Has my site been hacked?


all of a sudden all my prices are higher. We have not changed one price, but all prices on our site suddenly have been increased by a lot.

Have I been hacked?

Check the Logs. If the increases were done in CS-Cart, the Product updates will likely have been logged. Are the prices higher on the frontend as well as the backend? Are you sure you were not running any promotions which reduced the prices on the frontend which may have expired?

For what it's worth I've never come across any situation where a store has been hacked with the sole intent of increasing prices. If it was a competitor, supplier, etc, why would they waste their time hacking to increase your store prices when they could well and truly screw you over by adding something malicious to your store/deleting the site/deleting all the site backups/etc.

Because a merchant may not notice the price increases right away and they might get picked up by Google and cached for quite a while. This would give price-shoppers reason NOT to buy from you, but to buy from your competitors at normally higher prices.

If you're selling X @ 24.95 and your competitor sells it a 28.95, then they bump your pricing up to 34.99 and your customers all of a sudden stop buying from you… Generally they won't complain to the merchant and unless the merchant really monitors details it might be a while till they notice.

More than likely if it was all products that were changed, then it was probably done via mysql with "SET price=(price * 1.1) for an across the board 10% price increase.

I checked the logs withing CS cart and there is no sign of someone editing all the products of all Vendors. We run the multi vendor edition.

If it was done, it was done via the DB directly. Our MySQL general log is not on, so I wont be able to see who and when connected to the database.

We have also not run any promotions at all.

Ok, so after a little digging it seems a vendor did use the global update on his products. Seems when he used it it updated all products across all vendors. Sigh. So no security breach at least. Will contact CS CART to investigate this.



you can revert meanwhile and do this in db yourselv for vendor untill fix

Do you give your vendors permission to access other vendor's products? If not, it sure sounds llke a critical bug that should be fixed regardless of what version you are running. I'd feel pretty insecure if were one of your vendors and someone else could modify my prices…

Strongly suggest reporting through bug-tracker with “Security Issue” in the title.

Did you come up with a resolution or log a bug on this jp1981?

I've just experienced this exact issue. No vendor can recall issuing a global update…

It seems some of the prices seem to have increased by a different factor. All inventory has also increased by 100.

CS cart 'could not replicate the issue' and advised to 'restore from backup'.

Not really a great response.

All global updates should also be logged. They don't show up as a regular product update, even if you have all logging switched on.

My steps to resolve are likely to be to restore a backup to a local instance, export all products then use the import to load just Product Code, Price, List Price, Vendor and then do a global update to reduce inventory by 100.