Page 4 of 100 FirstFirst 12345671454 ... LastLast
Results 46 to 60 of 1499
  1. #46
    Join Date
    Jul 2005
    Location
    In the Internets
    Posts
    3,383
    Quote Originally Posted by KMyers View Post
    Do you know if their licensing server was also on a cPanel machine?
    Dunno, all I know is whmcs.com was on a cPanel machine and told Matt that was horrible security It's one thing to have it on a cPanel machine, another thing to have the admin interfaces wide open to the public

    Sad day for WHMCS... Looks like Ubersmith is about to get a lot of new clients.
      0 Not allowed!

  2. #47
    Join Date
    Aug 2003
    Location
    127.0.0.1
    Posts
    273
    Quote Originally Posted by Matt R View Post
    Pretty much. If he was running SSH on 22, he was definitely asking for it...
    Yeah, surprised - and disappointed : https://whmcs.whmcs.com:2087/

    Code:
    21/tcp  open     ftp
    25/tcp  open     smtp
    26/tcp  open     unknown
    53/tcp  open     domain
    80/tcp  open     http
    110/tcp open     pop3
    143/tcp open     imap
    443/tcp open     https
    465/tcp open     smtps
    587/tcp open     submission
    993/tcp open     imaps
    995/tcp open     pop3s
    ... etc
    Last edited by hostvirtual; 05-21-2012 at 11:49 AM. Reason: coffeee
      0 Not allowed!

  3. #48
    Join Date
    Dec 2007
    Location
    Indianapolis, Indiana USA
    Posts
    15,276
    Quote Originally Posted by Nick H View Post
    By the way, I'd recommend everyone start changing all their server logins, WHMCS admin logins, FTP logins, ANYTHING that might have ever been given to WHMCS in the past.... These people now have it.
    A very good point. Any passwords stored in their ticket system are now wholly vulnerable.
      0 Not allowed!

  4. #49
    Join Date
    Jul 2009
    Location
    Atlanta, GA
    Posts
    620
    Quote Originally Posted by hostedas View Post
    It's stil early evening over there - has anyone been able to reach Matt or the team?
    Yes. I've talked with him a bit and he's working on it.
      0 Not allowed!

  5. #50
    Join Date
    May 2009
    Location
    United Kingdom
    Posts
    1,314
    Quote Originally Posted by Nick H View Post
    By the way, I'd recommend everyone start changing all their server logins, WHMCS admin logins, FTP logins, ANYTHING that might have ever been given to WHMCS in the past.... These people now have it.
    Very good advice, already done mine.

    Also if your credit card was stored with WHMCS it's best to monitor or even suspend your card.
      0 Not allowed!

  6. #51
    Join Date
    Mar 2009
    Location
    Miami, Florida
    Posts
    18,871
    Quote Originally Posted by hostedas View Post
    Yeah, surprised - and disappointed : https://whmcs.whmcs.com:2087/

    Code:
    21/tcp  open     ftp
    25/tcp  open     smtp
    26/tcp  open     unknown
    53/tcp  open     domain
    80/tcp  open     http
    110/tcp open     pop3
    143/tcp open     imap
    443/tcp open     https
    465/tcp open     smtps
    587/tcp open     submission
    993/tcp open     imaps
    995/tcp open     pop3s
    ... etc
    Wow... Thats just disappointing.
      0 Not allowed!

  7. #52
    Join Date
    May 2009
    Location
    United Kingdom
    Posts
    1,314
    I'm really surprised that everything was hosted on a cPanel server. I would have thought they'd have no control panel and almost everything disabled.
      0 Not allowed!

  8. #53
    Join Date
    Oct 2010
    Location
    Singapore
    Posts
    143
    Quote Originally Posted by Steven View Post
    Did he really have all those ports open?
    Yes, they have!
      0 Not allowed!

  9. #54
    Join Date
    Jan 2008
    Location
    Montreal, Canada
    Posts
    133
    Quote Originally Posted by zomex View Post
    I'm really surprised that everything was hosted on a cPanel server. I would have thought they'd have no control panel and almost everything disabled.
    First thing to disable is FTP... restrict ports and services. It's sad what is happening to whmcs right now.
      0 Not allowed!

  10. #55
    Join Date
    Mar 2005
    Location
    New York City
    Posts
    2,554
    Quote Originally Posted by KMyers View Post
    Wow... Thats just disappointing.
    For a company that specializes in the hosting industry and deals with security, you would think they would do the most basic of security implementations at minimum.

    I'm really hoping no WHMCS source code was stored on that server. If these guys find exploits, this definitely won't end well. As annoying as it is to have to cancel cards and stuff, it would be no where as annoying as people getting into WHMCS installations due to newly discovered flaws.
      0 Not allowed!

  11. #56
    Hi Guys,

    As you've seen we have unfortunately become the victim of a hack just a little over an hour ago.

    So far early indications are that they were able to compromise my email, and subsequently impersonate myself with HostGator staff. In response to those saying it's an unsecured box, we use a fully managed service from HostGator for our website, in connection with McAfee Secure.

    We'll post more updates as soon as we have them.

    Matt
      0 Not allowed!

  12. #57
    Join Date
    Aug 2003
    Location
    127.0.0.1
    Posts
    273
    Quote Originally Posted by FrankLaszlo View Post
    Yes. I've talked with him a bit and he's working on it.
    Thanks for this - feels better knowing he's on it

    Now just hoping there isn't a broader issue with whmcs or the code/data that was copied from the server that can impact everyone..
      0 Not allowed!

  13. #58

    Video

    Google found me this, which was posted just a few hours ago.

    darksite.in/2012/05/free-download-symlink-whmcs-hacking.html

    The cause of this whole issue?
      0 Not allowed!

  14. #59
    Join Date
    May 2005
    Location
    Kansas City, MO USA
    Posts
    20
    they got owned.....
      0 Not allowed!

  15. #60
    Join Date
    Aug 2003
    Location
    127.0.0.1
    Posts
    273
    Quote Originally Posted by WHMCS-Matt View Post
    Hi Guys,

    As you've seen we have unfortunately become the victim of a hack just a little over an hour ago.

    So far early indications are that they were able to compromise my email, and subsequently impersonate myself with HostGator staff. In response to those saying it's an unsecured box, we use a fully managed service from HostGator for our website, in connection with McAfee Secure.

    We'll post more updates as soon as we have them.

    Matt
    Matt, thanks for jumping in here and providing an update - appreciated. With the site/twitter etc offline I'm sure most of the customer base will be looking to this thread/your posts for updates. We're all anxious about what the exposure here may be.
      0 Not allowed!

Page 4 of 100 FirstFirst 12345671454 ... LastLast

Similar Threads

  1. Servage.NET hacked [MERGED]
    By jic in forum Web Hosting
    Replies: 98
    Last Post: 04-11-2009, 05:08 AM
  2. Another Billing system Hacked Clientexec this time...? [MERGED]
    By rackheat in forum Hosting Security and Technology
    Replies: 14
    Last Post: 01-28-2008, 03:01 AM
  3. Anyone else get hacked just now on SonataWeb's greenday server? [MERGED]
    By tamar in forum Providers and Network Outages and Updates
    Replies: 21
    Last Post: 09-05-2006, 12:02 PM
  4. hotscripts hacked [Merged]
    By case in forum Web Hosting Lounge
    Replies: 54
    Last Post: 03-07-2005, 02:39 AM

Related Posts from theWHIR.com

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •