Page 5 of 5 FirstFirst ... 2345
Results 101 to 118 of 118
  1. #101
    Quote Originally Posted by FrankLaszlo View Post
    How are you, as a customer, aware of what is stored in the database? I can understand that you would know if you had a credit card on file with them, but whose to say they didnt have other information stored in there? Going on their word? You sound like you're speaking it as fact, rather than heresay. Makes some people question whether you're an actual client or just another staff member.

    No we are not a staff member I can assure you of that. Visit our website, call into our office, call our office we are not in India... We started off offering support when we read this initially as personally have had no issues with this company. We have built up a good relationship with the techs who work for us.

    Reading some of the replies from We3 have caused concern I do admit that especially as the thread gets longer my mouth has been wide open when I read some of the replies. It is mega bad PR for them and will no doubt cause a lot of harm in the future.

    I think this thread should be renamed 'How not to handle a situation when your website gets compromised' - there have been far too many replies made that have not been well thought out in my view here.
      0 Not allowed!

  2. #102
    Quote Originally Posted by hosting_we3cares View Post
    So this hack is not going to affect me and my customers anyway.
    Wow!!!!
    Confidence or arrogance?.
    Last edited by CoolDavid; 06-04-2012 at 07:35 PM.
      0 Not allowed!

  3. #103
    Join Date
    Mar 2009
    Location
    Miami, Florida
    Posts
    20,777
    Quote Originally Posted by bigwetfish View Post
    I think this thread should be renamed 'How not to handle a situation when your website gets compromised' - there have been far too many replies made that have not been well thought out in my view here.
    I would tend to agree with you but the problem is that We3cares is a company who people hire to do this sort of work.
      0 Not allowed!

  4. #104
    Quote Originally Posted by bigwetfish View Post
    Reading some of the replies from We3 have caused concern I do admit that especially as the thread gets longer my mouth has been wide open when I read some of the replies. It is mega bad PR for them and will no doubt cause a lot of harm in the future.
    This is exactly what I'm trying to say. Instead of doing damage control he just makes things worse and worse. I'm sure the end of this thread is no where in sight yet.
      0 Not allowed!

  5. #105
    Join Date
    Jun 2011
    Location
    Buffalo, NY
    Posts
    3,849
    Quote Originally Posted by Steven View Post
    All I have to say is, if they are this 'chill' about this issue, I hate to see the condition of their customers servers.
    I agree, there is a chance that customer information can be leaked as others said before, and they seem to be taking this situation VERY lightly.
      0 Not allowed!

  6. #106
    Join Date
    Mar 2003
    Location
    /root
    Posts
    23,991
    Quote Originally Posted by hosting_we3cares View Post
    [01/Jun/2012:13:10:43 -0400] "GET /whmcs/templates/galaukarenacuacatidakmenentu.php? HTTP/1.1" 200 4304 "http://www.wecares.com/whmcs/templates/galaukarenacuacatidakmenentu.php?act=f&f=index.html&ft=edit&d=/home/we3cares/public_html" "Mozilla/5.0 (Windows NT 6.1; rv:12.0) Gecko/20100101 Firefox/12.0"
    27.124.94.14

    Make sure you do not just delete or patch whmcs but you also need to check the uploaded file that can be used to upload or delete a file in your account.

    It is not just WHMCS specific. They can also deface word press script.
      0 Not allowed!

  7. #107
    Join Date
    Mar 2009
    Location
    Miami, Florida
    Posts
    20,777
    Quote Originally Posted by net View Post
    Make sure you do not just delete or patch whmcs but you also need to check the uploaded file that can be used to upload or delete a file in your account.

    It is not just WHMCS specific. They can also deface word press script.
    It appears the uploaded file is a PHP file manager as long as the attacker knows the path, they can edit any file. You should check the last modified date of ALL files to ensure the attacker did not place any backdoors on the web service. Keep in mind, these files can also use legitimate names like index.php for functions.php so dont look for obvious hack.php files.
      0 Not allowed!

  8. #108
    Join Date
    Jun 2011
    Posts
    76
    just curious about why anyone would hack we3cares. They are not that famous (based on alexa.com they are only a couple of hundred visitors a day at the max). maybe we3cares can elaborate on the potential intention of the hacker a bit?
      0 Not allowed!

  9. #109
    Join Date
    Nov 2009
    Location
    Auckland
    Posts
    461
    Quote Originally Posted by dkent View Post
    just curious about why anyone would hack we3cares. They are not that famous (based on alexa.com they are only a couple of hundred visitors a day at the max). maybe we3cares can elaborate on the potential intention of the hacker a bit?
    Indeed, they're not.
    But have you heard of Google Dork? Where script kiddies go to Google and search for that certain pattern which is vulnerable. That could be or I could be wrong.
      0 Not allowed!

  10. #110
    Join Date
    Jun 2011
    Posts
    76
    Quote Originally Posted by dkent View Post
    Indeed, they're not.
    But have you heard of Google Dork? Where script kiddies go to Google and search for that certain pattern which is vulnerable. That could be or I could be wrong.
    ya it's possible but is unlikely. The fact that the attacker picked a security-related site to hack seems to be too coincidental to be considered a random act. There is likely a motive behind it.
      0 Not allowed!

