WHMCS Compromised!
#1

Hey guys,

I just thought I'd let you know, in-case you haven't already noticed. WHMCS's websites, database and systems were hacked into today, all of the data including passwords, credit cards etc are all available on the internet.

I'd advise anybody, who has ordered with WHMCS or an account, to change ALL passwords you use, and cancel, and report all of your credit/debit cards for fraud to your Bank. I'd also advise checking your direct debits and standing orders every few days.. just in-case any fraudulent ones have been set-up.

If you have given them FTP/secure information through support tickets or emails with them in the past, change them details also.

Further statement has been released by WHMCS, but no official email sent out to notify clients.. everybody is finding out by a third-party.. so here's your warning!

http://forum.whmcs.com/showthread.ph...ewpost&t=47660

Stay safe,
Ashley.
Reply
#2

I am honestly not bothered at all, I feel for the people who have their credit card payments with them though. The worst they can do is send me mail to the company PO box.

EDIT:
didn't realize they released the files for public DL.....

I don't understand why they were using cPanel.
Reply
#3

There's no proof showing a public download of all files is there? They stated that the passwords and credentials should be secured?
Reply
#4

Yes there is, if you know the correct places to look, as I've proved to myself this morning when I downloaded my credit card details.

The credit cards and passwords are are encrypted, but with the hash to decrypt them in the config files, which where also released, it is possible.
Reply
#5

I used PayPal to pay kingj, so I assume I'm safe?
Reply
#6

Following an initial investigation I can report that what occurred today was the result of a social engineering attack.

The person was able to impersonate myself with our web hosting company, and provide correct answers to their verification questions. And thereby gain access to our client account with the host, and ultimately change the email and then request a mailing of the access details.

This means that there was no actual hacking of our server. They were ultimately given the access details.

This is obviously a terrible situation, and very unfortunate, but rest assured that this was no issue or vulnerability with the WHMCS software itself.

We are immediately reviewing all of our hosting arrangements, and will be migrating to a new setup at the earliest opportunity.

I would like to take this opportunity to thank all of you who have sent in messages of support, and offers of help. It has clearly been a very stressful time, and I thank everyone both personally and on behalf of WHMCS for their loyalty and support.

The matter is now in the hands of the FBI.
Reply
#7

Use quote tags to avoid confusion please.
Reply
#8

You don't understand why they where using cPanel? What else are they supposed to use.

@mike, yes you're credit cards are safe either way, you wasn't a customer of whmcs.

@harold, that's a pointless statement Matt Pugh made, if the FBI where involved, their cyber crime task force would have removed them files instantly.

WHMCS screwed up big time,they chose profit over security. Seriously, a dedicated server with host gator, it was bound to happen.

Sent from my iPad.
Reply
#9

Quote:
Originally Posted by Ashley
Посмотреть сообщение
You don't understand why they where using cPanel? What else are they supposed to use.
A managed LAMP set-up? Anything else? There are so many more alternatives to cPanel... but I see your point, WHMCS is deeply integrated with WHM for a reason.

Quote:
Originally Posted by Ashley
Посмотреть сообщение
that's a pointless statement Matt Pugh made, if the FBI where involved, their cyber crime task force would have removed them files instantly.
I don't think you understand how the internet works. You can't just remove a file from the internet and be done with it, especially when it's so high profile. The FBI weren't immediately informed, and many people had a chance to download the file(s).

Once something is on the internet, it's hard (if not impossible) to completely remove all traces of what was downloaded or the original content because people upload mirrors.

Quote:
Originally Posted by Ashley
Посмотреть сообщение
WHMCS screwed up big time,they chose profit over security. Seriously, a dedicated server with host gator, it was bound to happen.
How can you say that? So many other hosts provide dedicated servers for a much lower price and are a lot more secure. I would assume they chose HostGator because they thought it was a good host.

Quote:
Originally Posted by Ashley
Посмотреть сообщение
Sent from my iPad.
stop posing with ur apple products plz thx
Reply
#10

Quote:
Originally Posted by Ashley
Посмотреть сообщение
You don't understand why they where using cPanel? What else are they supposed to use.
Do you think cPanel invented webhosting or something?

GearSec have come above ground to say this

http://pastebin.com/KrRG81e4

JoshTheGod ******** (the gangsta who 'hacked' WHMCS).
Reply


Forum Jump:


Users browsing this thread: 4 Guest(s)