finfunder product is not safe I contacted support due to a few problems with the product. They asked me for administrator information and access to help me. I gave them to help me. But later I realized that my payment settings on my site had changed strangely and I was receiving payments to a different wallet. I did not add it, the software is not secure, the support team is not reliable, it may be a backdoor because my payment settings were changed twice. and the author does not explain to me, I will send you different payment screens, please deal with this problem, it is a serious problem. My information has been changed in different ways at different times, as on this screen, and these do not belong to me. I did not set them. My website was infiltrated by someone else. There is a high probability that there is a backdoor or there is a security vulnerability in the system. What should I do in this case? I need help urgently.
As it’s unsure that if you’re website is hacked by someone else or as you claim by the item author, you can contact Envato support:
Believe me, I don’t know what I should do. The support teams do not give me a clear answer and they are not transparent enough. The last answer I received was 1 day ago. Also, Envato support responds very slowly and I spend my life waiting.
Restore the latest backup you have…
Yesterday, I solved the problem, changed all the passwords and added cnaple 2fa, but when I just checked today, the file was changed again at 12.20 today, due to the file named process.blade, and I was sleeping at that time. How is this possible? No one has access to my server except me, and 2FA is active. But the code in the file on my server is changing. How can this happen? I’m very angry and afraid.
Check hosting access logs and you’d see the IP at that time to track who’s accessing your website. Enabling 2fa is not a solution if there’s leak/backdoor on the coding - not specifically but your website may be hacked way before - it’s not good to claim it’s by the item author.
I’m using cpanel, I don’t know much about these things, I searched a little bit but I couldn’t see how I can look, where you asked.
Google “cPanel Access logs” or contact your hosting provider’s support.
These started to happen after I gave administrator access. Besides, my website is new and no one is there. I’m in the process of setting it up, so I don’t think anyone will bother with me, other people, because I don’t have any visitors yet. There is a possibility of a backdoor in the code and I think the developers are more likely to be the culprits.
I looked at the acees log, the directory is empty and show hidden files is on, I also looked at the last login, but today there is no login at the time the file was changed, there are times when I logged in. What does this mean? I have a backdoor. What should I do? I had a virus scan on cpnal, but there is no danger.
Can you please report it to envato? I reported it, but I need more evidence.
I already reported.
What kind of answer do the support teams give you and what kind of explanation do they give? Also, did you experience the problem after sharing the information?
Finfunder all time change the payment gateway code, he set up his own coding gateway.
Can you give me the ticket number you used to contact Envato?
My friend, I want to contact you faster. Can you send me a message via telegram? Telegram ID: (removed by moderator)
i Already reply you, kindly check