Post by JNeuhoff » Sun Feb 21, 2021 12:34 am

Just a brief warning: It looks like the opencart.com website has been compromised, currently there is a spammer posting messages on the OpenCart marketplace comments sections for most extensions, see for example below screenshot. For the extension authors please check your comments sections, perhaps it may also be a good idea to get in touch with the OpenCart support on this, too.

Attachments

Screenshot_2021-02-20_16-22-51.png

spam messages in comments section - Screenshot_2021-02-20_16-22-51.png (80.44 KiB) Viewed 1374 times

Last edited by JNeuhoff on Wed Mar 17, 2021 11:55 pm, edited 1 time in total.

User avatar
Expert Member

Posts

Joined
Wed Dec 05, 2007 3:38 am


Post by straightlight » Sun Feb 21, 2021 1:07 am

Yes, it has been noticed. However, this warning should be posted on Github as well to ensure Daniel is notified about it.

The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.


Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by Johnathan » Sun Feb 21, 2021 11:03 pm

I've been reporting them to the OpenCart support team, and they're removing them after that, but they're a bit behind the spammer. Hopefully they'll implement new protections soon, so that this doesn't keep happening.

Image
Image Image Image Image


User avatar
Global Moderator

Posts

Joined
Fri Dec 18, 2009 3:08 am


Post by JNeuhoff » Tue Feb 23, 2021 9:42 pm

We reported it to the OpenCart support as well. At the moment, this spambot re-posts his spam message every day, sometimes every other hour.

I wonder why no other extension authors care about this.

Override Engine * Integrated VQMod * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Rich Snippets * Google Tag Manager * Export/Import Tool * SpamBot Buster * Survey Plus


User avatar
Expert Member

Posts

Joined
Wed Dec 05, 2007 3:38 am


Post by DigitCart » Tue Feb 23, 2021 10:01 pm

Hi

I've already reported it to the OpenCart support team too.
Today I've got many spam comments from a new spammer.

Attachments

new-spammer-in-town.png

new-spammer-in-town.png (22.75 KiB) Viewed 1283 times


My Extensions / DigitCart


User avatar
Active Member

Posts

Joined
Thu Jun 22, 2017 5:32 pm


Post by nickpapoutsis » Wed Feb 24, 2021 8:05 am

I have been deleting these for a couple of days now. They post 5-10 times per day across most of my extensions.

Since it's always the same thing, some text with a link (some times it's a cutt.ly short url which I have reported) it shouldn't be that hard to deploy countermeasures such as filtering for the exact link, limiting the number of times a user can post, disabling links in the comments, etc.

User avatar
Newbie

Posts

Joined
Mon Mar 25, 2019 7:49 am

Post by Naheed » Wed Feb 24, 2021 5:30 pm

JNeuhoff wrote:
Sun Feb 21, 2021 12:34 am
Just a brief warning: It looks like the opencart.com website has been compromised, currently there is a spammer posting messages on the OpenCart marketplace comments sections for most extensions, see for example below screenshot. For the extension authors please check your comments sections, perhaps it may also be a good idea to get in touch with the OpenCart support on this, too.
Yes, you are right, I have seen this issue also on other pages too.
I don't know but still, Opencart is unable to stop this spamming.
As @johnathan has stated new protections are in pipeline and it
will be tackled very soon.

User avatar
Active Member

Posts

Joined
Mon Aug 10, 2020 11:19 pm

Post by JNeuhoff » Sat Feb 27, 2021 1:54 am

Today there were 2 new messages from the same spammer, they are probably also there on all of the OC extensions comments sections.

Come on, OpenCart, a simple anti-spambot tool or captcha will do, it's not that hard to implement!

Override Engine * Integrated VQMod * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Rich Snippets * Google Tag Manager * Export/Import Tool * SpamBot Buster * Survey Plus


User avatar
Expert Member

Posts

Joined
Wed Dec 05, 2007 3:38 am


Post by JNeuhoff » Sun Feb 28, 2021 10:30 pm

Also now sent a complaint to abuse at namecheap dot com who is the domain name registrar for this spammer.

Update: It seems above domain name registrar namecheap.com is unwilling to take any actions against this spammer and thief. Hence I can only advise users to stay away from this dodgy name registrar. Also stay away from the spammer's webhost which is:

Verdina Ltd.
WHOIS information:
Organization name: BlueAngelHost
IP address: 85.217.222.146
AS(autonomous system) number and organization: AS201133 Verdina Ltd.
AS name: Verdina
Reverse DNS of the IP:
City: Sofia
Country: Bulgaria

Override Engine * Integrated VQMod * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Rich Snippets * Google Tag Manager * Export/Import Tool * SpamBot Buster * Survey Plus


User avatar
Expert Member

Posts

Joined
Wed Dec 05, 2007 3:38 am


Post by JNeuhoff » Sat Mar 06, 2021 11:03 pm

The same spammer has now posted more than 60 messages during the past hour on the OpenCart comments section for a number of extensions.
It's time for a proper anti-spambot tool to be implemented on the OpenCart site.

