We have been monitoring increased hacker activities over the past 24-48 hours, which were aimed at compromising Volusion stores. In order to best protect your business, here is some information you need to know about these attempted attacks:
What do the attackers want?
These attacks are aimed at gaining unauthorized access to an administrator account on your store.
How do they get an account to attack?
The attackers try to guess or obtain your administrator email address from contact pages (such as <your-store-domain>/aboutus.asp). Any account that is linked to your store could be used in this attack.
What kind of attacks were they?
The attackers use what is called a “brute force attack” to try and obtain access to a store account. You can learn more about brute force attacks here. Essentially, they use tools to automate hundreds (sometimes thousands) of multiple login attempts with a list of common passwords. They are hoping one of these “guesses” will be correct and allow them access to your account.
Since Volusion has an account lockout policy in place for administrative accounts, when the attack causes an account to fail to login multiple times, the account will be locked out and you will receive an email notifying you of the lockout.
Is there anything else I need to know?
In addition the attackers may create several shopper accounts using legitimate looking usernames such as:
Be aware that the attackers may try to trick you into granting admin access to these accounts.
What can I do?
We highly recommend taking the following steps to protect your store from these and other attacks:
- Ensure that all store admin accounts are protected with a strong password. (You can find some great tips for this here.)
- Ensure that any FTP accounts you may have are also protected with a strong password.
- Review your store for recent shopper accounts that look suspicious.
- Delete or disable all administrator accounts you no longer need or use.