Question:
Why are hackers attempting to hack an E-Commerce website?
Answer:
They’re bored. ( Or they’re attempting to steal user information ( usernames, passwords, emails, etc. ) which they use for social engineering attacks explained below.
Scenerio:
- Apache / PHP Server
- WordPress – Core CMS
- WooCommerce – Plugin
- Gravity Forms – Plugin
- WordFence – Plugin
Imagine playing chess – Every move opens your king up to an attack. So you have to move carefully when dealing with an attack.
—————————-
The attacker first tried with an SQL injection and failed.
(WordFence Block Attempt)
The attacker will keep going to simulate DDOS effect.
Which they are hoping errors out or slows down the server.
Buy our SQL fix for $5. ( No refunds ( actual code is involved) we wont know if you actually deleted it or not) When you purchase the fix you agree to the terms of no refund.
Buy Now: $5.00 USD – Support ( https://shipwr3ck.com/contact-us/)
After that, they tried to exploit a file upload input used in a form to insert a shell.php(backdoor)
And the most common .php shell is https://tinyfilemanager.github.io
(WordFence Blocked Attempt)
If that fails they try social engineering.( Emailing the Business) – they know the business wants to make the customer happy so they expect us to open up the gate.
If you want to find out more feel free to reach out to us.