Jump to content

[Resolved] wig company hackers


Laura LEA

Recommended Posts

It appears that someone has hacked my website - a wig company of all things - and my IT person has asked me to check that my shop is secure.   I have pasted his words below but to me all this is a different language.  He is asking to check with cubecart if:           to check if there are any insecure shop scripts that a hacker can gain entry with?

Link to comment
Share on other sites

I have discovered a similar thing last night on a CubeCart installation, some of the links are to a wig website too.

CubeCart are investigating, but I need to send further information.

This is on v5.2.17 (latest v5).

Google security has picked up links back from over 1000 CubeCart powered websites too which appear to have the same issue.

Link to comment
Share on other sites

You may have missed a critical security update.

Here is what you must do to remove the hack:

In admin, Manage Hooks, Code Snippets tab, delete any weirdly-named snippet.

In the site's folders, delete all snippets in /includes/extra/. (The legitimate ones will be rebuilt from the database. That's why it is important to delete the database record first.)

Link to comment
Share on other sites

thanks very much for this - I am very grateful for your help, there was one item in snippets which I deleted but I do not know where to find the sites folders? to complete the second bit   /includes/extra/.  Can you advise - I am not very good at this......!! I did upgrade to the V6.0.8 this morning though.

Link to comment
Share on other sites

To find and delete the snippet file in the folder, you will need to access your hosted site's contents. You may have a hosted control panel (Cpanel?) and inside that will be a File Explorer. Or you may already know how to use a FTP utility to access the folders in your site.

Ypu will absolutely need to learn how to access the files and folders of your site in order to affect the edits necessary to remove the vulnerability as detailed in the Security Notice mentioned above.

Your IT person should be able to assist.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...