Jump to content

Avoid Cart2Cart they broke my clients site and cost them their business.


Recommended Posts

One of my clients contacted me yesterday saying their site was not accepting payments any more. They had migrated from another platform 6-8 months ago to PrestaShop and because of their needs I op'ed to use Presto-Changeo's authorize.net module on their site. It worked perfectly, just as expected with their modules. But it broke yesterday on the 22nd. I turned debug mode on and noticed it was calling a controller, but in a way that was not valid. My first action was to comment out the call because at that point in the module it was not needed. At the same time I accused my client of having another developer or himself working on the site, because I saw the timestamp on the file and when it was modified. I sent him a screenshot of the file before I actually saved the changes too. Here is it,  http://screencast.com/t/u4g4fWKhZk9  He denied that he did anything of course, so next I asked him to get the server logs, because someone that has access to the site change the file. The module was updated over a month ago, but a file was changed today. The hosting company finally came through with a log of the ftp access. Here is a screenshot of the log they sent, I have highlighted the line that matters http://screencast.com/t/czzRxM5ZIqAt  

 

That is the login given to cart2cart, you can tell by the name. The account was created expressly for them, no other reason. 

 

If you look at the screenshot from before, (I have highlighted a new line) you can see where I logged in and check the error log when I got the email about the payments) http://screencast.com/t/e664kjMv My changes and login information are in the pink color. I checked the error log, I turned on debug mode, then I opened and fixed the file in question. 

 

They disabled the checkout from their ftp access for some reason and I do not know why. But I would advise people to stay away from them.

 

For the record, they go by cart 2cart, but their site is at  http://www.shopping-cart-migration.com/

 

 

EDIT: I have been asked to change the topic, so I did. The problems with cart2cart extended a lot further than just the "alleged" breach. The biggest issue with their service was they imported the data from X-Cart, but did not verify the data. They imported information into wrong columns of the products table in the database and because the information was not valid orders did not complete. Namely it was EAN13 data, I brought to PrestaShop's attention a year ago about this issue, but they maintained it should work this way and not be changed. http://forge.prestashop.com/browse/PSCFV-11809  Long story short, cart2cart does not verify the data and orders will not complete with some of the imported data. I would still avoid them.

  • Like 3
Link to comment
Share on other sites

Hello,

My name is Stepan, I’m Project Manager at Cart2Cart. As far as I can see from your screenshots, IP address 46.72.126.220 doesn’t belong to Cart2Cart. Moreover, this IP address is from Russia http://screencast.com/t/NDZrb7fK8z and we are located in Ukraine, Ternopil. Here is a list of our IP addresses:

  • 54.204.13.71

  • 54.204.13.85

  • 54.204.13.86

  • 54.204.13.90

  • 54.204.13.95

  • 54.204.13.107

  • 54.204.13.110

  • 54.204.13.112

  • 54.204.13.113

  • 54.204.13.115

  • 5.58.76.130

  • 93.77.238.130

  • 50.23.68.68

  • 108.168.233.98

I see that this migration was performed from X-Cart to PrestaShop. Maybe your client gave his access details to someone else e.g X-Cart?

We always highly recommended to change all access details of your store right after migration issue is resolved. http://www.shopping-cart-migration.com/faq/1-general-questions/109-why-cart2cart-may-need-access-to-your-web-shop-or-server  We can guarantee that there were no access to your client’s store from our side. Moreover, we will be glad to help you resolve this issue. Please let me know how we can help.

Best regards,

Stepan Fedortsiv

Link to comment
Share on other sites

×
×
  • Create New...