Website Hacks on Aspro: Protection Measures and Recommendations

Cyberattacks on businesses and users continue to intensify. Websites running on various CMS platforms, including Bitrix, are also at risk. In the fall of 2024, numerous publications reported newly discovered vulnerabilities, and technical support requests related to hacks increased significantly.

The situation is repeating now. As a web studio, we notify website owners about the risks of cyberattacks and the importance of timely protection. We explain why this happens and how you can secure your project.

How to prevent a website hack

Vulnerabilities were identified and fixed in updates released in the summer of 2023. The details of the fixes were not disclosed to prevent attackers from exploiting them. These issues are absent in current versions; however, projects running on outdated versions or migrated to new solutions with errors remain vulnerable.

We recommend renewing your license on time and installing updates to avoid security risks.

The following measures were taken:

1. Instructions were created to help owners of outdated solutions fix vulnerabilities.
2. Recommendations on updating projects were published for users of current versions.
3. Notifications were added to the administrative panels of websites.

However, not all website owners receive updates in time, and some do not have the technical or financial ability to apply them immediately. We understand this and offer solutions to protect your website even if updating is not currently possible.

You must fix the vulnerability if your website:

• is running on a version that is no longer supported;
• hasn’t been updated since summer 2023;
• was migrated from an older solution.

Patcher for fixing vulnerabilities

A patcher has been developed that automatically scans the website, identifies vulnerabilities, and fixes them. You only need to download, install, and run it. This allows you to protect your website without editing code, updating the system, or losing custom settings. A detailed guide is available via the button below.

Download patcher

Manual vulnerability removal

If using the patcher is not suitable, the vulnerability can be fixed manually. You can also contact technical support at web@oneit.kz. Owners of an active license can get a free consultation with specialists. Choose your solution and follow the instructions.

Online Stores

• Aspro: Lightshop
• Aspro: Premier
• Aspro: Maximum
• Aspro: Next
• Aspro: Optimus
• Aspro: Market

Corporate Websites

• Aspro: Priority 2.0
• Aspro: Corporate Website 3.0
• Aspro: Corporate Website 2.0
• Aspro: Corporate Website of a Modern Company
• Aspro: Corporate Website

Industry-Specific Websites

• Aspro: Auto Service
• Aspro: Landscape 2.0
• Aspro: Resort 2.0
• Aspro: Kindergarten and Educational Center
• Aspro: Engineering
• Aspro: Construction 2.0
• Aspro: Medical Center 3.0
• Aspro: Digital 2.0
• Aspro: Metal
• Aspro: Tires and Wheels 2.0

Outdated Solutions Without Support

To fix vulnerabilities in older versions, use this universal guide. It works for all solutions and will help improve your website’s security.

• Aspro: Digital
• Aspro: Online Store
• Aspro: Cool Shop
• Aspro: Landscape
• Aspro: Medical Center 2.0
• Aspro: Resort
• Aspro: Construction
• Aspro: Tires and Wheels
• Aspro: Priority

Do not ignore your project's security — fixing vulnerabilities will preserve your website's functionality and protect your data.