VP-ASP :: Shopping Cart Software

Shopping Cart Software Solutions for anywhere in the World

US/Canada(Toll Free): +1 888 587 2278
Europe/UK: +44 (020) 7193 9408
Australia/New Zealand: +61 3 9016 4497

VP-ASP Shopping Cart Customer Forum

Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 VPCart Forum
 Credit card fraud and hackers
 Finding njnk
 New Topic  Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

conkasvp
Starting Member

Spain
1 Posts

Posted - February 06 2008 :  00:36:12  Show Profile  Reply with Quote
Avast reports that our VPASP Site is infected with a worm which I believe to be caused by a Script infection which relates to b.njnk.net/E/J.JS. When I searched on Google I found a large number of references to its existence in VPASP Shops and one reference to the VPASP Forums. I have searched through the VPASP Forums for this reference without success.

Please can someone explain what has happened and point me in a direction to resolve it.

Mark Richards
Conkas

support
Administrator

4266 Posts

Posted - February 06 2008 :  00:42:23  Show Profile  Visit support's Homepage  Reply with Quote
Hi Mark,

You need to ensure you have all of the patches applied to your site to block access.

There is a tool available from BYZ which you can use to check your tables to see where the script has been entered.

http://www.bigyellowzone.com/shopexd.asp?id=146

We now have a tool which we will be making available shortly that will strip the script references from compromised fields in your database.

If you post a ticket in our help desk with a request for the data scrubber we will forward to you.
https://www.vpasp.com/virtprog/helpdesk/

The best way to avoid this in the first place is to apply all of the patches listed for your version on our web site at:
http://www.vpasp.com/virtprog/info/faq_security.htm

Thanks
Cam

Vp-ASP Support
Go to Top of Page

MoreToIt
Starting Member

7 Posts

Posted - February 07 2008 :  04:09:17  Show Profile  Reply with Quote
Hi, just been checking the forums, as for the past couple of days I've noticed my site has had some malicious software infections. I've tracked this down to the same b.njnk.net/E/J.JS mentioned in this topic, and when I googled for it, it seems a number of other sites based on vp-asp have had the same issue. Therefore, I'm just about to run the tool from BYZ but have also requested a ticket for the data scrubber. I'll let you know how it goes.

John Cudley
Go to Top of Page

Steve2507
VP-ASP Expert

590 Posts

Posted - February 16 2008 :  17:26:27  Show Profile  Reply with Quote
Been away for a while (busy Christmas followed by wife going on maternity leave - there is only the two of us in the business - then Son born), but back now and found out about this on Thursday. all fixed now, but the ay we were hacked was wierd.

Only a few products had the code in them (the cdescription). These products had all been uploaded about 3 weeks ago and nothing else was infected. It just seemed strange that only a few prods were caught, not the entire range.

Any ideas?

Steve
www.temptationsdirect.co.uk
Go to Top of Page

support
Administrator

4266 Posts

Posted - February 16 2008 :  23:47:30  Show Profile  Visit support's Homepage  Reply with Quote
Hi Steve,

Sorry to hear you were hit and congratulations on your new addition! Lots of fun times ahead.

Can you please move this to our online helpdesk so we can assist directly.

Thanks
Cam

VP-ASP Support

Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Snitz Forums 2000