Override Engine * Integrated VQMod * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Rich Snippets * Google Tag Manager * Export/Import Tool * SpamBot Buster * Survey Plus


User avatar
Expert Member

Posts

Joined
Wed Dec 05, 2007 3:38 am


Post by mikeinterserv » Sat Mar 13, 2021 4:35 am

Registry Registrant ID:
Registrant Name: Eslam Hosny
Registrant Organization: Only3.club
Registrant Street: abdelnaser street Apt 4 masjed alnor st friend tower
Registrant City: alexandria
Registrant State/Province: Egypt
Registrant Postal Code: 12345
Registrant Country: EG
Registrant Phone: +20.1126891977
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: Only3.club@gmail.com
Registry Admin ID:
Admin Name: Eslam Hosny
Admin Organization: Only3.club
Admin Street: abdelnaser street Apt 4 masjed alnor st friend tower
Admin City: alexandria
Admin State/Province: Egypt
Admin Postal Code: 12345
Admin Country: EG
Admin Phone: +20.1126891977
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: Only3.club@gmail.com
Registry Tech ID:
Tech Name: Eslam Hosny
Tech Organization: Only3.club
Tech Street: abdelnaser street Apt 4 masjed alnor st friend tower
Tech City: alexandria
Tech State/Province: Egypt
Tech Postal Code: 12345
Tech Country: EG
Tech Phone: +20.1126891977
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: Only3.club@gmail.com
Name Server: ns1.Only3.club
Name Server: ns2.Only3.club
DNSSEC: unsigned

Active Member

Posts

Joined
Thu May 28, 2020 6:55 am
Location - Wales

Post by JNeuhoff » Sat Mar 13, 2021 11:22 pm

Where did you get these details from? Whenever I try a whois query it returns an entry where most fields contain 'REDACTED FOR PRIVACY'.

Anyway, this spammer/thief keeps posting in the comments section every afternoon, today under the user names 'only989$$. 'XX(only3club)XX', and 'only63$$$', he changes his user names every day.

What I don't understand is that none of the OpenCart extension authors care about this spammer selling their software stolen from the OpenCart marketplace.
Some of these stolen extension items include:

- Multivendor Multi seller/supplier Marketplace [2020] by webkul
- Tmd import and export Multilanguage (1.5.x , 2.x & 3.x) by ashwani_multi
- Quick Checkout / Onepage Checkout by modulepoints
- AJAX Filter PRO with SEO Links (Must Have for Google) by Dreamvention
etc, an almost endless list!

Also, why is opencart.com refusing to install a proper captcha or anti-spambot tool for the comments section? This makes the OpenCart marketplace look amateurish.

Override Engine * Integrated VQMod * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Rich Snippets * Google Tag Manager * Export/Import Tool * SpamBot Buster * Survey Plus


User avatar
Expert Member

Posts

Joined
Wed Dec 05, 2007 3:38 am


Post by mikeinterserv » Mon Mar 15, 2021 12:07 am

There is something very odd about this situation.

A: opencart is going downhill and nobody is paying attention or cares
B: opencart has been paid to ignore these comments (very doubtful)
C: opencart has not got the technical expertise to deal with it ( NONSENSE ) I will give my time free if they want it and so I imagine would others.
D: Like many things in the world today nobody cares ( extension developers, opencart, etc etc. Everybody is too busy with the FAKE caring about this and that.

Active Member

Posts

Joined
Thu May 28, 2020 6:55 am
Location - Wales

Post by JNeuhoff » Mon Mar 15, 2021 2:18 am

Well, it always starts at 3pm (GMT). Today's user names of this spammer/thief are: 'adminiuyiujk' and 'only3$6$$'.

Override Engine * Integrated VQMod * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Rich Snippets * Google Tag Manager * Export/Import Tool * SpamBot Buster * Survey Plus


User avatar
Expert Member

Posts

Joined
Wed Dec 05, 2007 3:38 am


Post by clicker.extensions » Mon Mar 15, 2021 4:55 am

Looks like nobody cares. This spammer is there for about a year.

Daniel seems to have no time to control everything, and he does not even hire new personal to handle a growing Marketplace.

Latest OC3 updates get more bugs than fixes. He could not release a modification fix for 3.0.3.6 for 8 months. 10 lines of code. 8 months. Facepalm.

Neither he has enough time and personal for new OC versions. OC3.1 which turned into OC4 is a never-ending project for two years.

It's sad to watch this :(

New member

Posts

Joined
Sat Aug 31, 2019 4:24 pm

Post by clicker.extensions » Mon Mar 15, 2021 4:57 am

By the way, notifications about comments on extension page are not working.
Looks like this system is down after attack.

At least they could hide a website behind a Cloudflare recaptcha during attacks. 5 minutes to setup this. Not a best solution, can break some APIs, but fast and free.

New member

Posts

Joined
Sat Aug 31, 2019 4:24 pm

Post by JNeuhoff » Mon Mar 15, 2021 11:18 pm

It's Monday afternoon (GMT), and this thief/spammer is flooding the comments section again, today under the names 'only565$$' and 'demodfdfd'.

Override Engine * Integrated VQMod * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Rich Snippets * Google Tag Manager * Export/Import Tool * SpamBot Buster * Survey Plus


User avatar
Expert Member

Posts

Joined
Wed Dec 05, 2007 3:38 am


Post by JNeuhoff » Wed Mar 17, 2021 11:57 pm

It looks like OpenCart has finally resolved the issue with this spammer, so I mark it this forum thread title as RESOLVED.

Override Engine * Integrated VQMod * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Rich Snippets * Google Tag Manager * Export/Import Tool * SpamBot Buster * Survey Plus


User avatar
Expert Member

Posts

Joined
Wed Dec 05, 2007 3:38 am

Who is online

Users browsing this forum: No registered users and 1 guest