OVH Community, your new community space.

WHCMS Main site compromised


LawsHosting
25-05-2012, 13:23
Thank god I use ClientExec.

I think this is terrible, even more so that the CC decrypt key is in the WHMCS configuration.php file! How stupid can one be!

avizeke
25-05-2012, 12:09
i understand that, but again looking at there client adn userbase along with how long they have been up, am sure they should of had some precautions other than the standardised precautions. as a customer i dont believe they have done everything they could of done in prevention of this but either way, they handled it efficently as it was happening so at least there is some form of professionalism about that.

Kacotet
24-05-2012, 16:51
Quote Originally Posted by avizeke
hello.
they should of protected themselves instead now they have comprimised alot of people and look amature.
Easier said than done these days. The bad guys pretended to be WHMCS and managed to convince the web host to give them access to the server.

avizeke
24-05-2012, 15:09
hello.

yes i have whmcs for 4 different websites... recieved emails from teh whmcs guys stating the problems and warning us to protect. you can actually download there mysql and files as the hackers have released it on free download sites.

not plesant, but either way, they should of protected themselves instead now they have comprimised alot of people and look amature.

jonlewi5
22-05-2012, 22:17
Just a FYI for anyone running WHCMS.

Their main site has been compromised and database leaked.

If you have logged a support ticket with them and given server details then id suggests changing passwords.

Code:
Unfortunately today we were the victim of a malicious social engineering attack which has resulted in our server being accessed, and our database being compromised.

To clarify, this was no hack of the WHMCS software itself, nor a hack of our server.  It was through social engineering that the login details were obtained.

As a result of this, we recommend that everybody change any passwords that they have ever used for our client area, or provided via support ticket to us, immediately.
Regrettably as this was our billing system database, if you pay us by credit card (excluding PayPal) then your card details may also be at risk.

This is just a very brief email to alert you of the situation, as we are currently working very hard to ensure everything is back online & functioning correctly, and I will be writing to you again shortly.

We would like to offer our sincere apologies for any inconvenience caused. We appreciate your support, now more than ever in this challenging time.