[Vtigercrm-developers] Block vtigersupport.com from your servers and other security checks

[Simone Travaglini]

Hi nilay, thanks for this update. We will check.

Il giorno mar 11 giu 2019 alle ore 18:29 nilay khatri <
nilay.spartan at gmail.com> ha scritto:

> I am not sure how many service providers have been affected from a hacking
> attack.
>
> But there is some one notorious who is targeting Vtiger Open Source
> installations.
>
> We have received requests from over 250 Vtiger Open Source users to check
> the installations, as they have been compromised and it presents a yellow
> Screen with some sort of message.
>
> One common thing which we have observed is that the attacker modifies the
> Login action and adds code to send user's login information to
> vtigersupport.com .
>
> We have informed Vtiger team as well about this and request the whole
> community to have a check on the CRM installations done by them and to set
> up rule to block any network traffic to vtigersupport.com.
>
> Also look for the following:
>
> 1. if there is any occurrence of VGS Document Manager module, if you have
> not installed it explicitly. Make sure if you have installed it, the file
> permissions are good so that users can not explore any files on server
> which they are not supposed to. (No hard feelings, VGS/Maggi)
>
> 2. Check for any malicious file in WSAPP, SMSNotifer modules directory and
> language folders
>
> If possible and not required, disable the option to import zip files form
> Module Manager
>
> We will be sharing more information on this soon and also with a security
> update.
>
> -Nilay
> _______________________________________________
> http://www.vtiger.com/



-- 
Simone Travaglini
328 5499846
Linkedin: Simone Travaglini


Rispetta l'ambiente: non stampare questa mail se non ti è veramente
necessario!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20190612/8363234a/attachment.html>