Case study: Malware Removal for CS-CART Web Store.

Quite a typical situation: construction materials web store that runs on CS-CART commence engine. The company started receiving customer’s complaints the adware showing up casino pop-ups each time the new user visited the store. Customer had to stop all marketing activities to prevent users from seeing the ads. Store operations were actually halted! Webmasters couldn’t resolve the issue, so the store owner contacted Zenous to investigate the intrusion and remove the popups.

From the first glance, the origin of the problem seemed quite trivial: unmaintained commerce engine is a sweet candy for all types of amateur hackers due to the vast range of known exploits. Server software audit revealed that no updates were done for the past 2 years, same thing with CS-CART itself. Security audit discovered multiple malicious code uploads to media folders, no surprises: that is a typical hole for intrusion attempts!

Actual source of the trouble was identified within first hour: one of the client’s past SEO contractors included the malicious code in the store files. Code removed, legal process started.

Finally, no worries and safe browsing for store users!

It took us another day to clean the mess caused by past hacking attempts, secure the environment, configure monitoring and set up the best practices for  the ecommerce projects ongoing support. For this particular store it takes up to 3 hours to run all the preventive maintenance routines and check health & security, and this enables another layer of protection from the potential data, profit and reputation losses.

Talking about security, it’s always better to prevent than to face the consequences. Take care!