Results 1 to 35 of 35
  1. #1
    Join Date
    Apr 2004
    Location
    UK
    Posts
    1,331

    Exclamation 'Cirtex hosting' - suspicious MSN contact

    Several people (including myself) have been contacted by an @cirtexhosting.com address via MSN - for example in this case; [email protected]. Sometimes, whoever it is contacts customers, ex-customers and even non-customers demanding cPanel information.

    I am not even a Cirtex customer, and only accepted the add request to see the inevitable and share the logs.

    [email protected] (E-mail address not verified) says:
    i'am gary

    [email protected] (E-mail address not verified) says:
    billing support of cirtex

    [email protected] (E-mail address not verified) says:
    so give me quickly your cpanel login and password

    Jamie says:
    Why?

    [email protected] (E-mail address not verified) says:
    I tell you that we have a problem of athentification you understand or not?

    [email protected] (E-mail address not verified) says:
    so quickly sir

    Jamie says:
    You authenticate yourself to me before I hand over and details

    [email protected] (E-mail address not verified) says:
    Ok I will seek your information manually and your account will be suspended by the company ok?

    [email protected] (E-mail address not verified) says:
    thanks and have a nice time
    Also mentioned here; http://www.webhostingtalk.com/showth...ex#post4867835
    .
    »
    @jmedwards
    - find me on Twitter!
    » Kayako help desk software - we help our customers help their customers

  2. #2
    Join Date
    Feb 2006
    Posts
    1,108
    says NOT VERIFIED - and I'm pretty sure from what I've talked to cirtex, they actually know basic english.

    do not give them any information.
    semi-retired

  3. #3
    Join Date
    Dec 2002
    Location
    chica go go
    Posts
    11,858
    Guy must not be very smart if he's phishing for such a small company

    [09:41] Mikey: hi my cpanel domain is http://e.photos.cx//cpanel and my username is photscx and my password is plzloveme62069 can you plz help me with my account

    [error] 31787#0: *1596721 open() "/home/photodata/www/cpanel" failed (2: No such file or directory), client: 81.192.248.13, server: e.photos.cx, URL: "//cpanel", host: "e.photos.cx"

    so there's his ip.

    aperature:/usr/local/nginx/logs# host 81.192.248.13
    Name: adsl-13-248-192-81.adsl.iam.net.ma
    Address: 81.192.248.13


    lol.

  4. #4
    Are the @cirtexhosting.com addresses verified? (through MSN) If they are, there might be a problem.

  5. #5
    Quote Originally Posted by ub3r View Post
    so there's his ip.
    hehe, good one! Though you might have problems to actually get something done when notifying this Maroccan ISP of the abuse.

  6. #6
    Join Date
    Feb 2006
    Posts
    1,108
    Basically; MSN lets you register anything, even stuff like [email protected] - you will be able to add the email to your msn list, but you can't change its name from "not verified" until you click the link in the email..
    semi-retired

  7. #7
    Join Date
    Dec 2002
    Location
    chica go go
    Posts
    11,858
    [09:47] [email protected] (E-mail Address Not Verified): I am Moroccan and I hacked 17 site cirtex
    [09:47] [email protected] (E-mail Address Not Verified): have a nice day
    [09:47] Mikey: oh good job, i'm sure your keyboarding teacher must be really impressed
    [09:48] [email protected] (E-mail Address Not Verified): ciao frog women
    [09:48] [email protected] (E-mail Address Not Verified):


    yeah, i don't get it either.

  8. #8
    Join Date
    Jun 2006
    Location
    United Kingdom
    Posts
    1,766
    Ive been contacted aswell, hes very impatient.

    I just kept giving him fake logins and he soon stopped talking to me
    -- Adam

  9. #9
    Join Date
    Aug 2004
    Location
    Canada
    Posts
    3,582
    ciao frog women!

    HAHA

    Yeah I'm surprised they're going after cirtexhosting when there are others out there much bigger with probably easier people to target (less knowledge).
    Tony B. - Chief Executive Officer
    Hawk Host Inc. Proudly serving websites since 2004
    Quality Shared and VPS Hosting
    PHP 5.3.x & PHP 5.4.x & PHP 5.5.X & PHP 5.6.X & PHP 7.0.X Support!

  10. #10
    Join Date
    Feb 2006
    Posts
    1,108
    frog woman?
    semi-retired

  11. #11
    Join Date
    Dec 2004
    Location
    United Kingdom
    Posts
    301
    Has anybody actually contacted Cirtex about this yet? They can click an alternative link in the email to disable the account (if they have that address set up).

    I guess I'll send them a friendly poke towards this thread.

  12. #12
    Join Date
    Jan 2003
    Location
    U.S.A.
    Posts
    3,911
    Its pretty sad to see someone doing something like this. I think Cirtex sending out an email to their clients would help.

  13. #13
    Join Date
    Mar 2003
    Location
    New York City
    Posts
    7,391
    Hi Everyone

    We have already noticed this and contacted all customers to not give out their passwords. Thanks for everyones attention in this matter.

    Cheers
    █• CirtexHosting • Providing Affordable and Quality Web Hosting & Reseller Hosting since 2003
    █• LINUX based cPANEL/WHM Shared and Reseller Web Hosting with Fantastico
    █• HostV VPS • Premium Virtual Private Servers & Dedicated Servers powered by cPanel/WHM
    █• We transfer your sites over quickly! • I eat penguins for breakfast ...

  14. #14
    Join Date
    Nov 2006
    Posts
    39
    Quote Originally Posted by Cirtex View Post
    Hi Everyone

    We have already noticed this and contacted all customers to not give out their passwords. Thanks for everyones attention in this matter.

    Cheers
    Thanks for clarification Cirtex, but can you tell us who if [email protected] is your true MSN or not?

    Its listed in your WHT profile, as MSN contact.

    I have experienced same as the thread starter, but he did not contacted me .. I did contact at that email and also, it was not saying (NOT VERIFIED).

    so..?

  15. #15
    Join Date
    Jun 2001
    Location
    Gotham City
    Posts
    1,849
    "athentification" ... That enough should be alone for anyone to block that guy.
    [[ Reyox Communications / USA based cloud servers & support / 9 years of hosting websites ]]
    [[ Affordable ASP.NET4, ColdFusion, PHP & MS-SQL, MySQL, cPanel/WHM & Windows Reseller Hosting + Virtual Private Servers ]]
    (www.reyox.com) - Mention WHT and get a discount on your first month!

  16. #16
    Join Date
    Jun 2001
    Location
    Gotham City
    Posts
    1,849
    You can always signup for an MSN account and fool people without verifying it.

    Cirtex can easily claim back the address by using the forgotten password feature.
    [[ Reyox Communications / USA based cloud servers & support / 9 years of hosting websites ]]
    [[ Affordable ASP.NET4, ColdFusion, PHP & MS-SQL, MySQL, cPanel/WHM & Windows Reseller Hosting + Virtual Private Servers ]]
    (www.reyox.com) - Mention WHT and get a discount on your first month!

  17. #17
    Join Date
    Jan 2006
    Location
    Athens, Greece
    Posts
    1,479
    i'am gary
    billing support of cirtex
    so give me quickly your cpanel login and password
    or I'll shoot you from the internet and kill you.

    Kids...

  18. #18
    Join Date
    Dec 2002
    Location
    chica go go
    Posts
    11,858
    i'am gary.

  19. #19
    Join Date
    Jul 2002
    Location
    London, United Kingdom
    Posts
    4,366
    Quote Originally Posted by Cirtex View Post
    We have already noticed this and contacted all customers to not give out their passwords
    Sadly there will allways be some fools who fall for this type of scam.
    You can get the MSN account blocked as its using [email protected] domain

  20. #20
    Join Date
    May 2004
    Location
    Pflugerville, TX
    Posts
    11,222
    Quote Originally Posted by ub3r View Post
    i'am gary.
    That should be your new custom title
    Studio1337___̴ı̴̴̡̡̡ ̡͌l̡̡̡ ̡͌l̡*̡̡ ̴̡ı̴̴̡ ̡̡͡|̲̲̲͡͡͡ ̲▫̲͡ ̲̲̲͡͡π̲̲͡͡ ̲̲͡▫̲̲͡͡ ̲|̡̡̡ ̡ ̴̡ı̴̡̡ ̡͌l̡̡̡̡.__Web Design

  21. #21
    Join Date
    May 2007
    Location
    italy
    Posts
    393
    Amusing, indeed.

    Am I the only one wondering how did exactly this kid obtain all those msn contacts of people hosted at cirtex ? o_O' ... Maybe cirtex has a public forum where people post their msn contacts ?
    "I want" never gets ...

  22. #22
    Join Date
    Jul 2004
    Posts
    2,361
    Quote Originally Posted by johnny-l View Post
    Amusing, indeed.

    Am I the only one wondering how did exactly this kid obtain all those msn contacts of people hosted at cirtex ? o_O' ... Maybe cirtex has a public forum where people post their msn contacts ?
    Exactly, how did he get the email of Citrex clients?

  23. #23
    Join Date
    Jan 2004
    Location
    Alberta, Canada
    Posts
    76
    Quote Originally Posted by ub3r View Post
    Guy must not be very smart if he's phishing for such a small company

    [09:41] Mikey: hi my cpanel domain is http://e.photos.cx//cpanel and my username is photscx and my password is plzloveme62069 can you plz help me with my account

    [error] 31787#0: *1596721 open() "/home/photodata/www/cpanel" failed (2: No such file or directory), client: 81.192.248.13, server: e.photos.cx, URL: "//cpanel", host: "e.photos.cx"

    so there's his ip.

    aperature:/usr/local/nginx/logs# host 81.192.248.13
    Name: adsl-13-248-192-81.adsl.iam.net.ma
    Address: 81.192.248.13


    lol.
    HAHAHAHHAHA

  24. #24
    Join Date
    Feb 2005
    Location
    India
    Posts
    911
    This guy had contacted me earlier on AIM :


    Session Start (thinkingsupport:331634707): Wed Dec 26 20:56:18 2007
    [20:56] 331634707: hi

    [20:56] thinkingsupport: Hi
    [20:56] 331634707: how are you today ?
    [20:56] thinkingsupport: I am good.. May I know who is it
    [20:57] 331634707: i'am gary cirtex support
    [20:57] thinkingsupport: Ahh Gary..
    [20:57] thinkingsupport: How can I help you?
    [20:58] 331634707: Are you a customer cirtex

    [20:58] thinkingsupport: Nops ..
    [20:58] thinkingsupport: This is Sam here from ThinkSupport.net
    [20:58] 331634707: you have a reseller or host
    [20:59] thinkingsupport: we are a support company offering hosting support
    [20:59] 331634707: ok give me please your account nformations
    [20:59] thinkingsupport: sorry?
    [21:00] thinkingsupport: What kind of information are you looking for?
    [21:00] 331634707: just to check
    [21:01] thinkingsupport: I am sorry, I still dont get what you are trying to say.. We have no account or any business relation with Cirtexhosting
    [21:01] 331634707: ok have a nice time

    Session Close (331634707): Thu Dec 27 02:41:35 2007

    Weird guy indeed!!!

  25. #25
    I hope all of you are sending in abuse-tickets with his ISP.

  26. #26
    Join Date
    Dec 2004
    Location
    United Kingdom
    Posts
    301
    Quote Originally Posted by Henrik View Post
    I hope all of you are sending in abuse-tickets with his ISP.
    With AIM / MSN You don't see the IP of the other user as the communication is routed through their servers. If you can get them to open a direct connection on AIM by sending a picture or something then a Netstat command will show his IP.

  27. #27
    Quote Originally Posted by Hosting Puppy - Tom View Post
    With AIM / MSN You don't see the IP of the other user as the communication is routed through their servers. If you can get them to open a direct connection on AIM by sending a picture or something then a Netstat command will show his IP.
    The same works with MSN, and depending on the client you may see his IP-address using ICQ too.

    Why not create a unique folder-name and lure him there to get his IP-address and then send an abuse complaint? It doesn't look like he's clever enough to hide his whereabouts.

  28. #28
    Join Date
    Mar 2007
    Location
    Phoenix, AZ, United State
    Posts
    1,492
    Quote Originally Posted by Henrik View Post
    The same works with MSN, and depending on the client you may see his IP-address using ICQ too.

    Why not create a unique folder-name and lure him there to get his IP-address and then send an abuse complaint? It doesn't look like he's clever enough to hide his whereabouts.
    Oh Henrik... please stop ignoring ub3r

  29. #29
    Join Date
    Aug 2007
    Posts
    905
    I R SUPORT FOR CTRITEX NEED PASS PLZ

  30. #30
    Its probably nothing more than a publicity stunt.
    << Please see the Rules page. >>

  31. #31
    Join Date
    Mar 2003
    Location
    New York City
    Posts
    7,391
    Quote Originally Posted by Mikie4648 View Post
    Its probably nothing more than a publicity stunt.
    I had a chuckle there, but in all honesty this guy has caused a lot of problems for us, and even tried resetting password for my personal MSN Account somehow. But as of now everything is under control except he seems to somehow have gotten ahold of our ICQ Account which is pretty hard to retrieve..other than that we're all set.

    Again this guy has caused a lot of trouble for us and even if it did bring publicity, its not the kind we would want in any situation ever

    Cheers + Happy New Year !
    █• CirtexHosting • Providing Affordable and Quality Web Hosting & Reseller Hosting since 2003
    █• LINUX based cPANEL/WHM Shared and Reseller Web Hosting with Fantastico
    █• HostV VPS • Premium Virtual Private Servers & Dedicated Servers powered by cPanel/WHM
    █• We transfer your sites over quickly! • I eat penguins for breakfast ...

  32. #32
    Join Date
    Apr 2007
    Location
    United Kingdom
    Posts
    1,686
    I wonder if they're getting them from WHT, seeing as alot of you guys have your MSN details on your profile.

    Cirtex,
    i yam gary
    give me woot
    kthnxbye
    EZPZ Hosting - Dependable and Affordable Web Hosting
    LiteSpeed SSD Powered cPanel Shared & Reseller Hosting | Budget VPS, Managed VPS and Dedicated
    Reseller Hosting Specialists | WHMCS-Based End User Support | Unlimited SSLs | UK and USA
    99.9% Uptime Guarantee | 24/7 Support | 30 Day Money Back Guarantee

  33. #33
    Quote Originally Posted by HostSentry View Post
    Oh Henrik... please stop ignoring ub3r
    haha


    Quote Originally Posted by Mikie4648 View Post
    Its probably nothing more than a publicity stunt.
    Best post in 2007

  34. #34
    Join Date
    Apr 2007
    Location
    Melbourne, Australia
    Posts
    410
    Quote Originally Posted by Looie View Post
    I R SUPORT FOR CTRITEX NEED PASS PLZ
    SURE!!1

    user: omega36
    password: diaf111

  35. #35
    Join Date
    May 2006
    Posts
    1,398
    Quote Originally Posted by Cirtex View Post
    I had a chuckle there, but in all honesty this guy has caused a lot of problems for us, and even tried resetting password for my personal MSN Account somehow. But as of now everything is under control except he seems to somehow have gotten ahold of our ICQ Account which is pretty hard to retrieve..other than that we're all set.

    Again this guy has caused a lot of trouble for us and even if it did bring publicity, its not the kind we would want in any situation ever

    Cheers + Happy New Year !
    Well AIM and ICQ accounts are about useless. Dont use them for too many important things. So many kids, yes 12-14 year old kids have full access to AOL's merlin database they can take any screenname they want.

    AIM and ICQ accounts are the easiest in the world to get jacked. And Ive even seen people who have had msn accounts taken that had good passwords and insane verification q and a. So I would imagine they have access to msn's stuff as well.

    But I assure you AIM/ICQ accounts can be taken very easily by a good number of people. Not much you can do when they have admin access to AOL like so many do.

    As far as people reporting this guy to his isp, its futile, these crap country isps do nothing about abuse, its like reporting abuse to turk isps, nothing will be done. Thats why these hackers in other countries dont even bother using proxies.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •