New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Today felt like Tuesday to me, meaning yesterday would've been coming off the weekend. In my defense, I haven't slept much lately
From what i understand the information GearSec has gathered is from some leaked IRC logs or so.
The FBI can't (shouldn't) just arrest someone because some dubious group accused from of hacking WHMCS.
they said themselves that they did it, what do you mean that the @UG group is being "accused "?
The group GearSec accused the people they named in their blog to be the people that hacked WHMCS.
Irritating, we actually use Ubersmith, but had toyed in the recent past with switching to WHMCS and had signed up for a license to try it out.
I take it from those links to pastebin that the card details can be decrypted then and so any CCs need cancelling?
There's been a dump on Pastebin of all the decrypted CC details.
I can confirm that your CC data is in the dump and you need to cancel your card.
Even without that dump takes less than 1 min for the php to run and decrypt all
Thanks for the info. Scrambles to call the bank...
For the record, Reckz0r stole that from http://pastebin.com/EVCxM2zp (he's known to plagiarize things).
Calling those Anonymous or lulz"sec" people "hackers" is an insult for the word hacker :P
Oh and btw it has been pointed out earlier that @joepie91 has affiliations with lulzsec/anonymous
Old news, but correct. To his defense, he was one of the chaps that hung about in the lulzsec irc channel; he wasn't directly involved with their antics.
Reckz0r can not be considered in any way, shape, or form a 'hacker', regardless of whether you adhere to the 'media definition' of 'someone that breaks into computers' or the 'real' definition of 'someone that builds things'.
The point is that Reckz0r has been attentionwhoring all over anon for the past few weeks - I think it'll be hard to find someone involved in anon that doesn't know about him and his constant plagiarism, false claims, and famewhoring.
(Additionally, I'm not sure how my 'affiliations with anon' [what? It's not even a group] matter here.)
They don't really matter (and i don't think anyone here cares), i just provided it as an explanation to @liam why you know all that people.
It's not hard have affiliations with "anonymous." Anyone can post on _chan.___
Fill in the blanks with anything really...
Jesus is a hacker, he was able to hack physics to walk on water!
@Daniel Nobody owns the water. It's God's water.
Fair enough.
Hmmm...
The fish own it.
Jesus pown'd it!
Phone is subject to the same problem, and people want their answers now, not in an hour, not in a day, whatever.
Shit. I hope my debit card wasn't leaked. Oh well, hopefully my bank will detect any weird charges if anything happens.
I go onto Lowendbox to search for a VPS and get this bad news.... ugh.
Holy majoly.
Do my eyes deceive me or has @DepotVPS_Shane returned...
If you used your card on whmcs.com then it has been leaked. I suggest you phone your bank rather than wait for something to happen.
@Asad: I might as well. I used licensepal but just to be safe....
So we have gathered this.
WHMCS used HostGator and trusted HostGator with everything.
HostGator clearly do not give a damn about their big customer's security, and after a few questions just hand the account over.
WHMCS is at fault for using HostGator in the first place when they can clearly afford a dedicated server and clearly have the minimal skills to manage it.
Everyone who had their credit card details at WHMCS are now screwed and should cancel their card ASAP and check purchases, as your details are now everywhere.
WHMCS should of used a better method for storing CC data, perhaps each daily cron job a URL is sent to the admin where they enter the key to process the transactions.
But what about us LicensePal people? :P
I might just be calling the bank if LP is effected too...
Should be fine.
I don't understand why whmcs chose to store/process credit cards directly in the first place and not use a company specialized in credit card processing.