HostNun Abbey Violated by WHMCS Insecurity

Status
Not open for further replies.

drmike

100% Tier-1 Gogent
It appears tail end of October that HostNun was another, ehh victim of WHMCS insecurity.  Prayer probably isn't going to make things better in this instance.

1:HN-Matt:[email protected]:0d12d19d25f7a455a7f91166d365ca
2:HN-Laura:[email protected]:12a4e0bb36c4b9ae82a28f09b7572d
4:HN-Yekaterina:[email protected]:15d40d77ebff4eb9a9712d410b3174

NOTED:  [email protected] in the data....  Ho hum.

Edited:  last long value is actual hash..
 
Last edited by a moderator:

drmike

100% Tier-1 Gogent
Duh, Yekatarina Samutsevich.  This whole HostNun charade was the blasphemous work of PussyRiot. :p

If proper notification procedures weren't followed then the customers were the real victims.
Yekatarina is a ~ Russian name with some popularity.  Thought we knew someone in the low end world with such a handle/name...

As for customers, unsure if in this mass compromise (there were tons more companies involved) if anything further was seen/borrowed/copied.  A pastebin'ing of the info included just the admin info.
 

DomainBop

Dormant VPSB Pathogen
(there were tons more companies involved) if anything further was seen/borrowed/copied.  A pastebin'ing of the info
Found it by searching   The humorous thing is the hacker added the Alexa rankings of all the sites he hacked to his paste.  I didn't realize that Alexa rankings were the new source of epenis power in the hacker community. ("ooh, look at me, I just hit a site ranked xxx,xxx.  You jealous?")  :p

Other low end sites on that paste: PremiumVM.com, ProvisionHost.com
 

drmike

100% Tier-1 Gogent
Other sites on that paste: ServerHub.com

PremiumVM.com keeps getting banged up.   Dom's old folded company...  Ho hum.

Alexa ranking :) Nearly entirely flawed crap rank, unless they are mass buying/pilfering DNS lookups and other stuff to make it worthwhile.  Alexa toolbar installation base has to be dwindling.
 

XFS_Duke

XFuse Solutions, LLC
Verified Provider
Heh, if you see any of my sites on there, let me know... I'm sure they aren't though... lol
 

drmike

100% Tier-1 Gogent
Why is GVH listed there?
Cause clearly what happens in Buffalo, stays in Buffalo. :)

Land of leaks up there with providers.

Now I will say HostNun did bail/move from HVH.  After doing such there was conversation on LET where GVH said they'd welcome HostNun back anytime.  Some other provider chimed in and said about the HostNun owner/operator and alluded to massive problems his company had with such and said  BEWARE.

I would hope that GVH isn't in current database and I doubt 'Nuns current provider is up in the admin like that.
 

Virtovo

New Member
Verified Provider
So many hosts hit by the the WHMCS exploitathon.  I wonder how many hosts have not disclosed their breaches or are even aware customer data was stolen.  I know honest companies that disclosed their breaches were hurt financially.  The industry is the wrong way round.
 

drmike

100% Tier-1 Gogent
Word has it other Buffalo hosts may be working with the FBI.  Couple of folks have had FBI come knocking about one of the companies hacked.

Nice to see Bufftards use government bully muscle while ignoring the laws about cleaning up and reporting the hacks to other government agencies.

Frankly, if providers had their heads on straight they'd class-action sue WHMCS and SolusVM for being moderately sloppy and ignoring practice and having regular audits.  

I fully expect to see many more hacks in 2014 involving both pieces of software.
 

vRozenSch00n

Active Member
So many hosts hit by the the WHMCS exploitathon.  I wonder how many hosts have not disclosed their breaches or are even aware customer data was stolen.  I know honest companies that disclosed their breaches were hurt financially.  The industry is the wrong way round.
There is a saying in my country "If a lamb was stolen from you, don't report it to the authority. Otherwise you will lose another cow"
 

SrsX

Banned
Word has it other Buffalo hosts may be working with the FBI.  Couple of folks have had FBI come knocking about one of the companies hacked.

Nice to see Bufftards use government bully muscle while ignoring the laws about cleaning up and reporting the hacks to other government agencies.

Frankly, if providers had their heads on straight they'd class-action sue WHMCS and SolusVM for being moderately sloppy and ignoring practice and having regular audits.  

I fully expect to see many more hacks in 2014 involving both pieces of software.
That would be Blacklotus -- Blacklotus was breached by Vypor aka Taylor Hayden Smyth - a 16 year old kid, he proceeded to compromised more then 15 hosts and "dox" the hosting company owners and staff(release all their detaisl).

Blacklotus requested he removed the database backup, he told them to, and I quote fuck off - therefore Blacklotus took it in to their hands to contact the FBI. In addition there was over $20k in fake orders processed before Blacklotus knew they were compromised.
 

drmike

100% Tier-1 Gogent
 

That would be Blacklotus -- Blacklotus was breached by Vypor aka Taylor Hayden Smyth - a 16 year old kid, he proceeded to compromised more then 15 hosts and "dox" the hosting company owners and staff(release all their detaisl).


 


Blacklotus requested he removed the database backup, he told them to, and I quote fuck off - therefore Blacklotus took it in to their hands to contact the FBI. In addition there was over $20k in fake orders processed before Blacklotus knew they were compromised.
Interesting story. I won't comment on the above Smyth. He showed up elsewhere and keeps doing such. I have my doubts/questions.


I know CC for a fact is FBI involved and had active field agents bothering people. Part of the stupidity involved the CVPS hacks. Seems like someone up there doesn't mind wasting federal resources and wrongly bothering people. Shame. False accusations, lack of proof, etc.


Clearly the FBI has found the lack of proof too. Hopefully Buffalo contacts get burned for misuse like they have.
 

SrsX

Banned
 


Interesting story. I won't comment on the above Smyth. He showed up elsewhere and keeps doing such. I have my doubts/questions.


I know CC for a fact is FBI involved and had active field agents bothering people. Part of the stupidity involved the CVPS hacks. Seems like someone up there doesn't mind wasting federal resources and wrongly bothering people. Shame. False accusations, lack of proof, etc.


Clearly the FBI has found the lack of proof too. Hopefully Buffalo contacts get burned for misuse like they have.
Well it's ironic - he got raided by the FBI in co-operation with Homeland Security.
 

GVH-Jon

Banned
In case anyone is wondering, "eus" stands for End User Support. We offer End User Support to our resellers free of charge.
 
Status
Not open for further replies.
Top