Post by dmsims » Wed Jul 15, 2015 8:17 pm

Opencart version 1.5.5.1
Clean install 20 months ago
Template is Simplegreat http://themeforest.net/item/simplegreat ... me/4792599

Install directory removed after install
Admin directory renamed
1 admin user (not called admin) with 9 character password (mix of letters numbers and symbols) and 2 users with restricted rights
VQmod ver 2.4.0

Modules:
Professional Email Template: 4.5.5
Featured Category Plus
Isearch 3.4.2
MailChimp Integration
Paypal Express Module (Q)
Power Image Manager
Shipping Estimate
Checkout and Registration Simple

PHP 5.3, MySQL server version 5.5.28

on 13th July I could not login as admin. I reset the password and gained access.
In SQL admin (users table) the Ip adress of the admin login was traced to Indonesia

I created a new admin user and deleted the old one and have reset SQL db password

I cannot find any modified files

Any suggestions ?

Active Member

Posts

Joined
Sat Apr 13, 2013 6:05 pm

Post by imdevlper18 » Tue Jul 21, 2015 2:01 pm

had you given access to any developer of your purchased extensions?

Opencart Extensions | Professional opencart support | Support Ticket | support@cartbinder.com


User avatar
Active Member

Posts

Joined
Sun May 11, 2014 2:04 pm

Post by dmsims » Sun Jul 26, 2015 8:25 am

imdevlper18 wrote:had you given access to any developer of your purchased extensions?
Yes

I was alerted to the hack by a genuinely formatted password reset email (which I did not ask for)

Active Member

Posts

Joined
Sat Apr 13, 2013 6:05 pm
Who is online

Users browsing this forum: Ahrefs [Bot], barnettgs and 119 guests