Bitcoin Forum
November 09, 2024, 02:22:02 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: WHMCS Hacked, Client data leaked online  (Read 2185 times)
arby (OP)
Donator
Member
*
Offline Offline

Activity: 112
Merit: 10


keybase.io/arblarg


View Profile
May 24, 2012, 09:03:05 AM
 #1

It seems someone pulled a bitcoinicon on WHMCS recently.


Quote
It is rumoured and believed that Matt’s email account was hacked and hence the hackers gained access to the server details and the Twitter account at the same time. Nothing has been done so far to get the twitter account back, although WHMCS is back online after being hacked and defaced with a DDoS attack.

Quote
It is advised that all companies using WHMCS installations should either bring it offline or protect their /admin/ folder by configuring IPs (this MAY save your WHMCS installation IF it there is still a vulnerability in WHMCS as the hackers stated earlier)


Quote
WHMCS is a popular billing software used by most of the small to medium scale hosting companies. The intruder gained access to the servers using “social engineering attack”. There are approx half a million (500,000) user records with Credit Card info leaked online.

“Following an initial investigation I can report that what occurred today was the result of a social engineering attack. The person was able to impersonate myself with our web hosting company, and provide correct answers to their verification questions, And thereby gain access to our client account with the host, and ultimately change the email and then request a mailing of the access details. This means that there was no actual hacking of our server. They were ultimately given the access details.” Matt Pugh explained.

It is also worth mentioning that the WHMCS twitter account was also taken over by the hackers.

It is rumoured and believed that Matt’s email account was hacked and hence the hackers gained access to the server details and the Twitter account at the same time. Nothing has been done so far to get the twitter account back, although WHMCS is back online after being hacked and defaced with a DDoS attack.

Hackers told Softpedia that they can easily decrypt password and they gained access to the servers using “social engineering and injections”.

It is advised that all companies using WHMCS installations should either bring it offline or protect their /admin/ folder by configuring IPs (this MAY save your WHMCS installation IF it there is still a vulnerability in WHMCS as the hackers stated earlier)

Jabber/XMPP: arby@darkness.su
check_status
Full Member
***
Offline Offline

Activity: 196
Merit: 100


Web Dev, Db Admin, Computer Technician


View Profile
May 24, 2012, 10:47:08 AM
 #2

Maybe there is a hole in the AV that protects Matt's email server.  Shocked

For Bitcoin to be a true global currency the value of BTC needs always to rise.
If BTC became the global currency & money supply = 100 Trillion then ⊅1.00 BTC = $4,761,904.76.
P2Pool Server List | How To's and Guides Mega List |  1EndfedSryGUZK9sPrdvxHntYzv2EBexGA
Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1010


View Profile
May 29, 2012, 06:06:11 PM
 #3

SQL Injection patch released.

Quote
The events of last week have obviously put a lot of focus on WHMCS in recent days from undesirable people

So nice to see that Bitcoin is not involved whatsoever with any of this ongoing mess  :-)

 - http://forum.whmcs.com/showthread.php?47828-Security-Patch

Unichange.me

            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █
            █


Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!