My Opencart Hacked! Please Help :(

Quote

Post by soneria » Sun Apr 20, 2014 10:25 pm

Hello.
My opencart site hacked today.
Hacker access all customer accounts.
I have tried change ftp, admin, mysql password. but still waiting access accounts.
hacker access account change customer email address. Customers digital products steal accounts.
What can I do about this?
I would appreciate if you can help
soneria
Newbie
Posts
14
Joined
Sat Oct 23, 2010 2:45 am
Top

Re: My Opencart Hacked! Please Help :(

Quote

Post by billynoah » Sun Apr 20, 2014 10:44 pm

Contact your hosting provider. Change passwords. Make sure your new passwords are not easy to guess.

Image

billynoah
Active Member
Posts
762
Joined
Tue Jan 15, 2013 12:46 pm
Top

Re: My Opencart Hacked! Please Help :(

Quote

Post by soneria » Sun Apr 20, 2014 10:52 pm

my host VPS.
I have changed all passwords. FTP, Cpanel, sql and change all opencart admin user passwords.
Problem still continue.
soneria
Newbie
Posts
14
Joined
Sat Oct 23, 2010 2:45 am
Top

Re: My Opencart Hacked! Please Help :(

Quote

Post by billynoah » Sun Apr 20, 2014 10:54 pm

if your vps has been hacked, they might have uploaded ssh keys to circumvent password authentication. check ~/.ssh/authorized_keys and consider removing the above file.

Image

billynoah
Active Member
Posts
762
Joined
Tue Jan 15, 2013 12:46 pm
Top

Re: My Opencart Hacked! Please Help :(

Quote

Post by soneria » Sun Apr 20, 2014 11:42 pm

I checked. this folder empty

Image
soneria
Newbie
Posts
14
Joined
Sat Oct 23, 2010 2:45 am
Top

Re: My Opencart Hacked! Please Help :(

Quote

Post by billynoah » Mon Apr 21, 2014 12:53 am

did you check to see if they created another user? anyone with root access could have changed any password on your server or added users. You should disable login via password authentication and install keys for yourself.

Image

billynoah
Active Member
Posts
762
Joined
Tue Jan 15, 2013 12:46 pm
Top

Re: My Opencart Hacked! Please Help :(

Quote

Post by rph » Mon Apr 21, 2014 1:06 am

Have you confirmed whether it was the hosting account or OpenCart itself that was hacked? There is an exploit for older versions of OpenCart on certain hosting environments:

http://forum.opencart.com/viewtopic.php?f=20&t=98644

-Ryan

rph
Expert Member
Posts
4102
Joined
Fri Jan 08, 2010 5:05 am
Location - Lincoln, Nebraska
Top

Re: My Opencart Hacked! Please Help :(

Quote

Post by billynoah » Mon Apr 21, 2014 1:10 am

good point ryan, i perhaps wrongly assumed that since he was changing ftp and mysql passwords that he'd already confirmed it was a server hack.

Image

billynoah
Active Member
Posts
762
Joined
Tue Jan 15, 2013 12:46 pm
Top

Re: My Opencart Hacked! Please Help :(

Quote

Post by rph » Mon Apr 21, 2014 1:26 am

There are so many places a server can be exploited. It's a tough job. Honestly I'd shut the whole site down and run a full audit.

-Ryan

rph
Expert Member
Posts
4102
Joined
Fri Jan 08, 2010 5:05 am
Location - Lincoln, Nebraska
Top
Post Reply
Return to “General Support”
Who is online

Users browsing this forum: Amazon [Bot] and 24 guests