Big Trousers, Web, Design, Photography and new media.
Wordpress development, Photography and Video production, Graphic Design, Apple Hardware supplier and Social Media.
wp-eCommerce attacked
Posted on 28. Mar, 2009 by Philip in Big Trousers News, Software, Web design
From the 22nd of March wp-eCommerce plugin installations have been attacked by some zombie robot attack. The attack bombs an account with hundreds of false purchase’s with no product listed and $0.00 sale price.
Not a huge dilemma in a security sense but the false entries would take a user all day to delete through the backend.
We are looking at deletion through the database just to clean things up but we will wait till the version 3.6.11 proves not vulnerable to such attacks.
Here’s hoping..
Anyone got a fix for this, I have deleted the records from the database, however we have just had another attack on the 27th
I have the same problem. Today I got “payment accepted” on 103 fake sales, so I guess that they now have my paypal e-mail adress?
I got a message from Dan at instinct that a fix will be up by Monday NZ time.
I don’t think the problem is serious other than it taking time to clear bogus entries.
Anyone can get your Paypal email address so that is not a problem.
I wonder who is behind this attack as it is very specific at the moment.