Thoughts on recent experience with hacker

2 replies
Our main store was recently hacked and I just want to get any ideas to increase my security and also share an idea.

First of all, if anyone has ideas on making my situation more secure, let me know. This is what happened; Shortly after I left the UK for a trip to Spain a hacker broke into my online store which is a Zen Cart version 1.3.8a (yeah yeah I know it's old and has known vulnerabilities but it's a long story, we are migrating a completely different cart but these things take time).

I then noticed that he had also managed to get into my cpanel! Even after changing all the passwords and moving the admin folder he was right back into the zen cart again a few days later.

I am left still wondering exactly how he got in. perhaps a keylogger on my machine at home (at the time of the first hack I had not logged in abroad let alone accessed the zen cart or cpanel from my laptop)

He has managed to get back into the zencart yet again. In all cases it seems the motivation is purely monetary, he was trying to get customers to respond to a bogus email requesting card details again and most people these days are savy enough not to fall for that but I will say it was all very professionally done, perfect English and very legit in appearance.

Sooooo, any thoughts on how I can really friggin secure my cpanel and zen cart would be appreciated. So far I have changed all passwords, started using a VPN when doing any mods to the sites, scanned my laptop with three different anti-malware apps (which all came up clean).

Now, here's another thought; I am thinking about emailing the hacker because I have his email and basically just saying 'dude, I'll make you a deal, tell me exactly how you got in and agree to abstain and I'm happy to pay a reasonable fee'. I'd even be tempted to suggest a business could be built around security consulting. (keeping in mind of course this guy cannot be trusted but he obviously has some decent skills and knowledge, he should be making legit money on oDesk and not wasting time trying to run silly phishing scams.
#experience #hacker #recent #thoughts
  • Profile picture of the author Andrew Davis
    Hi djtrillian,
    I don't know much about, and never used Zen Cart, so I do not have advice on how to improve it's security (apart from updating it to the latest version).

    However, I do not advise you to make a deal with this hacker, offering him money and even partnership, after he blatantly tried to steal money from you and your customers.

    Why reward someone for committing a crime against you?

    If the hacker just hacked your site for Fun/Experience/Testing, then reported the security flaws to you... then that can be understandable, and you could work out some partnership with him.
    But as you stated, this hacker tried to scam your clients into providing their credit card details (steal their money).

    If I were you, I would try to gather as much information as possible about this hacker, and report him to the appropriate authorities, including your server's hosting company.

    Also, you should upgrade your Zen Cart version as soon as possible. Make it your first priority, if you are serious about stopping hackers, protecting your business and your customers.

    The hacker may not even necessarily be that skilled. He could just be aware of the vulnerabilities of your Old Zen Cart version, followed some hacking tutorial for it online, and got access into your site's admin areas.

    So even if you pay him/her for security advice, it could be wasted money.
    -Andrew
    Signature
    Owner of: TrinSite, iOrbix, DesignCoverPhoto, KeywordCompetition ...and other Businesses


    Only $20! - >> Get your own PROFESSIONAL Facebook Timeline Cover << - Best Price - Best Quality
    (We are the #1 Facebook Cover Design Team in the WORLD!)
    {{ DiscussionBoard.errors[8820321].message }}
  • Profile picture of the author OnlineStoreHelp
    Originally Posted by djtrillian View Post

    Our main store was recently hacked and I just want to get any ideas to increase my security and also share an idea.

    First of all, if anyone has ideas on making my situation more secure, let me know. This is what happened; Shortly after I left the UK for a trip to Spain a hacker broke into my online store which is a Zen Cart version 1.3.8a (yeah yeah I know it's old and has known vulnerabilities but it's a long story, we are migrating a completely different cart but these things take time).

    I then noticed that he had also managed to get into my cpanel! Even after changing all the passwords and moving the admin folder he was right back into the zen cart again a few days later.

    I am left still wondering exactly how he got in. perhaps a keylogger on my machine at home (at the time of the first hack I had not logged in abroad let alone accessed the zen cart or cpanel from my laptop)

    He has managed to get back into the zencart yet again. In all cases it seems the motivation is purely monetary, he was trying to get customers to respond to a bogus email requesting card details again and most people these days are savy enough not to fall for that but I will say it was all very professionally done, perfect English and very legit in appearance.

    Sooooo, any thoughts on how I can really friggin secure my cpanel and zen cart would be appreciated. So far I have changed all passwords, started using a VPN when doing any mods to the sites, scanned my laptop with three different anti-malware apps (which all came up clean).

    Now, here's another thought; I am thinking about emailing the hacker because I have his email and basically just saying 'dude, I'll make you a deal, tell me exactly how you got in and agree to abstain and I'm happy to pay a reasonable fee'. I'd even be tempted to suggest a business could be built around security consulting. (keeping in mind of course this guy cannot be trusted but he obviously has some decent skills and knowledge, he should be making legit money on oDesk and not wasting time trying to run silly phishing scams.
    What did your hosting company say? Have you notified your customers and merchant account about the data breach yet?
    {{ DiscussionBoard.errors[8828905].message }}

Trending Topics