Framemarket/Gridmarket cart seems corrupted by malicious asian site - help

Hi, does anyone know if there is outstanding vulnerability in Framemarket/ Gridmarket / Wordpress shopping carts? My shopping cart was activated today via authorize.net and did the handshake with Framemarket, BUT when I go to CHECKOUT upon trial purchase using shopping cart, Chrome browser tells me I'm blocked from proceeding, and that my checkout page is going to a malicious page on a site in Asia. I'm really very upset by this -- my client is freaking out and needs to know what's going on. Any experience with Framemarket being hacked this soon?? I thought it was supposed to be safe and secure, etc. I don't know what to do at this point. Is it possible to fix this? I hope somebody can enlighten me. I'm logjammed and client is apoplectic.
Did I do something wrong? Should I delete the htaccess files? Should I re-install?
Thank you,
BD

    Barbara Davis

    Thanks Patrick and Tom -
    I can see, on the remote server, a folder called access-logs with two recent files called highdesertdiva.com and http://ftp.highdesertdiva.com-ftp_log. Dreamweaver indicates their "type" is COM File and COM-FTP_LOG File, respectively. (Naturally these look to be associated with the website in question.) The contents of these files is pretty dense code that shows my activity, and one seems to have a lot of references to bots and cookies, etc.

    Suggestions now?

    I sound smart(ish) but not that experienced with hacks like this. I have my ISP looking into it also. But as for Marketpress/Gridmarket, any help would be greatly appreciated, as I have to explain somehow to my client today that her Marketpress/Framemarket /Gridmarket shopping cart I thought would be ready today is more or less shot.

    I keep getting a 404 Notfound in Safari upon checkout from Gridmarket, which is when I switched to Chrome, which indicated there was a redirect of my checkout page to what Chrome "thinks" is a malicious Asian website. Once again, sorry to whine -- I am very grateful for ANY help.

    BTW, I'm on an Intel core 2 iMac running OSX 10.6.8. Browsers are up to date, Wordpress is up to date.
    Thanks,
    Barbara

    Barbara Davis

    OK - thanks for bearing with me while I was panicking.

    Followup on my "hacked" site -- My ISP (AHB.ca) found that my site was NOT hacked -- They said I need an SSL to run my Gridmarket shopping cart, which wasn't automatically clear to me when I bought the plugin. They had set up an SSL for another Indonesian website that was incorrectly referencing my site, which is on the same server. The browsers read it as an unsecured site; they apologized for that and fixed THAT part of it right away. I'm still waiting for the SSL to be set up so my Gridmarket works.

    I didn't see any info on getting an SSL in the Framemarket documentation -- but now I know!

    Thanks again,
    Barbara

    aecnu

    Greetings Barbara,

    Thank you for the additional input and we are certainly happy that you were not hacked and that this issue regarding the certificate was a mistake by the host.

    Regarding SSL and Market Press in which this issue is by no means even remotely connected with the Frame Market/Grid Market theme, depends upon the gateway chosen to process good and even Authorize.net has a program where they checkout through their system and an SSL certificate is not required.

    Market Press offers 11 payment gateways and of those 11 the only ones that I am aware of that require an SSL certificate would be two i.e. PayPal Payflow Pro and Authorize.net AIM Checkout

    However those folks using those gateways should know as the gateway providers documentation tells about it:

    Authorize.net AIM:

    AIM allows merchants to host their own secure payment form on a website, mobile device, etc., and send transactions to the payment gateway using an end-to-end secure sockets layer (SSL) connection.

    Reference: http://developer.authorize.net/api/aim/

    PayPal Payflow Pro:

    For merchants using the embedded checkout template with Payflow Link, we also recommend integrating an SSL certificate into the page with the embedded template. This will give your shoppers the added confidence of purchasing on a page with a visible HTTPS: URL. (Note: while the Payflow Link page is secure and protected by the SSL certificate, the HTTPS URL will not be visible to buyers if you are using the embedded template.)

    Reference: https://www.paypal.com/webapps/mpp/payflow-faq#processor

    So in conclusion the PayPal PayFlow Pro does not require an SSL certificate but indeed PayPal recommends one.

    We are indeed delighted to know that your site was not hacked and it was a host error on an obviously shared hosting environment and that no real breach was made of any kind.

    Thank you for being a WPMU Dev Community Member!

    Cheers, Joe