Results 1 to 29 of 29
  1. #1
    Join Date
    Nov 2013
    Location
    Mangalore
    Posts
    14

    Photon VPS HACKED

    Hi Friends ,

    I have domain and some VPS Accout on This service Provider. Now the Main site shows "ITS HACKED " and all my data and domains are not working.

    The data that i save is fully confidential and customers identities, What i can do now? How the Photon VPS can save the data and the doamin information

    Please help any one !
      0 Not allowed!

  2. #2
    Quote Originally Posted by abhijo89 View Post
    Now the Main site shows "ITS HACKED " and all my data and domains are not working.
    Do you mean your main website is hacked? If your website is hacked you will have to restore the data from backup. Also, if you will have to fix the possible security breach otherwise you will be hacked again after restoring data.

    If you have managed services with your provider, you can contact them to investigate this further.
    || Web Hosting Blog - Web Hosting security & latest web hosting industry Announcements
    || Web Hosting Discussion - A Web Hosting community
      0 Not allowed!

  3. #3
    Join Date
    Jun 2011
    Posts
    2,286
    Is your VPS managed or unmanaged? If managed, contact PhotonVPS and they should be able to assist you.

    Depending on the extent of the intrusion, you may need to perform an OS reload. If you don't have much data, that would be the best way forward in any case.
      0 Not allowed!

  4. #4
    Join Date
    Nov 2013
    Location
    Mangalore
    Posts
    14

    "photonvps.com" Provider Server got hacked

    Quote Originally Posted by Kailash12 View Post
    Do you mean your main website is hacked?
    No The "photonvps.com" Provider Server got hacked and if you visit this "photonvps.com" you will get the messages says "IT HACKED " .
      0 Not allowed!

  5. #5
    Join Date
    Dec 2007
    Location
    LocalHost
    Posts
    1,303
    Try contacting PhotonVPS and ask them to restore your VPS is they have any backup. But you need to perform certain security steps to make sure its not hacked again.
    YagHost - Pure SSD Hosting | Since 2007 | Average Response Time: 15 min
    Web Hosting | Reseller Hosting | Managed VPS Hosting
    99.9% Server Uptime Guarantee | 24/7 Rapid Response Tech Support | 30 Day Money Back Guarantee
    LopHost.com - Web Hosting Tutorials
      0 Not allowed!

  6. #6
    Join Date
    Jun 2011
    Posts
    2,286
    Loads fine for me. No message that says hacked or anything of the kind

    Quote Originally Posted by abhijo89 View Post
    No The "photonvps.com" Provider Server got hacked and if you visit this "photonvps.com" you will get the messages says "IT HACKED " .
      0 Not allowed!

  7. #7
    Join Date
    Nov 2013
    Location
    Mangalore
    Posts
    14

    they are not responding for the Email

    Quote Originally Posted by Ethernet Servers View Post
    contact PhotonVPS and they should be able to assist you.
    I cant able to contact them and they are not active now in facebook fanpage and twitter. As we know the Photon VPS is hacked ,they are not responding for the Email also
      0 Not allowed!

  8. #8
    Join Date
    Jun 2011
    Posts
    2,286
    Are you sure it's not your PC that's infected? You say their site is defaced but it loads absolutely fine for me. Screenshot: http://puu.sh/5vExY.jpg
      0 Not allowed!

  9. #9
    Join Date
    Nov 2013
    Location
    Mangalore
    Posts
    14

    can you try in browser private mode

    Quote Originally Posted by ethernet servers View Post
    loads fine for me. No message that says hacked or anything of the kind
    can you try in browser private mode ?? , you have cache file may be
      0 Not allowed!

  10. #10
    Join Date
    Dec 2007
    Location
    LocalHost
    Posts
    1,303
    photonvps.com loads fine at my end.
    @OP, check photonvps.com through any proxy site.
    YagHost - Pure SSD Hosting | Since 2007 | Average Response Time: 15 min
    Web Hosting | Reseller Hosting | Managed VPS Hosting
    99.9% Server Uptime Guarantee | 24/7 Rapid Response Tech Support | 30 Day Money Back Guarantee
    LopHost.com - Web Hosting Tutorials
      0 Not allowed!

  11. #11
    Join Date
    Jun 2011
    Posts
    2,286
    I've never visited their site before. It's not cached. I just tried on my VPN as well as my office IP and 2 different devices.

    Perhaps they were hacked, cleaned it up and now you're seeing a cached version?

    Quote Originally Posted by abhijo89 View Post
    can you try in browser private mode ?? , you have cache file may be
      0 Not allowed!

