Page 1 of 1

My opencart was hacked

Posted: Fri May 13, 2016 4:25 pm
by hmarcelino
Hi friends,

i have an testing opencart online (constructing and test the site) but yesterday it was hacked by "KingSkrupellos EtikTurk Digital Security Technological Islamic Army". Do you know this hacker team? Do you have idea what they use to hack my site?

I dunno how to start to try to protect the site and if i doesnt do nothing it will happen again.

If someone know whats happened and know what can i do it will be great. Thanks a lot!



They write this on site:

Message removed

Re: My opencart was hacked

Posted: Fri May 13, 2016 7:01 pm
by paulfeakins
I'm glad they did no harm.

You might want to have a read of this:
http://www.antropy.co.uk/blog/securing-opencart/

Re: My opencart was hacked

Posted: Tue Aug 23, 2016 5:04 am
by lovol2
I got hacked too, you're lucky it didn't cost you £2000 like it did me.

(see here http://forum.opencart.com/viewtopic.php ... 56#p635256 )

I'm working on mod that will email you when you are hacked (any files changed/updated/added to your system)

This seems to be the only way to get notified of when things are changed without your knowledge!

Would you be interested in this? I doubt it, most people don't like paying for anti virus, or insurance, but having been stung for £2000 by VISA so far, I don't mind paying a bit more to ensure it doesn't happen again... or at least I get notified and I can fix it!)

Re: My opencart was hacked

Posted: Tue Aug 23, 2016 6:04 am
by labeshops
paulfeakins wrote:I'm glad they did no harm.

You might want to have a read of this:
http://www.antropy.co.uk/blog/securing-opencart/
I used to rename my admin folder but I understand this causes issues in v2?

Re: My opencart was hacked

Posted: Tue Aug 23, 2016 9:41 am
by IP_CAM
the same probably happen to geniuos MaxD:
http://openshop.org.ua/

Ernie

Re: My opencart was hacked

Posted: Tue Sep 06, 2016 9:14 pm
by web-project
do you store the opencart on shared hosting or VPS, I do believe that firewall protection should be installed on any hosting and some .htaccess code is available to prevent any hacks of opencart or oscommerce (i know it's different software).

Under any circumstance you not supposed to store customer credit card details on your server, as transactions should be processed:
1) Offline via phone
2) Online - captured and authorised sales

If you wish to have the customer credit/debit cards stored use online payment gateway such as Stripe and only this way you will not get fines from Visa or MasterCard for storing the payment details