amuck-landowner

drmike

100% Tier-1 Gogent
If they have control over their Twitter again, would it be safe to imagine they have control over their domain now too?

Twitter support is non-existent. I've tried contacting those bastards so many times in the past. I can only assume that they got Twitter access again from regaining control of the domain?
We are both assuming the Twitter account was attached to @BlueVM.com email and was actually hijacked :)  I only see a post made on Twitter and removed, which any account holder can do normally.

Twitter support, yeah, there is none.  Imagine that spinning out of control and losing access...
 

DomainBop

Dormant VPSB Pathogen
All of which means if this happened, as you imply, every customer should FEAR.  Fear their account info is now in public, fear a database dump with your info in public, fear anything you can relate to your BlueVM account and especially where you had common username and password credentials.
They should have already feared this when using any of these shitproviders™ given the businesses' complete lack of due diligence when hiring poorly paid contractors**  and the average shitproviders™ complete ignorance of information security standards.

For shits and giggles, ask one of these shitproviders™ if their business has implemented  ISO/IEC 27001 ISO/IEC 27002 standards and the response you'll get is "IS whaaat?, never heard of it!?

**using the IRS 20-pont checklist of employee vs contractor most of these contractors should probably be classified as employees and the tax cheat businesses should be audited and fined heavily for not paying payroll taxes, etc
 

MannDude

Just a dude
vpsBoard Founder
Moderator
I'm changing the title of the thread to, "BlueVM's domain name was hijacked" for sake of being accurate at this time.

I understand at the time this thread was created it was not clear what had happened, but it's clear now.
 

lbft

Active Member
We are both assuming the Twitter account was attached to @BlueVM.com email and was actually hijacked :)  I only see a post made on Twitter and removed, which any account holder can do normally.

Twitter support, yeah, there is none.  Imagine that spinning out of control and losing access...
The whole account disappeared briefly too.
 

DomainBop

Dormant VPSB Pathogen
A quick glance at google indicates BlueVM security compromise topics are an annual event.

May 2012: http://lowendtalk.com/discussion/2614/bluevm-illinois-server-hacked-data-lost

June 2013: http://www.lowendtalk.com/discussion/11428/potential-bluevm-whmcs-breach

August 2014::

..and this boys and girls is why I prefer to entrust my company's data to servers hosted by real companies with real employees and real security policies (real as in the mention of ISO27K standards doesn't draw a blank stare).

edited to fix a date.
 
Last edited by a moderator:

drmike

100% Tier-1 Gogent
000webhost imploding the hosting account :)
 

CPU Limit Reached
You are seeing this page because website has reached CPU usage limit of the server, and it was temporarily disabled.
and as far as hijack vs. sold, interesting what the BlueVM employee/whatever in IRC had to say...

Somewhere in Buffalo, someone is grinning.
 

D. Strout

Resident IPv6 Proponent
So WHOIS says the domain is with "eNom" - I figured that probably meant Namecheap. I used the Namecheap forgot password link and fed in the domain "BlueVM.com", and it says "Your account is locked. Please contact support." It seems Namecheap is likely looking in to things to try and get the domain back to its rightful owners.
 

Magiobiwan

Insert Witty Statement Here
Verified Provider
We're working on it now. Justin is working with Namecheap to get everything fixed up. When everything is put back as it should be and we've finished investigating, we'll be doing a release about this mess.
 

wlanboy

Content Contributer
A shit - worst case scenario.

Wrong website is one thing, but a malicious MX record is a worst case scenario.

Don't know when all DNS caches will have the correct values.

So even if we see the correct webpage again ... it would still be not save to write emails to BlueVM.
 

sv01

Slow but sure
NM, it is still 000webhost.com, they just are hosted a lot of shit in the past.
still on 000webhost.com


Expires On     May 07, 2017
Registered On     May 07, 2011
Updated On     August 23, 2014
they don't care about their client?
 

Francisco

Company Lube
Verified Provider
They don't care about much.

Not about support and not about securing their business domain.

If the bad boys had access to the Namecheap account they had access to the SSL certificates too.
Anyone know if bluevm was always using google for their MX records? Reason I ask is that right now it's pointing to google and if it wasn't them that did that.....

Francisco
 

MannDude

Just a dude
vpsBoard Founder
Moderator
How does one even hijack a domain name? Does anyone with more knowledge than myself want to do the vpsBoard community a favor and write a basic guide on preventing this from happening to them?
 

wlanboy

Content Contributer
Top
amuck-landowner