OpenCart Community

Just a brief warning: It looks like the opencart.com website has been compromised, currently there is a spammer posting messages on the OpenCart marketplace comments sections for most extensions, see for example below screenshot. For the extension authors please check your comments sections, perhaps it may also be a good idea to get in touch with the OpenCart support on this, too.

Yes, it has been noticed. However, this warning should be posted on Github as well to ensure Daniel is notified about it.

I've been reporting them to the OpenCart support team, and they're removing them after that, but they're a bit behind the spammer. Hopefully they'll implement new protections soon, so that this doesn't keep happening.

We reported it to the OpenCart support as well. At the moment, this spambot re-posts his spam message every day, sometimes every other hour.

I wonder why no other extension authors care about this.

Hi

I've already reported it to the OpenCart support team too.
Today I've got many spam comments from a new spammer.

I have been deleting these for a couple of days now. They post 5-10 times per day across most of my extensions.

Since it's always the same thing, some text with a link (some times it's a cutt.ly short url which I have reported) it shouldn't be that hard to deploy countermeasures such as filtering for the exact link, limiting the number of times a user can post, disabling links in the comments, etc.

JNeuhoff wrote: ↑

Sun Feb 21, 2021 12:34 am

Just a brief warning: It looks like the opencart.com website has been compromised, currently there is a spammer posting messages on the OpenCart marketplace comments sections for most extensions, see for example below screenshot. For the extension authors please check your comments sections, perhaps it may also be a good idea to get in touch with the OpenCart support on this, too.

Yes, you are right, I have seen this issue also on other pages too.
I don't know but still, Opencart is unable to stop this spamming.
As @johnathan has stated new protections are in pipeline and it
will be tackled very soon.

Today there were 2 new messages from the same spammer, they are probably also there on all of the OC extensions comments sections.

Come on, OpenCart, a simple anti-spambot tool or captcha will do, it's not that hard to implement!

Also now sent a complaint to abuse at namecheap dot com who is the domain name registrar for this spammer.

Update: It seems above domain name registrar namecheap.com is unwilling to take any actions against this spammer and thief. Hence I can only advise users to stay away from this dodgy name registrar. Also stay away from the spammer's webhost which is:

Verdina Ltd.
WHOIS information:
Organization name: BlueAngelHost
IP address: 85.217.222.146
AS(autonomous system) number and organization: AS201133 Verdina Ltd.
AS name: Verdina
Reverse DNS of the IP:
City: Sofia
Country: Bulgaria

The same spammer has now posted more than 60 messages during the past hour on the OpenCart comments section for a number of extensions.
It's time for a proper anti-spambot tool to be implemented on the OpenCart site.

Registry Registrant ID:
Registrant Name: Eslam Hosny
Registrant Organization: Only3.club
Registrant Street: abdelnaser street Apt 4 masjed alnor st friend tower
Registrant City: alexandria
Registrant State/Province: Egypt
Registrant Postal Code: 12345
Registrant Country: EG
Registrant Phone: +20.1126891977
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: Only3.club@gmail.com
Registry Admin ID:
Admin Name: Eslam Hosny
Admin Organization: Only3.club
Admin Street: abdelnaser street Apt 4 masjed alnor st friend tower
Admin City: alexandria
Admin State/Province: Egypt
Admin Postal Code: 12345
Admin Country: EG
Admin Phone: +20.1126891977
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: Only3.club@gmail.com
Registry Tech ID:
Tech Name: Eslam Hosny
Tech Organization: Only3.club
Tech Street: abdelnaser street Apt 4 masjed alnor st friend tower
Tech City: alexandria
Tech State/Province: Egypt
Tech Postal Code: 12345
Tech Country: EG
Tech Phone: +20.1126891977
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: Only3.club@gmail.com
Name Server: ns1.Only3.club
Name Server: ns2.Only3.club
DNSSEC: unsigned

Where did you get these details from? Whenever I try a whois query it returns an entry where most fields contain 'REDACTED FOR PRIVACY'.

Anyway, this spammer/thief keeps posting in the comments section every afternoon, today under the user names 'only989$$. 'XX(only3club)XX', and 'only63$$$', he changes his user names every day.

What I don't understand is that none of the OpenCart extension authors care about this spammer selling their software stolen from the OpenCart marketplace.
Some of these stolen extension items include:

- Multivendor Multi seller/supplier Marketplace [2020] by webkul
- Tmd import and export Multilanguage (1.5.x , 2.x & 3.x) by ashwani_multi
- Quick Checkout / Onepage Checkout by modulepoints
- AJAX Filter PRO with SEO Links (Must Have for Google) by Dreamvention
etc, an almost endless list!

Also, why is opencart.com refusing to install a proper captcha or anti-spambot tool for the comments section? This makes the OpenCart marketplace look amateurish.

There is something very odd about this situation.

A: opencart is going downhill and nobody is paying attention or cares
B: opencart has been paid to ignore these comments (very doubtful)
C: opencart has not got the technical expertise to deal with it ( NONSENSE ) I will give my time free if they want it and so I imagine would others.
D: Like many things in the world today nobody cares ( extension developers, opencart, etc etc. Everybody is too busy with the FAKE caring about this and that.

Well, it always starts at 3pm (GMT). Today's user names of this spammer/thief are: 'adminiuyiujk' and 'only3$6$$'.

Looks like nobody cares. This spammer is there for about a year.

Daniel seems to have no time to control everything, and he does not even hire new personal to handle a growing Marketplace.

Latest OC3 updates get more bugs than fixes. He could not release a modification fix for 3.0.3.6 for 8 months. 10 lines of code. 8 months. Facepalm.

Neither he has enough time and personal for new OC versions. OC3.1 which turned into OC4 is a never-ending project for two years.

It's sad to watch this

By the way, notifications about comments on extension page are not working.
Looks like this system is down after attack.

At least they could hide a website behind a Cloudflare recaptcha during attacks. 5 minutes to setup this. Not a best solution, can break some APIs, but fast and free.

It's Monday afternoon (GMT), and this thief/spammer is flooding the comments section again, today under the names 'only565$$' and 'demodfdfd'.

It looks like OpenCart has finally resolved the issue with this spammer, so I mark it this forum thread title as RESOLVED.