Recently, there have been several attacks caused by a security flaw in few Prestashop modules. Here is the list:
I recommend avoiding these modules or check with their author if they can provide security fix.
The following core files are usually modified:
- controllers / admin / AdminLoginController.php
- classes / Customer.php
- classes / Employee.php
- controllers / front / AuthController.php
The modification cause that password of the user account is sent away via Telegram API.