Yes sir! but you might wanna make sure and wait for someone else to confirm this as I am not confident. Better yet, why don't you email the Verisign guys because they can help better...
Someone keeps on changing the email address from the admin section?.
If this is correct any idea how they are getting in?..
I really dont think that it is being done through the admin panel because we have changed all the logins numerous times and if it was I'm sure he would be getting up to more michevious crimes than that..
The hacker was a customer who signed up to our site. He requested a payment to Indonesion orphans then started changing the IPN..
At first it as to a non existant Paypal Email but now he is doing it ot an account that is taking the money for orders. We are literally having to check back every 5 minutes to see if he has changed it. He normally does it around 3am Uk time which is not ideal!.
We have reason to believe he is somehow accessing it through the checkout, although this may not be true...
Dont see how he can, more likely he has hacked into your site, might be worth changing your database names also, sounds serious..
Hard to say with out looking, check for any files you do not recognise..
What is your URL?.
To be honest none of this is my skill!.
Im just trying to piece together some info that I can fire at the Verisign hosting company to look into it rather than 'no, you must have a virus because we are secure'...
If this story is worth more than a pinch of salt and you are losing money, then I can't see why you have not (in addition to some suggestion above):.
1. reported it to paypal;.
2. hired someone who knows this business to look into it;.
3. hardcoded the email address (ID) in the paypal module;.
4. considered changing host to one that takes security seriously..
Iv been asked by a friend to have a look at his oscommerce Verisign site as he has a paypal module installed, the problem being the IPN address keeps being changed to a hacker..
Im fairly new to oscommerce so thought id ask if any of you guys have had this happen and how to go about stopping it..
Iv emailed his Verisign hosting company, and basically recieved a rather short reply of 'its not us it's you'. - Helpful I know..
So I throw it open to your superior wisdom!..
Ive had exactly the same problem and exactly the same response! if anyone could shed any light I would be most appreciative, if thats a word!..