Hacked during setup

[Guest Ripper]

Wow, I can't believe this one. I've had some older installs of PHPBB and Viper Guestbook hacked, but as I was installing Cube Cart and trying to configure it to match the website it was being installed into, someone hacked it and added their website to the database. I immediately uninstalled it. I just wanted to alert anyone installing Cube Cart through Fantastico that it may be hacked before you even finish installing it.

[Guest twisted]

Whoa. Bummer!

[Guest vrakas]

If only real clients could come in so fast. <_<

[Guest Ripper]

Fantastico has version 2.0.3 available. I'm assuming version 3 no longer has that vulnerability in it, I would hope.

[Guest Ripper]

Well......

I downloaded and installed the latest version into a new folder and a totally new database. Same as the last time, I didn't even get to finish the install and the cart was hacked. I give up. I will not install another version of this cart, ever.

[Guest]

Fantastico has version 2.0.3 available. I'm assuming version 3 no longer has that vulnerability in it, I would hope.

v2.0.3?!

I really think you should let you web host know that their Fantastico install is WAY out of date... we're now up to v2.0.7, and v3.0.0.

From all the troubles you've had with other programs being hacked, it sounds like either you're just REALLY unlucky, or your web host has some major problems!

[Guest twisted]

Seems to me to stretch the bounds of coincidence that someone should be attempting to hack you at the exact same time, TWICE no less, that you you were installing a cubecart instance.

Perhaps, the vulnerablility is not with the cubecart script...

[Guest]

Seems to me to stretch the bounds of coincidence that someone should be attempting to hack you at the exact same time, TWICE no less, that you you were installing a cubecart instance.

Perhaps, the vulnerablility is not with the cubecart script...

ESPECIALLY, after reading this...

I've had some older installs of PHPBB and Viper Guestbook hacked

"Coincidence... I think not" (cant remember what thats from...)

[Guest GnomeyNewt]

Very odd indeed. When I first read this thread I thought the odds are there, but I doubt it's possible.. why would somebody monitor your account for insecure scripts just to hack it the moment they are installed. Now it's happened twice... <_<

[Guest billmc]

Hi All,

I understand that the vulnerability is in the mySQL database not cubecart.

We have found instances that a script installed on a server where a compromised phpBB database is running has broken the integrity of all of the mySQL databases on that server.

The database under attack was the bulletin board of a different account running on the same db engine

billmc

[Guest Ripper]

The forum and guestbook that were hacked were not on this website or the same server. I was just commenting on the fact that its usually much older software that is found to have these security holes, not the latest release during the install. All of the software in Fantastico is way out of date, at least on my current server.

As for someone waiting for me to install, it's a known fact that there are bots out there that specifically target known security flaws in certain installations, and these bots run constantly, searching for installs and corrupting them. The Viper guestbook is a known security risk and I have deleted it from quite a few sites already. I'm waiting for an update from the author of the code on that one. He was supposed to alert me when he found the securty hole. Nothing yet.... The PHPBB forum that was hacked was version 2.0.11 when 2.0.15 was the current version. I did a search for the hacker's "tag line" and came up with over 20,000 forums that he hacked, so it's not just my host that had a problem. The host is only as good as the software running on it, if that software has glaring security holes, there's not much the host can do about it. Unfortunately for them, the software is offered by them, so they are partially at fault for not updating it regularly.

I guess I was just unlucky that they found me right away. I have since installed another cart system and have had it running for nearly 2 weeks without any security problems. Much better than the 1 or 2 hours before this cart was hacked.

[Guest vrakas]

Glad all is well for you now :)

[Guest]

These must be bloody fast bots to monitor and then attack a new install of a vulnerable script what ever that script may be...

Google searches over 8,058,044,651 web pages and they are "known" sites... I tend to think that you should look closer to home or even share the hackers info and website details.

Cheers

[Guest mydiscountstation]

okay I will buy the bridge because I was born yesterday.

i installed 3.0 then did a clean install of 3.0.1

I was not hacked.

you the only person in here to get hacked.

you the only person in here to get hacked TWICE.

both times occured while installing.

are you sure it was because of cubecart?

sounds fishy to me.

curious...what e-cmmerce solution did you finally go with?