Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


The leak
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

The leak

bijan588bijan588 Member
edited May 2012 in General

So.... What happens to the people who downloaded the leak out of impulse?

I wanted to see what was leaked about me.

«134

Comments

  • jarjar Patron Provider, Top Host, Veteran

    Unless someone wants to pull a Metallica on Napster scenario, probably nothing.

    Thanked by 1TheHackBox
  • AldryicAldryic Member

    @bijan588 said: So.... What happens to the people who downloaded the leak out of impulse?

    Depends on the extent of the damage to any stolen cards. Following SOP, nothing other than a cursory sniff and examination will be done unless the IP you used happens to be involved in other... monitored activity.

  • manmamanma Member
    edited May 2012

    I'd bet money that nothing will happen to anyone but the original uploader. Well, them and the people that fucked around with stolen card info.

  • FreekFreek Member

    @bijan588 Offtopic: You do know your order page gives a 404 ?

  • @Freek said: Offtopic: You do know your order page gives a 404 ?

    I believe he shut it down because of this?

  • jarjar Patron Provider, Top Host, Veteran

    Today is a good day for 404 on order pages I'm afraid. I don't care what anyone says, WHMCS is never going live on my server again. If you can't keep your email under control, or even notice that it isn't, I can't trust your code.

    Thanked by 2djvdorp circus
  • BlueVMBlueVM Member
    edited May 2012

    We'll let it live for now until something comes along to replace it... Can't replace Rome in one night :P

    We did however ask for a large credit to be placed on our bill hopefully they grant it so that we can keep our license while building an alternative :P

  • SpencerSpencer Member

    @jarland said: Today is a good day for 404 on order pages I'm afraid. I don't care what anyone says, WHMCS is never going live on my server again. If you can't keep your email under control, or even notice that it isn't, I can't trust your code.

    Shit happens

  • subigosubigo Member

    @bijan588 said: So.... What happens to the people who downloaded the leak out of impulse?

    I wanted to see what was leaked about me.

    The same thing that happens to people who download every other leaked database out there. Nothing.

    If your name and information are in the database, you have every right to check it out.

  • jarjar Patron Provider, Top Host, Veteran

    @PytoHost That it does, just removing myself from this particular pile of it ;)

  • KairusKairus Member

    @jarland said: If you can't keep your email under control, or even notice that it isn't, I can't trust your code.

    I don't think that's how it was done though from what I've heard? It seems like totally hostgator's fault.

  • jarjar Patron Provider, Top Host, Veteran

    They gained access to his email to interact with HostGator.

  • BlueVMBlueVM Member

    Email accesses happen every day, even a max character string is breakable... It could have happened easily any time to anyone. The problem I have is that Host Gator gave away the needed information without even bothering to call the owner of the company about the request.

    On top of that WHMCS reacted in exactly the opposite way they should have: They should have notified everyone first, then restored their licenses then their site. Instead they restored their site, restored their licenses and finally notified everyone. That's why I'm unhappy.

    Thanked by 1Roph
  • jarjar Patron Provider, Top Host, Veteran
    edited May 2012

    I'm not even important and I can't go any significant amount of time without noticing if I have lost access to my email or if there is activity on my email, at least on important accounts. Plenty of alerts capable of waking me. I doubt host gator did this without ever sending one email to his address, and I simply cannot overlook the idea that I'm more paranoid about my important email accounts than the provider of such a profitable and vital piece of software. I'm not saying I can't be hacked, I'm saying I can't be caught unaware for a significant amount of time. It isn't to brag, I thought anyone with something to lose would do the same.

  • @Freek

    I was being careful, I just moved the dir and 000ed it.

    I now have it live again, temporarily.

  • BlueVMBlueVM Member

    According to their site:

    "The person was able to impersonate myself with our web hosting company, and provide correct answers to their verification questions. And thereby gain access to our client account with the host, and ultimately change the email and then request a mailing of the access details."

    -- So apparently this hacker not only knew access details, he knew the verification questions which leads me to believe disgruntled employee.

