Mar 14, 2018 10:00 am

Post by billynoah » Wed May 30, 2018 12:27 am

The emails my clients received all came through the Contact Us form in older versions of Opencart (pre 2.0). Pretty sure there's a botnet scanning for Opencart sites and sending these emails. As Daniel suggested in our correspondence, it would be advisable to replace the older captcha with Google reCaptcha to prevent these and all kinds of other bot email scams.

For users of legacy versions I'm offering the attached vQmod for free to help remedy this exploit - it replaces older captcha with Google reCaptcha for Contact Form, Affiliate registration and Customer Registration. To use it you will need to register you site here to obtain keys:

https://www.google.com/recaptcha/admin

Settings to add your keys can be found in the system > settings > server tab.

Note: The attached software has been preliminarily tested on OC 1.5.6.4 using default theme. If you find a bug please report it here and I'll do my best to fix it in a timely manner. It should work out of the box with most third party themes, however if it doesn't and you need help you can post on the commercial support forums or email me directly for paid support.

Attachments


Image


User avatar
Active Member

Posts

Joined
Tue Jan 15, 2013 12:46 pm

Post by purpletreesoft » Tue Jun 19, 2018 12:55 pm

As on date it is a reported site and blocked by many AV. Things achieve their fate, even if slowly.

Purpletree Software LLP
New features launched for Multivendor Marketplace Extension


User avatar
New member

Posts

Joined
Thu Jun 22, 2017 10:17 pm


Post by ujjawal_77 » Sat Jul 07, 2018 1:42 pm

Why open developer use a auto version update feature like worldpress so that from admin itself, the latest version of opencart could be updated without taking all pain. Update scripts are not rebust and require much of technical knowledge.

Newbie

Posts

Joined
Sat Jul 07, 2018 1:36 pm

Post by funnykid » Tue Jul 24, 2018 2:29 pm

I too got spam mails from this website. Thanks god for not installing that software. Is that site blocked?

60% Off A2Hosting Coupons | 40% Off Wp Engine Coupons


Newbie

Posts

Joined
Sun Aug 13, 2017 7:37 pm

Post by IP_CAM » Thu Jul 26, 2018 10:04 am

why don't opencart developer use a auto version update feature like wordpress ...
If so, OpenCart Developers would have to strictly follow certain Rules, and Themes like Pavo, Journal,
e.t.c. would have to be re-designed in full, as well as a lot of other Code, to then meet such Requirements.

But OC does not have the Potential, and/or Manpower, to enforce such a policy, and as long as OC is still
a steady developing Project, they have to make sure, not to stay in their own way, but always be free, to
adapt, whatever is required, to latest Knowledge and Techniques.

But for those, looking for a 'final' Solution, to avoid such, OC offers Cloud Services, the latest way of
doing things. But unfortunately, that's no longer a Free Rider Solution, but just another commercial
Thing. And the only way, to somehow succeed, like in every other real Business around this planet.
It just has to be understud and accepted. And if not, Wordpress itself also comes for free, as I'm aware of,
one only has to pay for the Shop Mods ... :D
Ernie

For Sale: Top URL's, including an OpenCart V-Pro Shop!
A wide range of matching Designs can be seen here: http://www.opencart.li
For Information on URL's offered, please contact me at: jti@jacob.ch
Hundreds of Mods in 380+ Repositories for OC v.1.5.x - v.2.3.x
to be found on my Github Site: https://github.com/IP-CAM
Image


User avatar
Legendary Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland
Who is online

Users browsing this forum: No registered users and 6 guests