Author Topic: Security breach? User registration messages from an inactive VM  (Read 366 times)

vmtitov00

  • Beginner
  • *
  • Posts: 2
  • A beginner
Security breach? User registration messages from an inactive VM
« on: October 06, 2018, 10:10:25 am »
Hello,

I keep receiving user registration messages (subj: A new shopper ************ registered at your shop *********), about 3-5 in a week. "Users'" data are obviously fake. I have VM installed but it is not active and not accessible from site's menu. It looks like the site is being getting hacked. Current configuration is Joomla 3.8.12 + VM 3.4.0 (to be updated to 3.4.1 in a few minutes).

Any advise would be very appreciated.

Jörgen

  • Global Moderator
  • Full Member
  • *
  • Posts: 2161
    • Kreativ Fotografi
  • VirtueMart Version: 3.4.x
Re: Security breach? User registration messages from an inactive VM
« Reply #1 on: October 06, 2018, 10:29:01 am »
You can access joomla login by link and register a fake user.

Is it a complete VM registration or just Joomla data?

Jörgen @ Kreativ Fotografi
Joomla 3.9.8
Virtuemart 3.4.x
Olympiantheme Hera (customized)

GJC Web Design

  • 3rd party VirtueMart Developer
  • Super Hero
  • *
  • Posts: 8892
  • Virtuemart, Joomla & php developer
    • GJC Web Design
  • VirtueMart Version: 3.4.2
GJC Web Design
VirtueMart and Joomla Developers - php developers http://www.gjcwebdesign.com
VM3 AusPost Shipping Plugin - e-go Shipping Plugin - VM3 Postcode Shipping Plugin - Radius Shipping Plugin - VM3 NZ Post Shipping Plugin - AusPost Estimator
Samport Payment Plugin - EcomMerchant Payment Plugin - ccBill payment Plugin
VM2 Product Lock Extension - VM2 Preconfig Adresses Extension - TaxCloud USA Taxes Plugin - Virtuemart  Product Review Component
http://extensions.joomla.org/profile/profile/details/67210
Contact for any VirtueMart or Joomla development & customisation

AH

  • Global Moderator
  • Sr. Member
  • *
  • Posts: 2898
  • VirtueMart Version: 3.4
Re: Security breach? User registration messages from an inactive VM
« Reply #3 on: October 06, 2018, 12:52:16 pm »
To prevent this -  I use an override:

templates\YOURTEMPLATE\html\com_virtuemart\user\edit.php

This will prevent users editing their own data - but I decided that it was worth it for my purposes


Code: [Select]
<?php
/**
*
* Modify user form view
*
* @package VirtueMart
* @subpackage User
* @author Oscar van Eijk
* @link https://virtuemart.net
* @copyright Copyright (c) 2004 - 2010 VirtueMart Team. All rights reserved.
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* VirtueMart is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* @version $Id: edit.php 9881 2018-06-20 09:03:58Z Milbo $
*/

// Check to ensure this file is included in Joomla!
defined('_JEXEC') or die('Restricted access');

//quorvia edited to prevent bots registering

?>

<h1><?php echo $this->page_title ?></h1>
<?php echo shopFunctionsF::getLoginForm(false,false); ?>

regards
A

Joomla 3.9.1
php 7.1

GJC Web Design

  • 3rd party VirtueMart Developer
  • Super Hero
  • *
  • Posts: 8892
  • Virtuemart, Joomla & php developer
    • GJC Web Design
  • VirtueMart Version: 3.4.2
Re: Security breach? User registration messages from an inactive VM
« Reply #4 on: October 06, 2018, 13:23:20 pm »
I make my over ride much ruder....
GJC Web Design
VirtueMart and Joomla Developers - php developers http://www.gjcwebdesign.com
VM3 AusPost Shipping Plugin - e-go Shipping Plugin - VM3 Postcode Shipping Plugin - Radius Shipping Plugin - VM3 NZ Post Shipping Plugin - AusPost Estimator
Samport Payment Plugin - EcomMerchant Payment Plugin - ccBill payment Plugin
VM2 Product Lock Extension - VM2 Preconfig Adresses Extension - TaxCloud USA Taxes Plugin - Virtuemart  Product Review Component
http://extensions.joomla.org/profile/profile/details/67210
Contact for any VirtueMart or Joomla development & customisation

vmtitov00

  • Beginner
  • *
  • Posts: 2
  • A beginner
Re: Security breach? User registration messages from an inactive VM
« Reply #5 on: October 07, 2018, 10:32:35 am »
Thanks to everybody for suggestions. I made a test registration from my web site and received a similar message. Its template has recently changed, that's what made me anxious.