Jump to content


This topic is now archived and is closed to further replies.

Al Brookbanks

How to clean up a hacked CubeCart store

Recommended Posts

Back in September 2015 a major security issue concerning admin account hijack was responsibly disclosed to us. We released a patch and new version within 24 hours. 

A significant amount of stores have since been hacked via this security flaw as they were not kept up to date. Below are instructions about how to cleanse a hacked store.

Skill Level: Advanced
Estimated Time: 1 Hour+

  1. Use an FTP client to download all your store files to your computer. 
  2. Open the ini.inc.php file to discover what version you are currently on. It will look something like this:
    define('CC_VERSION', '6.0.8');     // Version Number
  3. Download that version from our website at https://www.cubecart.com/download
  4. Use a file comparison tool such as Beyond Compare to compare the contents of your store files versus the default files. The mode to display only orphan files is particularly useful. 
  5. This step is essential and requires coding experience. You need to delete any malicious looking files in your web hosting account that were discovered using the file comparison tool. Please be careful!
  6. Take a backup of the database via your web hosting control panel and upgrade CubeCart to the latest version
  7. If you are not able to login to the admin side of your store please reset the login via the database
  8. Once upgraded to the latest version login to the admin side of your store and navigate to the "Manage Hooks" section. Click on the "Code Snippets" tab and delete any code snippets you don't recognise. 
  9. It may now be a good idea to repeat steps 2 through to 5.

We apologize to all of those who have been affected by this security flaw. Our track record for security is fairly good and we will always patch any serious security issues within 24 hours. It is always crucial to keep your store up to the latest version.

Please note that we do offer a cleansing service as part of our Technical Support & Management support plan.  


Share this post

Link to post
Share on other sites

  • Create New...