[hglu]

I just noticed that on my page footer where the copyright information is someone inserted a link to another company. It says link added by "VigLink" I did not put this there and it was not there a few days ago. It links to a competitors web site.
I have no idea how it got there or who put it there. I did notice that my customer email addresses under orders was layout different than normal.

Does anyone have any ideas about this.
How would I remove this link?

[imran_m]

Is CS CART really that easy to hack?
i had my cs cart hacked a few years back and i gave up for 1 year..decided to come back now to see how it goes but it seems like cs cart ins't safe.. you sure you didn't give access to someone or your computer might be hacked?

[tbirnseth]

the vast majority of "hacks" into cs-cart are the result of poor site-management rather than cs-cart itself. A "hack" gains entry via a variety of methods. Once there, it can usually read/write as it needs to in order to modify files to suit it's needs. Most "hacks" just try to insert randomly into sites. Then once there, they try to figure out what is there and adjust their hacks to the application(s) that are resident.

Rarely is the actual entry via cs-cart. In my experience, the most common entry points are:

• Someone handed out temporary FTP access (or other site access) and never changed the password after the work was complete
• Admin accounts where the user is no longer employed by the company but account remains active.
• Wordpress or similar common 3rd party application in the same account (document root) as cs-cart.
• Not monitoring file changes to your site so if you are penetrated from a new threat, you know it.

Template modifications are rare. These are usually done by admin accounts. More commonly, php code is inserted into common files like init.php or others but this can't usually be done from the admin panel so another type of intrusion has occurred. The trick is finding it.

[hglu]

I removed a couple addons ( I don't think they were the problem) but the link disappeared. Very strange. I can not figure out how the link got there and how it disappeared. I think the VIGLINK website needs an API key to work. Does Searchanize use this service?
Hopefully the problem is gone. Thanks for the help.

[tbirnseth]

Would require a detailed investigation of your site.

[flasher]

Cs cart is very secure it is more then likely your server or if shared another on server is prowling at all the accounts ftp is common