BigCommerce - Hosted Ecommerce Software by Interspire

Interspire Forum

 
Go Back   Interspire Forum > Interspire Email Marketer Community Forum > Customization and Integration

Reply
 
Thread Tools Display Modes
  #1  
Old 08-10-2016, 07:22 PM
emergingdzns + emergingdzns is offline
Interspire Customer
 
Join Date: Aug 2016
Posts: 4
Default How to harden EM6?

I just got some random email that normally I would dismiss as just plain old spam, but it was sent to FOUR of my valid email accounts on different servers/domains in one email so clearly whoever it is has breached some installation of IEM somewhere. This is BAD!!!

Here is the content of the email:

Quote:
Hello,

I don't know if you are interested with this.

I have a special exploit for Interspire Email Marketer,
well that means you can login to many IEMs, maybe about 95-99% IEMs is possible.

If you are interested,
please let me know

Thanks and have a great day!

PS:
You can get any leads from any niches
Does anyone know of best practices to secure EM6? Is anyone aware of this exploit and how to patch it?
Reply With Quote
  #2  
Old 08-11-2016, 07:43 PM
jacobspaulsen + jacobspaulsen is offline
Interspire Customer
 
Join Date: Jun 2012
Location: Denver, CO
Posts: 144
Default

This is super alarming... I'm not aware of anything but I hope someone else might have some ideas.
__________________
Jacob S. Paulsen
Interspire Email Marketer Addons
Reply With Quote
  #3  
Old 08-11-2016, 07:51 PM
emergingdzns + emergingdzns is offline
Interspire Customer
 
Join Date: Aug 2016
Posts: 4
Default

Agreed. It is in fact alarming. I narrowed down the one client that had all four of these different email addresses in the lists. I've scrubbed through the installation FTP files and there's nothing there that I can find that would indicate the code was changed in any way, which leads me to believe it's some sort of injection exploit that opens the system up without modifying the code. This is REALLY bad for business! That client has already received complaints that their email addresses were being spammed, but I could verify with absolute certainty that the emails were not originating from our server. We could tell though that they were using the client's list because he has users that have email addresses setup SPECIFICALLY for these emails and nothing else so they've never given those emails out to anyone.

Interspire??? Hello?? Nothing but crickets.....
Reply With Quote
  #4  
Old 08-11-2016, 07:57 PM
jacobspaulsen + jacobspaulsen is offline
Interspire Customer
 
Join Date: Jun 2012
Location: Denver, CO
Posts: 144
Default

Not sure if it would be helpful but if there was a link in that email could you share it? Also the from email address? I no longer pay for IEM support so I can't submit a support ticket on this. Can someone submit a ticket?
__________________
Jacob S. Paulsen
Interspire Email Marketer Addons
Reply With Quote
  #5  
Old 08-11-2016, 08:00 PM
jacobspaulsen + jacobspaulsen is offline
Interspire Customer
 
Join Date: Jun 2012
Location: Denver, CO
Posts: 144
Default

Just found this: https://www.interspire.com/forum/showthread.php?t=20489
__________________
Jacob S. Paulsen
Interspire Email Marketer Addons
Reply With Quote
  #6  
Old 08-11-2016, 08:00 PM
emergingdzns + emergingdzns is offline
Interspire Customer
 
Join Date: Aug 2016
Posts: 4
Default

There was no link in the email. The name on it was "Pitch Adofina" and the address was pitchy1030@gmail.com.

I sent them an email yesterday but still nothing from them.
Reply With Quote
  #7  
Old 08-11-2016, 08:01 PM
emergingdzns + emergingdzns is offline
Interspire Customer
 
Join Date: Aug 2016
Posts: 4
Default

Yeah I've seen that. I've upgraded since they released that version too...
Reply With Quote
  #8  
Old 08-15-2016, 03:48 PM
jacobspaulsen + jacobspaulsen is offline
Interspire Customer
 
Join Date: Jun 2012
Location: Denver, CO
Posts: 144
Default

A little homework and communicating with the hacker produced this:

http://www.iemaddons.com/interspire-...email-marketer

Jacob
__________________
Jacob S. Paulsen
Interspire Email Marketer Addons
Reply With Quote
Reply

Tags
exploit, hack, security

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump