its not false information: you can click on op link
https://leancy.com/~bobymanand read on it on website blog
and also read more then 100 comments on how pepole thank them for A+ service!
:
the site was down for 2 days, after they where back on new server they first payed off every member!
and then went to regular operation.
the blog also shows transcripts of how they where scamed.
Hello, most people from skype chat and facebook already know what happened. I will try to break it down and give all the evidence of what happened in this article.
For those who do not want to read anything. Site is almost work. The following don't work:
- Counter is not fixed, you need to refresh page to see growth.
- Feedback from.
All of these will be fixed in a 24 hours
Mini FAQ by the Incident
ALL PAYMENTS WAS PROCESSED
So. First I need to explain what is server and what is domain name. Server is a remote computer on which site is located physically. Domain is name of the site in the location bar. We’ve bought server and domain from different companies, and as a consequence we have and always had control of the domain leancy.com.
Now the essence of the situation. Yesterday (March 4) without declaring war our site has stopped working (it happened at 9:50 am GMT). We wrote in support of the company with which bought the server (KODDOS):
bc
They did not answer for a long time (we had to create multiple queries) at first. Then they responded and asked us to provide data access to the server that we promptly did. It is common practice as hosting support needs full access to solve most problems on a dedicated server (routing reconfiguring, fixing ssh issues etc).
bc
After providing access administrative password to the site was change within a few minutes. Then he began to change wallets numbers for receiving funds. What we immediately notified KODDOS in an eccentric manner. «The website database was accidentally changed payment system accounts specifically. What the f**k?»
Support (please note: after providing all the data for access!) replied: «What? We did not touch the server. It is a dedicated one.»
bc
This is at least glaring omission. Because they had all the credentials to access and resolve the server issues, but they did nothing. Additionally, the server physically located at them. I do not know whether the server theft is initiative of KODDOS employees Mladlena Marinkovic or Martin. One thing I know for sure. After providing data access to KODDOS support, the server was completely stolen and we no longer have control over it. KODDOS have not taken any attempts to bring us access to the server back.
For technicians I also put screenshot from KODDOS support email and headers copies that was sent to one of our email addresses.
Again for the technically educated people here is full list of evidence:
1. There is fact of correspondence with KODDOS, where they got access to the server data.
2. Remote login to the server can ONLY be obtained with private ssh key. Also you need to know password ssh key encrypted to login.
3. Logging in with just password possible ONLY if you has direct access to server.
4. Of course, theoretically, we could adjust such a situation. But in this case we don’t have one thing: motive. We launched the site again, did a great job — all this would not be necessary if we are rigged this story.
5. KODDOS administration was undertaken exactly 0 attempts to return us control of our server.
Draw your own conclusions.
What we had at 16:30 UTC? The site is fully controlled by scammers from KODDOS. Under our control group were only chats on third-party resources and domain itself. Naturally, we also have backup copies site that created a small secure computer every minute until the server was under our control. Now we need to enclose again some technical details: each server has a unique address (IP), which specifies the domain name (leancy.com). Entries in the domain of IP to which it points are called name servers (NS). The biggest problem is that the change of name server took an average day (the time required for the entire internet learned about changing the IP, which indicates the site). After KODDOS issues, we immediately changed name servers of a domain to scammers version of LEANCY will be unavailable and investors could transfer money scammers. Also we spread information about happened by all social networks, chat rooms, forums, and major leaders.
Well, after such a blow from those whom we just did not expect it, we began a long and painful process of migrating on a different server. Moving such a project as LEANCY is not a homepage transfer. It’s about to buying a new server, DDoS protection, server configuration, configuring DNS, update NS, registration of a new certificate, the unfolding of the backup etc. Here on this and we was needed time, which we wrote in the report: from 2 till 3 days.
We were and still remain online on all available channels.