View Single Post
  #258  
Old 09-08-2009, 07:10 PM
 
Riz Riz is offline
 

Newbie
  
Join Date: Oct 2007
Posts: 5
 

Default Re: Warning: Iframe based attacks using stolen FTP access info

For everyone's information, Its not an Xcart problem. I have dozens of sites from Oscommerce and multiple other e-commerce platforms. The hacker compromised a local machine and stole the FTP passwords from Windows with a DLL hack that is a vulnerability in WIN2k, XP and Vista. It installed IFRAME tags with malicious urls in every directory I had on 4 servers it took a minute to fix. thank GOD no data was compromised. I got to the root of the problem, rectified the damage and just wiped out my stored passwords from my FTP program. DONT STORE PASWORDS IN FTP they can be decrypted and stolen right out of windows. Just dont use auto login and store encryted passwords in your FTP program.
__________________
X-Cart version 4.1.9
Pet Meds
Reply With Quote