ProductCart Shopping Cart Software Forums : Virus infected

ProductCart Shopping Cart Software Forums : Virus infected https://forum.productcart.com/ Copyright (c) 2006-2013 Web Wiz Forums - All Rights Reserved. Sun, 12 Apr 2026 23:48:25 +0000 Mon, 18 Jan 2010 21:18:24 +0000 http://blogs.law.harvard.edu/tech/rss Web Wiz Forums 12.04 360 https://forum.productcart.com/RSS_post_feed.asp?TID=3359 <![CDATA[ProductCart Shopping Cart Software Forums]]> https://forum.productcart.com/forum_images/pc_logo_50.png https://forum.productcart.com/ <![CDATA[Virus infected : Thanks all for prompt reply. ...]]> https://forum.productcart.com/virus-infected_topic3359_post12662.html#12662 Author: matle
Subject: 3359
Posted: 18-January-2010 at 9:18pm

Thanks all for prompt reply. Smile

]]> Mon, 18 Jan 2010 21:18:24 +0000 https://forum.productcart.com/virus-infected_topic3359_post12662.html#12662 <![CDATA[Virus infected : Hi Matle, My suspicion is that...]]> https://forum.productcart.com/virus-infected_topic3359_post12661.html#12661 Author: Hamish
Subject: 3359
Posted: 18-January-2010 at 9:05pm

Hi Matle,
My suspicion is that the problem is server related, or another app on the same server.
Either that or an FTP account with sufficient privileges has been cracked.

Our own site and that of many customers are scanned regularly for vulnerabilities and there are no known vulnerabilities in the code.

The hosting company should be able to examine the server logs to help ID the source/route of infection.
]]> Mon, 18 Jan 2010 21:05:32 +0000 https://forum.productcart.com/virus-infected_topic3359_post12661.html#12661 <![CDATA[Virus infected : I second the suggestion at locking...]]> https://forum.productcart.com/virus-infected_topic3359_post12660.html#12660 Author: Greg Dinger
Subject: 3359
Posted: 18-January-2010 at 9:04pm

I second the suggestion at locking FTP to known IPs, perhaps that from both your home and office.

There was an attack last year where servers were being compromised by FTP, and regardless of changing the FTP password one day, the site was successfully attached the next day. The hackers would insert IFRAME code into pages. Locking FTP to known IPs will help limit your exposure to such a re-occurrance.

Good luck.

]]> Mon, 18 Jan 2010 21:04:12 +0000 https://forum.productcart.com/virus-infected_topic3359_post12660.html#12660 <![CDATA[Virus infected : Hi Matle, Most likely your...]]> https://forum.productcart.com/virus-infected_topic3359_post12659.html#12659 Author: netprofits
Subject: 3359
Posted: 18-January-2010 at 9:00pm

Hi Matle,

Most likely your site was hacked by someone who "sniffed" your FTP credentials when you connected to your web site to either upload files or make additional updates to the web site. We have heard of this happening more often over the past several months.

The best solution is to ask your web hosting service to restore a backup from before the date the files were hacked.

Additionally you should contact you web host to see if there is a way to either access your site with Secure FTP or to restrict FTP access to your computer's IP address.

Hope this helps!

Dan

]]> Mon, 18 Jan 2010 21:00:31 +0000 https://forum.productcart.com/virus-infected_topic3359_post12659.html#12659 <![CDATA[Virus infected : Hi all,I have successful installed...]]> https://forum.productcart.com/virus-infected_topic3359_post12658.html#12658 Author: matle
Subject: 3359
Posted: 18-January-2010 at 8:53pm

Hi all,
I have successful installed and customized our website with ProductCart more than month ago. Unfortunately, last week, we got infected with virus named Trojan.Malscript B, another noted with Trojan-Downloader.JS.Agent.ewo (Kaspersky AVP) & (ZoneAlarm)

I Checked our sourrces and saw that allof our .js, .asp and .html were infected. Those files were modified atthe same time and date. Does any body know how our site was infected?Is it because the hacker inserted a script in one of our input fieldsand this script was executed by our ProductCart software? or the hosting wasinfected? Our code produced something that were noted as virus?, any possibilities and how to protect our site for the second time?

Thanks,

Edited by matle - 18-January-2010 at 8:59pm]]> Mon, 18 Jan 2010 20:53:08 +0000 https://forum.productcart.com/virus-infected_topic3359_post12658.html#12658