Collin1000 Posted May 21, 2012 Posted May 21, 2012 Not sure if you guys have heard yet, but the major provider of online billing for webhosting, WHMCS, has been hacked. http://forum.whmcs.com/showthread.php?t=47650 Change passwords, and take precautions as needed. WHMCS is like the #1 billing software for webhosting so it's not reassuring. If you're hosted at any site that is a WHMCS client, and they become compromised as a result of WHMCS's compromised information, you're still at risk. Quote
Thomas Posted May 22, 2012 Posted May 22, 2012 i very highly doubt that this attack was throughout he WHMCS software itself. There are just too many users for it. Quote
Collin1000 Posted May 22, 2012 Author Posted May 22, 2012 i very highly doubt that this attack was throughout he WHMCS software itself. There are just too many users for it. No, it wasn't, as they noted in the announcement. it was social engineering. they got Matt's email password, and then proceeded to hack his twitter, server, and whmcs. Think about it - if someone got into YOUR email, they could just reset all of your passwords, and boom. control. However, the hackers did leak the ENTIRE whmcs database to the public. all of the customer records and information. not good stuff. Quote
Thomas Posted May 22, 2012 Posted May 22, 2012 This is a very scary situation. Very scary indeed. Quote
Administrators Nathan Posted May 22, 2012 Administrators Posted May 22, 2012 WHM doesn't store my passwords though do they? I mean I have a license from them and it's setup on my hosting server, why would they have a copy of my passwords? Quote
Collin1000 Posted May 22, 2012 Author Posted May 22, 2012 (edited) WHM doesn't store my passwords though do they? I mean I have a license from them and it's setup on my hosting server, why would they have a copy of my passwords? Technical support. About half of all their customers had provided cPanel, WHMCS, or SSH login information for either the installation service, or for technical support. Edited May 22, 2012 by Collin1000 Nathan 1 Quote
tetutato Posted May 22, 2012 Posted May 22, 2012 Was that information not encrypted? Same question. Aren't such personal infos encrypted in the database? Quote
Collin1000 Posted May 22, 2012 Author Posted May 22, 2012 (edited) Same question. Aren't such personal infos encrypted in the database? Was that information not encrypted? How would you go about encrypting plain-text emails and technical support tickets? That's the issue. Technical support tickets by nature are plain text or easily decrypt-able so that they can be read by a human. The credit card information was hashed but all hashes can be cracked with effort. I've seen a huge increase in spam to my WHMCS email since the information was leaked. Email address, name, billing address, that's all plaintext. I suggest taking a read at this news article: http://news.softpedi...ign=twitter_web According to a user: They're encrypted but if you have the encryption key (stored in a config file which the hackers have), you can decrypt all those encrypted card details. Edited May 22, 2012 by Collin1000 Nathan 1 Quote
Administrators Nathan Posted May 22, 2012 Administrators Posted May 22, 2012 Makes sense thanks for the information Collin! Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.