Jump to content

Possible hack/injection attempt


GoPure Kratom

Recommended Posts

Hi all,

I started getting a bombardment notifications of emails failing to be sent.
Started looking at it, and after an account creation and few other emails, the password recovyer page started getting hammered like crazy.
 

There was about 350 to the recover password functionality based on the emails.
I shutdown the SMTP to stop the emails being sent at least and I deleted the account.

Also, our chat widget started getting messages with the attacker trying to use this URL:
https://domain/category/product-page/[object HTMLInputElement]?body=555&email=sample%40email.tst&name=fnfOzvSR&orderIdentifier=20

Does anyone know what they were trying to achieve?

There are also several warnings like following in the web server error log:

image.png.5ba2e977d2a5c373510cbe37512c2ced.png


image.png.c239041d55c7a5b81ab612ed61843d0c.png

 

Any recommendations what should be the next steps?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...