Jump to content

Defacement attack


Recommended Posts

Recently my shop got hacked. I am using version 1.5.4.1. Attacker has appended some code in javascript files in js directory. I couldn't get rid of it until I changed the rights of js folder to unwritable. Then I've uploaded my backup for clean files to server.

 

Has anybody experienced something like that before? My hosting provider said that they didn't pick up any suspicious activity. However, I have a hunch that my webstore is not safe.

 

How to prevent this from happening in the future again?

 

For a start I should update prestashop to newest version but will this override my translations? Becouse I've spent few weeks to translate and adjust it on highest editorial level possible.

 

Any other suggestions?

Link to comment
Share on other sites

Hi, sorry you went through this.

 

We experienced this in June 2011, while I have a hard time remembering loved one's exact birthdays I do have this date lodged in my brain.

 

So I wrote this: http://www.prestashop.com/forums/topic/303132-module-prestavault-malware-trojan-virus-protection/

 

it is not 'another' back up but an alert system with file undo.  Even if it's not a big seller I sleep much better knowing I will be notified if my shop files change and that I can easily identify them and restore that file.  I hope you like my work. :)

  • Like 1
Link to comment
Share on other sites

Hi, sorry you went through this.

 

We experienced this in June 2011, while I have a hard time remembering loved one's exact birthdays I do have this date lodged in my brain.

 

So I wrote this: http://www.prestashop.com/forums/topic/303132-module-prestavault-malware-trojan-virus-protection/

 

it is not 'another' back up but an alert system with file undo.  Even if it's not a big seller I sleep much better knowing I will be notified if my shop files change and that I can easily identify them and restore that file.  I hope you like my work. :)

 

Hi, El Patron. Interesting module, it would be nice to have this option, but I am looking for a solution to prevent attack in the first place. If that m*****f***** gained access to files he could gained access to database, potentially stealing costumers' personal data, dropping tables, messing up everything ... I do not like sound of that. :) 

Link to comment
Share on other sites

Hi, El Patron. Interesting module, it would be nice to have this option, but I am looking for a solution to prevent attack in the first place. If that m*****f***** gained access to files he could gained access to database, potentially stealing costumers' personal data, dropping tables, messing up everything ... I do not like sound of that. :)

 

What you desire is not possible, i.e. prevent, just ask Target, American Express...etc etc etc...

 

Most generally this is a result of FTP access.  Always change your FTP passwords after something like this.

 

But to identify quickly and then remove is much better than the alternative.

 

My preference was to create module that would blow up hackers computer in their face..jajajaja...but not possible...

 

I will be adding more features to module as time goes by, for example folder/file permission checker.  but this for me was a good start.

Link to comment
Share on other sites

×
×
  • Create New...