  12. #12
    Join Date
    Jun 2003
    Location
    Los Angeles, CA
    Posts
    1,512
    There was a brief compromise of our domain registrar, Enom, in where an intruder gained access and changed the DNS to point to their own servers with a defaced version of our various websites. The intrusion and security risk was limited at the registrar level. Customer data is safe, nothing to worry about on that front. We have regained control of the domains and have repointed them to our company servers.
    Psychz Networks - Dedicated Servers, Co-location | GigePipe - High Bandwidth Servers | PhotonVPS - SSD Cloud
    True Layer 7 DDoS Mitigation | BGP Optimized by Noction Intelligent Routing | Asia-Pacific Low Latency Routes
    Los Angeles, CA (US West) | Dallas, TX (US East) | Ashburn, VA (US East)
      0 Not allowed!

  13. #13
    Join Date
    Jan 2003
    Location
    Canada
    Posts
    4,845
    They were.

    http://vpsboard.com/topic/2757-psych...om-got-hacked/

    It's possible they've already restored a backup but there was already some tweets of users reporting input/output issues on their VM's, making it sound like their storage disappeared.

    Francisco
      0 Not allowed!

  14. #14
    Join Date
    Jun 2003
    Location
    Los Angeles, CA
    Posts
    1,512
    Quote Originally Posted by DeltaAnime View Post
    They were.

    http://vpsboard.com/topic/2757-psych...om-got-hacked/

    It's possible they've already restored a backup but there was already some tweets of users reporting input/output issues on their VM's, making it sound like their storage disappeared.

    Francisco
    Only the DNS was changed, no data was compromised.

    I'm not aware of any IO issues at this time, if you see some posted please let me know!
    Psychz Networks - Dedicated Servers, Co-location | GigePipe - High Bandwidth Servers | PhotonVPS - SSD Cloud
    True Layer 7 DDoS Mitigation | BGP Optimized by Noction Intelligent Routing | Asia-Pacific Low Latency Routes
    Los Angeles, CA (US West) | Dallas, TX (US East) | Ashburn, VA (US East)
      0 Not allowed!

  15. #15
    Join Date
    Jan 2003
    Location
    Canada
    Posts
    4,845
    Quote Originally Posted by Profuse-Jimmy View Post
    Only the DNS was changed, no data was compromised.
    Sounds like ENOM needs 2 factor auth then

    Francisco
      1 Not allowed!

  16. #16
    Join Date
    Dec 2010
    Location
    Thailand
    Posts
    40
      0 Not allowed!

  17. #17
    Join Date
    Jun 2003
    Location
    Los Angeles, CA
    Posts
    1,512
    Quote Originally Posted by Tanut007 View Post
    DNS change or you server hacked Jimmy ?
    DNS change.
    Psychz Networks - Dedicated Servers, Co-location | GigePipe - High Bandwidth Servers | PhotonVPS - SSD Cloud
    True Layer 7 DDoS Mitigation | BGP Optimized by Noction Intelligent Routing | Asia-Pacific Low Latency Routes
    Los Angeles, CA (US West) | Dallas, TX (US East) | Ashburn, VA (US East)
      0 Not allowed!

  18. #18
    I can confirm its a dns change, I'm seeing UK ip address in the dafaced pages.
      0 Not allowed!

  19. #19
    Join Date
    Nov 2013
    Location
    Mangalore
    Posts
    14
    Quote Originally Posted by Profuse-Jimmy View Post
    DNS change.
    can you look into eccron.com , still it pointed to

    ns1.ethicalspectrum.com. ['91.227.221.213'] [TTL=172800]
    ns2.ethicalspectrum.com. ['91.227.221.213'] [TTL=172800]

    and they removed NS records 14 hours ago. What do you say about this ???
    Last edited by abhijo89; 11-28-2013 at 08:50 AM. Reason: typo
      0 Not allowed!

  20. #20
    Join Date
    Nov 2013
    Location
    Mangalore
    Posts
    14

    'Photon VPS' STILL NOT RECOVERED FROM THE HACKING

    If you check 'http://who.is/whois/photonvps.com' it shows NS information as :

    ns1.ethicalspectrum.com
    ns2.ethicalspectrum.com

    Its is the best Example of the bad service , If they cant recover how they can say "WE RECOVERED ALL DNS ISSUE "
      0 Not allowed!

  21. #21
    Join Date
    Jun 2003
    Location
    Los Angeles, CA
    Posts
    1,512
    Quote Originally Posted by abhijo89 View Post
    can you look into eccron.com , still it pointed to

    ns1.ethicalspectrum.com. ['91.227.221.213'] [TTL=172800]
    ns2.ethicalspectrum.com. ['91.227.221.213'] [TTL=172800]

    and they removed NS records 14 hours ago. What do you say about this ???
    http://www.intodns.com/eccron.com
    Psychz Networks - Dedicated Servers, Co-location | GigePipe - High Bandwidth Servers | PhotonVPS - SSD Cloud
    True Layer 7 DDoS Mitigation | BGP Optimized by Noction Intelligent Routing | Asia-Pacific Low Latency Routes
    Los Angeles, CA (US West) | Dallas, TX (US East) | Ashburn, VA (US East)
      0 Not allowed!

