New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
@FTN_Kevin go knock on his door or report him to a NY police! :P
I fucking dare you. I DARE YOU
Yeah 20 miles doesn't seem like a lot but its quite a long drive, lots of traffic around here.
http://whmcs-hacker.soup.io/ is back up, it was down for about 24 hours for Josh's "Tango Down" attack. He is now DDoSing police.uk according to his Twitter
@FTN_Kevin Go to his house, and tell his parents. Explain that he is going to be arrested and all sorts of shit like that and record it.
Please please! PLEASE
The FBI already accepted the case according to WHMCS, so I'm guessing he is hiding now
I doubt it, hes still updating twitter, you would be the hero of the year if you did it.
Heres a good one.
http://www.truste.com/trusted_sites/index.html
I will drive to Staten Island tomorrow morning and see (Apartment 4), I am starting to think that might not really be him if hes still tweeting and gladly admitting it. Anyone know how exactly they found out this was him?
If you search for whmcs by url on that link, whmcs shows up.
Yet you're worried enough to "secure" your install with a .htaccess file. My contribution is this: ditch WHMCS and find and alternative or create your own.
So nothing to contribute that is really constructive at all
long ago I told robots.txt to not let search engines index my whmcs install. what good it does I'm not sure, but happily I dont have more customers that I could not migrate them over a weekend by hand if necessary to something else.
@ftn_kevin
lets rent a black van, and go true lies on his ass! We can use niagra falls instead of a dam.
If you say so. You can stick with a company that has shown itself to be completely incompetent, but I won't. Especially when it comes to the one script that your entire business relies on.
Dunno now, I just had a customer in live chat ask me if I'm using WHMCS and I said yes, and he said he will look elsewhere because WHMCS is insecure.
Every IT blog is now trumpeting what happened to WHMCS and most users will just associate the hack with WHMCS itself and not a social engineering attack that has nothing to do with WHMCS.
Only saving grace WHMCS might have at this point is if they make some big gesture towards fixing what happened and being very open about it. The other, is that most other scripts have no import utilities lol.
I've had three tickets in three days from people asking if their data was still safe and wanting to know when/if we would be migrating away.
WHMCS.com is returning a 500 right now.
Oh wait, new error:
I'd call that an inconvenience. Two hours versus a few seconds.
so with all the fiasco going around with whmcs, are those currently installed software still safe? or is it better to use a different system right now until the company and product is stable?
Nobody knows!
A few seconds to crack a password with 40gb of rainbow tables?
Also you can just rent the Amazon EC2 instance with 2xgpu, that would probably do it in 30 minutes (and cost 1$)
What do you think WHMCS plans to do to heal some of their bad rep from this? And any alternatives that are near or as good as WHMCS for billing, etc?
We all have to trust someone or some company, but it just goes so show you can never get to complacent......
Did you make that drive yet?
According to http://whmcs-hacker.soup.io/
[8:50:53] hey man come over
[8:51:25] aight when man LUL
[8:51:55] right now staten island bodine lets go kgogogogogogogogogo!
[8:52:00] dude stfu seriously
[8:52:25] Okay sorry baby
All information was verified from their IP addresses that logged into irc.anonops.pro gladly provided to us by an informant who is an Oper in the IRC, which they are located in New York in itself. Enjoy time faggots!
Provided this is all hearsay, however through deduction there is only so much you can rule out before the truth bubbles up. Either way if this is really him, he's pretty sloppy. Also I'm sure if the FBI really wanted to, they could simply Subpena Twitter(which if Twitter really is in bed with the Government, they'll just hand it over) for the IP's hits tweets originate from.
Now if this takes off http://news.yahoo.com/blogs/technology-blog/york-senate-bill-seeks-end-anonymous-internet-posting-162549128.html (which I do not think it will) IF he wants to continue posting he'll have to come out eventually.
Even if it were to pass, would never stand up to Constitutional muster.
Did ya go kevin?
Oh for sure, it would be a stalkers gold mine, and I believe fellow webmasters would be so overwhelmed with maintaining that, they just would not offer a public forum. I know personally I would just remove all public forms from my site. Either or put it behind a .htaccess password so that at that point it would not be public domain.
Either way the people making these bills are ignorant and obviously are not aware of the day to day operations on the web. I guess you could say ignorance is Bliss.
Today is a big day! This is the first day since the hack that they haven't been rehacked.
The day's not over yet.
Here is 12 PM