PrestaShop Malware Issues

PrestaShop modules and addons security invertus

PrestaShop malware issues. Attackers use a vulnerability in a widespread dependency used by modules to take control of PrestaShop sites. Last week we were informed of a safety issue affecting most versions of PrestaShop. Like any process of solving safety problems, it takes time to gather all information from our current clients, but now we are happy to share with you all the necessary steps that could be taken to avoid any problems in the future. Although the security issues mainly affect the latest 1.7 versions of PrestaShop, all versions might be concerned.

The security of online shops is our top priority and we're doing our best to help PrestaShop merchants to solve these issues.

Several PrestaShop modules have already been identified as vulnerable

  • Click Upgrade (autoupgrade): versions 4.0 beta and later
  • Cart Abandonment Pro (pscartabandonmentpro): versions 2.0.1~2.0.2
  • Faceted Search (ps_facetedsearch): versions 2.2.1~3.0.0
  • Merchant Expertise (gamification): versions 2.1.0 and later
  • PrestaShop Checkout (ps_checkout): versions 1.0.8~1.0.

What does it mean to your business? 

Failure to review and fix it will allow hackers to reach your server, see and/or delete data from your eShop.

Protect your PrestaShop website!

If you want to have a professional look into your online store to see if it has been affected by the malware write us a message.

How to protect your online store? 

The security of online shops is our top priority and we’re doing our best to help PrestaShop merchants to solve these issues. Here are the two main steps that we recommend to follow if your eShop might have been affected: 

Step 1# Initial security investigation

Our experienced developer will investigate your online store to check if there are any security gaps. After the investigation is finished, our team will inform you about any malware files your online store might have.

Step 2# Complete security audit. Phase I (Only possible if your shop has a back-up file).

If your eShop was compromised, during the audit certified PrestaShop developers will perform a code analysis depending on the store’s backup file. This process will help us to identify the extent of the security issue. 

Step 3# Complete security audit. Phase II

Depending on the extent of the eShop damage, we will continue the investigation and provide you with the final report with solutions for successful online store operation shortly.

It is essential to understand that security issues shouldn’t be taken lightly, and it’s vital to act soon.