Jump to content

Paypal Phishing code found on site


Guest crusehost

Recommended Posts

Guest crusehost

Just to let everyone know. Today we found foreign folders and code in a CubeCart 3.06 installation we host. The content was inserted into the /images/ directory on this particular site and included php files that allowed Ebay phishing. Do yourselves a favour and check the contents of your /images/ folders for foreign folders. In this case the folder name was redirect.to.fcgi.ebay.com

We recieved notice today from our upstream provider. I have since updated the clients site to 3.08 is this a bug in previous versions? If so has this been fixed?

Regards,

Link to comment
Share on other sites

There was a vunrability found in earlier versions and it seems that your site was attacked through this vunrability where they have placed that file on your site...

I earge you all again further to my posts in the past to check EVERY and ALL files and folders for scripts that shouldn't be there some of the main folders attacked are...

images

images/upload

images/upload/thumbs

includes/

includes/content

includes/boxes

includes/.tmp (this one is not stock and is comanly created my hackers)

pear/temp

pear/

they are just a few files that i have found virus/hacking tools and such like that found here...

again CHECK ALL files even if you dont belive you where hacked as they may have not made it know like most script kiddies that they hacked you...

Finaly 3.0.8 is alot more secure but if these files are already on your server then you are still at risk

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...