  • subigosubigo Member
    edited May 2012

    @BlueVM said: According to their site:

    "The person was able to impersonate myself with our web hosting company, and provide correct answers to their verification questions. And thereby gain access to our client account with the host, and ultimately change the email and then request a mailing of the access details."

    -- So apparently this hacker not only knew access details, he knew the verification questions which leads me to believe disgruntled employee.

    Correct. This is why it's not Hostgator's fault at all (and I'm not a fan of Hostgator).

    This is 100% Matt's fault for running a company that makes $500,000+/MONTH and relying on a dedicated server with cPanel installed and "managed" by HG. He should have had his own servers and his own network admins and security techs. He's either cheap, stupid, or both. He has no excuse. At all.

    This is the biggest fuck up I've seen in the hosting industry in a very long time. Maybe ever.

  • I agree. At least purchase a server from a big management company to manage the server and protect our data.

  • Enough derail, put it back on the main thread.

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @pioneernetworks said: I agree. At least purchase a server from a big management company to manage the server and protect our data.

    The sad part is most of them are full of shit and just have some pre-made scripts. At the level of cash they had they could have afforded to drop $60k/y on a good, solid, unix guy and have the whole thing running w/o a control panel.

  • rds100rds100 Member

    I am not that worried about the whmcs.com database being leaked. I am more worried if their source code was leaked.
    Every software has bugs. The bigger the software - the more bugs are there. And now the bad guys have access to all the source and can find bugs, which we cannot find and patch ourselves. This is bad.
    I think what whmcs should do now is release the source officially.

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @rds100 said: And now the bad guys have access to all the source and can find bugs

    not 100% that source was taken.

    I'm being hopeful in thinking that the only computer with ioncube's encoder would be Matt's personal dev box. I can't see him having ioncuber running on the dedi =\

    Francisco

  • subigosubigo Member

    @Francisco said: not 100% that source was taken.

    I'm being hopeful in thinking that the only computer with ioncube's encoder would be Matt's personal dev box. I can't see him having ioncuber running on the dedi =\

    Francisco

    I didn't see the source anywhere. The install on their site was encoded.

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @subigo said: I didn't see the source anywhere. The install on their site was encoded.

    Which is good, who knows what other accounts existed on the box though :(

    I'm being hopeful. Cramming mod_sec/etc on your billing servers wouldn't be a terrible idea though.

    Francisco

  • rds100rds100 Member

    @Francisco let's hope, but...
    First such big software is not developed by just one man on his personal computer. They must have code repository, etc. Now it would be stupid to use the same server for both software development and their website, but... who knows. Considering whmcs's twitter got owned too, not sure what passwords, etc. the hackers were able to get.

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    The twitter was likely bound to the account in question and the people did a forgot password.

    Given he hasn't reclaimed it, it makes me think a @gmail.com email got jacked and he didn't have the extra recovery settings there

    Francisco

    Thanked by 1rds100
  • MrAndroidMrAndroid Member
    edited May 2012

    UGNazi gave this reason.

    "Many websites use WHMCS for scams. You ignored our warnings. We spoke louder. We are watching; and will continue to be watching. #UGNazi"

  • subigosubigo Member

    @Francisco said: Which is good, who knows what other accounts existed on the box though :(

    I'm being hopeful. Cramming mod_sec/etc on your billing servers wouldn't be a terrible idea though.

    Francisco

    Then again, there's thousands of emails and other things that people haven't gone through completely yet. The source could still show up somehow.

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @subigo said: Then again, there's thousands of emails and other things that people haven't gone through completely yet. The source could still show up somehow.

    Jesus christ, imagine it just being attached to some outbound email.

    "Here ya go, lemme know when you want to start working on this all."

    Fuuuuuu

    Francisco

    Thanked by 1Kairus
  • BlueVMBlueVM Member

    @rds100 said: First such big software is not developed by just one man on his personal computer. They must have code repository, etc. Now it would be stupid to use the same server for both software development and their website, but... who knows. Considering whmcs's twitter got owned too, not sure what passwords, etc. the hackers were able to get.

    Uhm... maybe I'm crazy, but this company doesn't act like they own big software, they act like they're battling script kiddies not real world hackers :P

Sign In or Register to comment.