Last week I cleaned a locked down another 4 hacked osCommerce sites – which takes the total to 102 that I have personally cleaned, I suspect there are a few more developers who have cleaned as many if not more. osCommerce is a magnet for hackers.
Anyway, of the 102 that I have cleaned, only 1 has been subject to rehack – after much investigation it -appears- that the clients computer is infected, possibly using a variant of Gumblar, as it seems that each time he FTPs using a certain piece of software, his site is hacked within a few hours. It’s a strange case.
I’m seeing more and more hacked osCommerce sites – with some shop owners completely unaware until Google tells them it’s a “malware” site – then it’s noticed pretty quickly.
If you are unsure about your osCommerce security, contact me on firstname.lastname@example.org to book a quick scan of your site – I’ll let you know about any insecurities and give you a guideline on how it can be cleaned and/or secured.