cancel
Showing results for 
Search instead for 
Did you mean: 

Hacked? Help please

Hacked? Help please

Hello all,

 

Im experiencing some issues. I believe i was hacked and i was wondering if anyone can guide me in the right direction to remove this. 

 

It happens only when I'm at the back-end of the site trying to add a product

. Any suggestions are appreciated thanks in advance.

4 REPLIES

Re: Hacked? Help please

I'm in the middle of a conference right now so giving you a short answer. Probably best to run your site through magereport.com and magescan.com to confirm if you have any of the usual suspects affecting your site.

If so, then you have a starting point to start disinfecting your site.

If not, then repost more details here so we can help.

Finally, you should take a look at my response plan http://github.com/talesh/response to start planning your response if there was an actual application or data breach.
---------------------------------------------------
Subscribe to my Magento Security Podcast

Re: Hacked? Help please

there is no point to run any external scans or even magereport,

because your site already hacked.

 

you need to lock all traffic and install maldet scanner, if you have server.

if on shared hosting then you need at least ssh access to scan your files.

 

check your browser console also

------------
MagenX - Magento and Server optimization

Re: Hacked? Help please

Exactly, there is no point in externally scanning your website now.

What you should do is scan your website to find out what the problem is so you can start solving it as soon as you can. I suggest you take look at Security Module MageFence - one of the features is the malware scanner that will scan your website internally, and find the problem. Check it out here: http://www.extensionsmall.com/mage-fence-security.html

 

This extension will also give you the full protection in the future: it will scan your website for malware on regular basis, it will scan your system for changes and give you a list of all changed files so you can confirm the changes you have made yourself and spot changes that are a result of a potential security breach, it also gives you protection against brute force attacks by blocking IP addresses after too many failed login attempts.

 

You can also see all the changes made by admin users in Admin Activity Log.

It also comes together with Two-Factor Authentication module that will prevent unauthorized access even if your credentials somehow get compromised.

 

MageFence is a well-rounded security solution developed to prevent these kind of hack attacks exactly.

Re: Hacked? Help please

Yeah. I had not see. The screen shot when I replied. How are your backups?
---------------------------------------------------
Subscribe to my Magento Security Podcast