(Solved) Hackers?

[oja]

Few weeks ago I got a message from a hacker in to my customer service. They asked to pay money or they will destroy my webshop. Couple days ago I can't get into the shop anymore, only blank page. In back office I can't access to module manager and payment methods module. I activated the testing mode and when entering the payment method module or module manager I get the message below:

    public static function isValidCountryCurrencyOSM()

    {

        $countryIsoCode = Context::getContext()->country->iso_code;

        // Check if country+currency matches any of the non-EUR cases defined in the constant, else should be EUR

        if (isset(self::OSM_VALID_COUNTRY_CURRENCY_COMBINATION[$countryIsoCode])) {

            $defaultCurrency = self::OSM_VALID_COUNTRY_CURRENCY_COMBINATION[$countryIsoCode];

            if ($defaultCurrency === Context::getContext()->currency->iso_code) {

                return true;

            }

Trying to enter front office the message is:

(1/1) FatalErrorException

Compile Error: Cannot use isset() on the result of an expression (you can use "null !== expression" instead)

in klarnaofficial.php line 4855

 

I don't know what to do?

Ps. The hacker message has now disappeared from the customer service message board.

Edited July 11, 2020 by oja (see edit history)

[Guest]

Yes, you have 99% hacked eshop.
The klarna module already loads ads and other beacons via JavaScript during installation and configuration.
And that opens up opportunities to attack the e-shop.
There are two options.
Hire someone to disinfect (can be expensive) or make the site new.

I just looked at the klarna module in github into files and wanted to throw up.

[Guest]

How did you solve the problem?

[ZackatKlarna]

Hello @oja,

 

I believe you were already in contact with Klarna support through other methods where you have notified us that the error message you pasted above was due to using a PHP version that is not supported by our module, and the PHP version since been updated. 

 

Klarna takes security of its modules and services seriously, and will certainly review any concerns. That being said, using a Klarna module does not inherently make a website unsafe. 

 

@Guest if you have specific examples of how a Klarna module makes a website vulnerable, please share your feedback with our merchant support team at https://klarna.com/merchant-support as having JavaScript on one’s website does not automatically mean a site is vulnerable.

 

Kind regards,

Zack

[oja]

On 7/12/2020 at 5:51 PM, Guest said:

How did you solve the problem?

I moved from ovh-hosting into another web hotel which is taking care of the updates and security and they also have a real customer service. I also hired a person to rebuild my webshop from the ground. Fixing the old shop was way too difficult for me.