  22. #22
    Join Date
    Nov 2013
    Location
    Mangalore
    Posts
    14
    Quote Originally Posted by profuse-jimmy View Post

    where is my ns record information ????? What are you trying to say ?... This is a public post so every one can c this . One day got over ... Will you pay for my lose ????


    Jim, we paid in google and fb for ads .... Check the ticket #543498 find the attached copy , i did some red mark there. Answer for that
    then you talk .
      0 Not allowed!

  23. #23
    Join Date
    Jun 2003
    Location
    Los Angeles, CA
    Posts
    1,512
    Quote Originally Posted by abhijo89 View Post
    where is my ns record information ????? What are you trying to say ?... This is a public post so every one can c this . One day got over ... Will you pay for my lose ????


    Jim, we paid in google and fb for ads .... Check the ticket #543498 find the attached copy , i did some red mark there. Answer for that
    then you talk .
    You'll need to contact our support desk for assistance as this isn't our support desk.
    Psychz Networks - Dedicated Servers, Co-location | GigePipe - High Bandwidth Servers | PhotonVPS - SSD Cloud
    True Layer 7 DDoS Mitigation | BGP Optimized by Noction Intelligent Routing | Asia-Pacific Low Latency Routes
    Los Angeles, CA (US West) | Dallas, TX (US East) | Ashburn, VA (US East)
      0 Not allowed!

  24. #24
    Join Date
    Nov 2013
    Location
    Mangalore
    Posts
    14
    Quote Originally Posted by Profuse-Jimmy View Post
    You'll need to contact our support desk for assistance as this isn't our support desk.
    Reported on Last day only Jim.
      0 Not allowed!

  25. #25
    Join Date
    Nov 2013
    Location
    Mangalore
    Posts
    14

    Attached Who.is lookup record

    Proof !!! of the NS Updated happened on 28 Nov 2013 (Hacked ).
    Attached Thumbnails Attached Thumbnails Eccron.com Domain History   Who.is   Who.is.png  
      0 Not allowed!

  26. #26
    Join Date
    Jul 2012
    Posts
    30
    Try another host ?
      0 Not allowed!

  27. #27
    Join Date
    Nov 2013
    Location
    Mangalore
    Posts
    14
    Quote Originally Posted by Profuse-Jimmy View Post
    You'll need to contact our support desk for assistance as this isn't our support desk.
    Quote Originally Posted by HD_Chris View Post
    Try another host ?
    First i need the domain ri8 then only we can go for other host ,

    I can't able to get EPP Code now.
    Attached Thumbnails Attached Thumbnails Client Area   PhotonVPS.png  
    Last edited by abhijo89; 11-29-2013 at 01:37 AM. Reason: EPP CODE ERROR
      0 Not allowed!

  28. #28
    Quote Originally Posted by HD_Chris View Post
    Try another host ?
    He can't transfer this domain because as per whois, this domain is registered recently hence he will have to wait for 60 days to transfer to another host.

    I suggest contacting them directly via support desk to resolve the issue.
    || Web Hosting Blog - Web Hosting security & latest web hosting industry Announcements
    || Web Hosting Discussion - A Web Hosting community
      0 Not allowed!

  29. #29
    Join Date
    Jul 2002
    Location
    Tasmania, Australia
    Posts
    34,796
    Quote Originally Posted by Kailash12 View Post
    I suggest contacting them directly via support desk to resolve the issue.
    Sounds good to me
    If you donít like the road youíre walking on, start paving a new one.
      0 Not allowed!

Similar Threads

  1. Photon VPS? Reviews?
    By Reynock in forum VPS Hosting
    Replies: 7
    Last Post: 11-20-2013, 09:01 AM
  2. Stay clear of photon vps.
    By Jam32 in forum VPS Hosting
    Replies: 7
    Last Post: 09-11-2012, 07:13 AM
  3. Photon VPS Review
    By Icedout372 in forum VPS Hosting
    Replies: 6
    Last Post: 04-25-2011, 09:53 PM
  4. Photon VPS Review
    By robulosity in forum VPS Hosting
    Replies: 10
    Last Post: 01-30-2011, 02:18 AM
  5. Photon VPS seems good!
    By brucewoo in forum VPS Hosting
    Replies: 5
    Last Post: 03-17-2010, 11:55 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •