ezsmoke Posted April 17, 2018 Share Posted April 17, 2018 I have been running a Prestashop website for a number of years. A few weeks ago, a customer informed us that when paying by PayPal that they were being redirected to a phishing type website - https://checkoutnow.mdigo.com/store/verif.php which was trying to replicate the official PayPal website. On checking and logging in as a user, we too had same issue as customer. We immediately disabled PayPal, and then updated PayPal module to latest version - PayPal V3.11.16. We then changed admin password for the website, and FTP password and we installed new module Protect My Shop. We also upgraded Prestashop to 1.6.1.18. All seemed well until last night, when same thing has happened, and when customer tries to checkout using PayPal they get redirected to fake PayPal website. We have again disabled PayPal as payment method. Anyone else experience something similar or suggest what I can do to fix this major issue. Link to comment Share on other sites More sharing options...
joseantgv Posted April 17, 2018 Share Posted April 17, 2018 27 minutes ago, ezsmoke said: I have been running a Prestashop website for a number of years. A few weeks ago, a customer informed us that when paying by PayPal that they were being redirected to a phishing type website - https://checkoutnow.mdigo.com/store/verif.php which was trying to replicate the official PayPal website. On checking and logging in as a user, we too had same issue as customer. We immediately disabled PayPal, and then updated PayPal module to latest version - PayPal V3.11.16. We then changed admin password for the website, and FTP password and we installed new module Protect My Shop. We also upgraded Prestashop to 1.6.1.18. All seemed well until last night, when same thing has happened, and when customer tries to checkout using PayPal they get redirected to fake PayPal website. We have again disabled PayPal as payment method. Anyone else experience something similar or suggest what I can do to fix this major issue. Could be that the problem is not within PrestaShop. Do you have a Wordpress in the same server? Link to comment Share on other sites More sharing options...
ezsmoke Posted April 17, 2018 Author Share Posted April 17, 2018 Yes, I do have Wordpress on same server. But Wordpress seems to be working OK. Do you recommend I make changes to WordPress? Link to comment Share on other sites More sharing options...
joseantgv Posted April 17, 2018 Share Posted April 17, 2018 1 minute ago, ezsmoke said: Yes, I do have Wordpress on same server. But Wordpress seems to be working OK. Do you recommend I make changes to WordPress? Buy maybe they have accessed your server through a Wordpress bug. Is it updated? And all the plugins too? Link to comment Share on other sites More sharing options...
ezsmoke Posted April 17, 2018 Author Share Posted April 17, 2018 I will check. It is a very basic Wordpress blog on the same server. But I can strengthen security on WordPress. Link to comment Share on other sites More sharing options...
Johann Posted May 8, 2018 Share Posted May 8, 2018 I just have the same problem with a customer of mine. I've updated the Paypal module and I'm currently looking for the cause of the problem Did you found the reason for your cases ? Link to comment Share on other sites More sharing options...
ezsmoke Posted May 8, 2018 Author Share Posted May 8, 2018 1 hour ago, Johann said: I just have the same problem with a customer of mine. I've updated the Paypal module and I'm currently looking for the cause of the problem Did you found the reason for your cases ? I ended up getting professional help with this. Although not 100% sure how the site was hacked originally, but people who carried out the work for me on fixing this issue, did find a back door, and removed same as well as removing infected files. All admin usernames / passwords and mysql passwords, ftp password changed and updated Prestashop itself and all modules. So far all seems good again. Link to comment Share on other sites More sharing options...
Johann Posted May 9, 2018 Share Posted May 9, 2018 Ok ezsmoke, thanks for your return. In my case, for the moment I've just updated the paypal module and that has fixed the problème, but I haven't found the cause yet. This customer planned to migration to another hoster, so all passwords will be changed at this moment Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now