Magento Forums
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

BEWARE new hack found. A hacker was able to setup Paypal in their name and access user info

‎11-24-2016 07:28 AM
‎11-24-2016 07:28 AM

BEWARE new hack found. A hacker was able to setup Paypal in their name and access user info

I have a site that was compromised though MageMe's Web Forms. They were able to upload 2 scripts, 1 that allowed them admin access and could setup their own paypal account to receive payments. (Obviously, Paypal simply does not care... I spent an hour on the phone with them to try to explain that this person was a thief and hacked and they would not even block their account). The emails they used for paypal were tonny.bajingan@gmail.com and gunslie@gmail.com.

 

They were also able to upload a script called magentostealer.php5 which allowed them access to all user data. Thankfully this site did not store credit cards.

 

Anyone wishing to investigate this further, I will send you the scripts. 

 

This seems to be well above the level of old automated SQL injection scripts.

 

 

Reply
1 REPLY 1
‎01-12-2017 09:26 AM
‎01-12-2017 09:26 AM

Re: BEWARE new hack found. A hacker was able to setup Paypal in their name and access user info

Did you find out how they where able to upload the file?

0 Kudos
Reply