  11. #111
    Join Date
    Sep 2011
    Location
    Ontario, Canada
    Posts
    103
    Just finished reading through most of this thread. Hmm, is it just me or does we3cares have a bit of a problem with English grammar? This may explain the hate for outsources support

    To everyone affected by the hack, I hope your data is safe and you are getting everything that you paid for They seem very confident.
      0 Not allowed!

  12. #112
    Join Date
    Mar 2009
    Location
    Miami, Florida
    Posts
    20,777
    Quote Originally Posted by Eric1212 View Post
    Just finished reading through most of this thread. Hmm, is it just me or does we3cares have a bit of a problem with English grammar?
    This is a risk when you outsource support to another country. There can be Language, Dialect, Accent and Cultural Differences. Grammar in some cases is subjective based on country
      0 Not allowed!

  13. #113
    Join Date
    Feb 2010
    Location
    Atlanta, GA
    Posts
    173
    Quote Originally Posted by Erawan Arif Nugroho View Post
    Oh my. I just realize the words, in the hacked page
    It's someone using javaneese, maybe someone from Indonesia.
    I wonder why they do this
    You are correct, they are Indonesian.

    http://medancyberteam.web.id/forum/index.php

    Why do they do it? They just want to get noticed in hopes that some big American company will give them a job. Most of them just want to make enough money to buy a simple motorcycle.

    BTW your site also made the http://indonesiandefacer.org/ top list!


    and the real face behind a defacer http://www.facebook.com/adeg7zip
    Last edited by Atlas Global; 06-22-2012 at 09:09 PM.
      0 Not allowed!

  14. #114
    Wow, this is crazy! I just saw this and couldn't believe it.
    So let me see if I get this right, a server management company that promises to secure other peoples servers gets their own server hacked??
    then they say it's because they don't let their own techs access their own servers?? then they say they don't owe anyone an explanation as to what happened??

    All I can say is LMAO. This is the best one I have seen yet!

    I would never trust them with securing my server if they can't even secure their own, and if they don't want their own techs accessing their own servers, then I surely wouldn't want them accessing my server!
      0 Not allowed!

  15. #115
    Join Date
    Aug 2008
    Location
    Right behind you.
    Posts
    410

    reply

    Hello,

    None of my original customers have complained so far in this thread which says every one are safe.

    I already explained that our own site is maintained by me (for sales reason). The hack happened even after applying the WHMCS patch. So things were beyond me. My techs worked on the server and it is perfectly secured now. There was no hacking attempt after they worked in my server.

    I suspect that a group of people is behind this thread and they keep on bringing this old thread to the top.

    This has been done deliberately, as every one can see that this thread has been replied once in every week.

    I would request Mods to close this thread as there was enough discussion made on this.

    All I can say, none of my customers has left we3cares. This message could be a sad news for the group which is behind this deliberate attempt.
      0 Not allowed!

  16. #116
    Join Date
    Nov 2009
    Location
    Auckland
    Posts
    461
    Even before, when this was still a new incident, you've been very confident with your systems.

    I already explained that our own site is maintained by me (for sales reason). The hack happened even after applying the WHMCS patch. So things were beyond me. My techs worked on the server and it is perfectly secured now. There was no hacking attempt after they worked in my server.
    Still you're confident that much. Wow. I really hope it won't happen again, otherwise I'll be laughing on your messages.
      0 Not allowed!

  17. #117
    Join Date
    Mar 2010
    Posts
    4,533
    Quote Originally Posted by BillySharp View Post
    Wow, this is crazy! I just saw this and couldn't believe it.
    So let me see if I get this right, a server management company that promises to secure other peoples servers gets their own server hacked??
    then they say it's because they don't let their own techs access their own servers??

    That's actually a good point too, if the sales member couldn't trust a single tech with keeping the server secure, why should be trust them getting root to our servers?


    Though it seems the thread as gone on long enough, everyone seems to have expressed their opinion good or bad and we3cares doesn't think anything bad happened as the result of this so lets let the thread die
    Last edited by techjr; 07-26-2012 at 12:37 AM.
      0 Not allowed!

  18. #118
    Join Date
    Jul 2002
    Location
    Victoria, Australia
    Posts
    36,941
    Quote Originally Posted by techjr View Post
    lets let the thread die
    Good idea!
      0 Not allowed!

Page 5 of 5 FirstFirst ... 2345

Similar Threads

  1. Thanks We3cares.com
    By Vatu in forum Managed Hosting and Services
    Replies: 8
    Last Post: 11-14-2009, 12:04 PM
  2. We3Cares?
    By IPswing-Sarwar in forum Managed Hosting and Services
    Replies: 9
    Last Post: 06-19-2009, 05:14 PM
  3. We3Cares Review
    By redham in forum Managed Hosting and Services
    Replies: 8
    Last Post: 05-19-2009, 06:05 AM
  4. Review: We3Cares
    By GamesLinux in forum Managed Hosting and Services
    Replies: 10
    Last Post: 04-04-2009, 06:28 AM
  5. We3cares.com
    By HL90 in forum Managed Hosting and Services
    Replies: 8
    Last Post: 11-17-2008, 11:06 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •