Prestashop.com, Was Hacked

Last night, the PrestaShop’s official website, prestashop.com, was hacked, consistent in the confiscation of a Software advised for transcribing account advice in the Back Office of PrestaShop stores.The absolute PrestaShop aggregation committed ourselves to anecdotic and acclimation this affair as bound as possible. That fix has been completed.

Has my boutique been infected?

This alone affects PrestaShop versions 1.4/1.4.1/1.4.2/1.4.3/1.4.4, but not all shops application these versions are necessarily affected

If you use one of these versions, amuse analysis for any of the afterward symptoms:
A her.php book is at the basis of /modules folder A .php book altered from index.php is in the upload and download folders Your footer.tpl book has been modified Your tools/smartyv2 binder is missing.

If you accomplish one of these conditions, your boutique may accept been infected. However, it is simple to fix just by afterward the instructions listed below.

What should I do?

1.Change your database countersign (or acquaintance your webhost if you do not apperceive how to do it). Once you accept done that, accessible the settings.inc.php book in your /config binder and alter your old countersign with the new one. See below:

2.Download the fix appear by PrestaShop accessible on http://addons.prestashop.com/fr/herfix/

3.Upload it to the basis binder of your boutique with your FTP applicant (Filezilla, Transmit…)

4.Go to the url http://www.myshop.com/herfix.php

5.The fix is now applied. Amuse do not overlook to annul the herfix.php book ahead uploaded at the basis of your shop

6.Rename the admin folder

7.Change the countersign of all admins of your shop

If you charge any advice or accept any added questions, you can email us at security@prestashop.com. You will accept an acknowledgment at the soonest.

The accomplished PrestaShop aggregation wants to acutely acknowledge the association for its advice in anecdotic this issue.

Info from prestashop.com

May this article you want