Jump to content

Archived

This topic is now archived and is closed to further replies.

Dan:E

Customer Site Has Been Hacked

Recommended Posts

Hello people,

 

Need a little help with this as Im stuck for ideas and baffled.

 

I put together an online shop and everything was fine then the other day the customer rings me going mad saying it has been hacked and how it is my fault and how i should fix it.

 

What happens is when you type in the domain name it redirects you to helpner.ru

 

Alot of the files had been edited too.

 

I had a back up which I uploaded and secured the admin section.

 

When you type the domain name into google search and it brings the results up it still directs you to the helpner.ru webstie and says malware detected.

 

If you type the domain name in directly there isnt an issue.

 

Any ideas?

 

Thanks

 

Danny

Share this post


Link to post
Share on other sites

Hello people,

 

Need a little help with this as Im stuck for ideas and baffled.

 

I put together an online shop and everything was fine then the other day the customer rings me going mad saying it has been hacked and how it is my fault and how i should fix it.

 

What happens is when you type in the domain name it redirects you to helpner.ru

 

Alot of the files had been edited too.

 

I had a back up which I uploaded and secured the admin section.

 

When you type the domain name into google search and it brings the results up it still directs you to the helpner.ru webstie and says malware detected.

 

If you type the domain name in directly there isnt an issue.

 

Any ideas?

 

Thanks

 

Danny

If you didn't secure the site when you installed it then it is your fault.. Although the documentation is just a little bit shy on stating that there are additional mods necessary to protect it from hackers. Reading these forums before you installed may have prevented the successful hack.

 

Read the security forum. Specifically the topic 'How to secure my site.' It is a pinned topic. If you have not done any modifications to the site then simply wipe out the site and re-upload the files. The database is probably ok.


Community Bootstrap Edition, Edge

 

Avoid the most asked question. See How to Secure My Site and How do I...?

Share this post


Link to post
Share on other sites

i installed the store exactly as the instructions with the download said to do. as far as im concerned i have no contract with the woman to maintain the site etc and when i passed all details to her when it was done, she as the owner and administrator was in charge of the sites security.

 

i think i have sorted it now.

 

just need google to update the search pages to the clean pages rather than the malware ones :)

Share this post


Link to post
Share on other sites

It is a common attack on oscommerce now. We posted detailed info here:

 

blog.sucuri.net/2010/11/continuing-attacks-against-oscommerce-sites.html

 

Basically you need to rename your admin folder and remove the file_manager.php. Also check for backdoors, otherwise

the site can easily get reinfected...

 

thanks,

Share this post


Link to post
Share on other sites

Hello people,

Need a little help with this as Im stuck for ideas and baffled.

I put together an online shop and everything was fine then the other day the customer rings me going mad saying it has been hacked and how it is my fault and how i should fix it.

What happens is when you type in the domain name it redirects you to helpner.ru

Alot of the files had been edited too.

I had a back up which I uploaded and secured the admin section.

When you type the domain name into google search and it brings the results up it still directs you to the helpner.ru webstie and says malware detected.

If you type the domain name in directly there isnt an issue.

Any ideas?

Thanks

Danny

Hi Dan:E,

 

May I suggest ignoring everyone else and focusing on your .htaccess file. (Ignore the rest of this post if your NOT using an Apache webhost).

 

I think your website is redirecting traffic from known search engines like google and/or yahoo.

 

Check the size of the .htaccess file. Is it the right size for how much text is in it?

 

Open the .htaccess file with a decent text editor and press CTRL+A. What highlights? The whole screen, or just the text you see? Is there more code "off screen"? Can you scroll to the right and down and see more code?

 

I am new to OSC, so if my words do not help, I'm sorry to waist your time.

 

<curtsey>,

mosquit0

Share this post


Link to post
Share on other sites

×