Newsletter 9-30-2015: Important Security Bulletin

Last Updated: Oct 08, 2015 12:04PM EDT
Attention ProductCart Merchants – All Versions – Important Security Bulletin
As you may already be aware, ProductCart has recently been targeted by a group of malicious hackers. These hackers appear to be based off-shore and are targeting credit card information; their attacks are typically designed to avoid detection. Since the time one of our NetSource network administrators first discovered the attack, our entire team has been working diligently to stay ahead of the hackers. We released our first security patch on July 31, 2015 shortly after our discovery of the breach. That patch was specifically designed to stop the initial attack as quickly as possible and prevent new stores from being breached. We continued to perform forensics on the attacks and then released a more comprehensive patch on August 20, 2015. The hackers, unfortunately, are relentless and continue to wage attacks on the ProductCart source code. Our data shows the hackers scanning the software 'page by page' using brute force techniques to test every input field for potential vulnerabilities. 

This email is to inform ProductCart merchants of a new threat that has been detected and the actions we’ve taken.  The extent of this attack depends entirely on which patches you have installed thus far and which of our recommendations you have implemented. For example, if you have already installed the August 20th patch with all of our recommended security tips, then the hacker’s ability to gather sensitive data is drastically reduced, if not entirely prevented. So it is imperative that you read the linked article carefully, apply the necessary patches, and implement all recommended security procedures.

As ProductCart grows, and high profile businesses adopt the software, we'll continue to be a target. The reality is that hackers are an incredibly intelligent group that has proven capable of penetrating some of the most secure systems in the world, so while we can't promise you that this patch will be the final patch ever, we can promise you that we are working hard to keep ProductCart updated and secure.

When new threats are discovered, we will react swiftly and provide you with the necessary information.  That is why we have developed, and included within this patch, a new feature named ProductCart Defender.  ProductCart Defender works by sending your store automatic security definition updates, similar to how your anti-virus software works.  Our hope is that this feature allows us to stay one step ahead of the hackers, while simultaneously eliminating the need for you to install complicated patches. 

Please click through to read more about ProductCart Defender and the latest security patch.


  • Support Forums
  • Video Tutorials
  • Support Request
  • Support Policy
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
Invalid characters found