X-Cart, an e-commerce store building software, has disclosed a ransomware attack on its infrastructure, which led to a few of its customers’ stores’ downtime.

The ransomware attacker behind this attack wasn’t named, as Seller Labs, owner of X-Cart, said they haven’t reached out to any operator since there’s no way mentioned. Also, they had restored from the backups to run back their stores up.

X-Cart Disclosed Ransomware Attack



X-Cart is a fairly known platform in the e-commerce industry, where individuals or small businesses can download their software to craft their own store. It’s more of a Content Management System (CMS), which lets others create their own stores and host for them.

Thus, an attack on its infrastructure means hitting all the stores hosted on its servers. This happened in late October this year, where a ransomware group was said to have attacked the X-Cart servers, which impacted a small group of customers stores eventually. It’s said that the perpetrators have exploited a bug in third-party software to intrude into X-Cart’s store hosting systems.

And in a reply email to ZDNet, Jeff Cohen, Marketing VP of Seller Labs, owner of X-Cart said,

We have identified what we believed to have been the vulnerability but do not wish to disclose the name until it’s confirmed by our security firm.

Further, he revealed that only a small group of servers were attacked, affecting only a few stores running on them.

Reports from customers tell that some had problems sending email alerts, while others had their store completely down.

Cohen further assured that no core systems were impacted, and they had restored all the affected stores to bring up running now. This attracted some customers to form as a group and launch a campaign for filing a lawsuit on X-Cart.

Related Articles


Please enter your comment!
Please enter your name here