Jump to content

Recommended Posts

Posted

Not sure if you guys have heard yet, but the major provider of online billing for webhosting, WHMCS, has been hacked. http://forum.whmcs.com/showthread.php?t=47650

 

Change passwords, and take precautions as needed. WHMCS is like the #1 billing software for webhosting so it's not reassuring. If you're hosted at any site that is a WHMCS client, and they become compromised as a result of WHMCS's compromised information, you're still at risk.

Posted

i very highly doubt that this attack was throughout he WHMCS software itself. There are just too many users for it.

Posted

i very highly doubt that this attack was throughout he WHMCS software itself. There are just too many users for it.

No, it wasn't, as they noted in the announcement. it was social engineering. they got Matt's email password, and then proceeded to hack his twitter, server, and whmcs. Think about it - if someone got into YOUR email, they could just reset all of your passwords, and boom. control. However, the hackers did leak the ENTIRE whmcs database to the public. all of the customer records and information. not good stuff.

  • Administrators
Posted

WHM doesn't store my passwords though do they? I mean I have a license from them and it's setup on my hosting server, why would they have a copy of my passwords?

Posted (edited)

WHM doesn't store my passwords though do they? I mean I have a license from them and it's setup on my hosting server, why would they have a copy of my passwords?

Technical support. About half of all their customers had provided cPanel, WHMCS, or SSH login information for either the installation service, or for technical support.

Edited by Collin1000
Posted (edited)

Same question. Aren't such personal infos encrypted in the database?

Was that information not encrypted?

 

How would you go about encrypting plain-text emails and technical support tickets? That's the issue. Technical support tickets by nature are plain text or easily decrypt-able so that they can be read by a human. The credit card information was hashed but all hashes can be cracked with effort. I've seen a huge increase in spam to my WHMCS email since the information was leaked. Email address, name, billing address, that's all plaintext.

 

I suggest taking a read at this news article:

http://news.softpedi...ign=twitter_web

 

According to a user:

They're encrypted but if you have the encryption key (stored in a config file which the hackers have), you can decrypt all those encrypted card details.

Edited by Collin1000

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...