I guess DamnVPS/ThrustVPS got hacked


New Member
Got this little gem this morning (haven't been a customer in a very long time); obviously the return address is NOT Damn/Thrust but watch out!

This is a notification to let you know that we need to verify for reduce fraud.


 We want your data as soon as possible.


 The data that we need is as follows:


 Server Username (Included)


 Server Password (Included) 


 Full Name (Included) 


 Address (Included) 


 City (Included) 


 State (Included) 


 ZIP (Included) 


 Phone Number (For Call To Verify) 


 Country (Included) 


 Paypal Email(If Order With Paypal) 


 Paypal Password (If Order With Paypal) 


 Credit Card Information (If Order With Credit Card) 


 Scan Of Credit Card Front And Back (If Order With Credit Card)


 Data is sent to Email : [email protected] - Damn::VPS - We give a damn
Last edited by a moderator:


Just a dude
vpsBoard Founder
Yeah that's a pretty obvious scam email. I hope no one falls for it. I suspect you've already reached out to DamnVPS and let them know? Have they returned a statement?

Crazy stuff.


New Member
I flagged it as soon as I read the badly worded first sentence.

Yes, it's pretty obvious but perhaps not to all which is why I posted. I cross posted this to LET but go the usual smart arse attitude completely missing the point that the reason scams work is because some people are vulnerable. Whatever.

Yeah I pinged them but no reply, not going to waste any time on it since I'm no longer a customer.


New Member
Verified Provider
So really, whos so stupid to fall for that
Last edited by a moderator:


New Member
Verified Provider
I'm a former customer, and haven't gotten the email, so I don't think it was a database leak.  Unless they just haven't gotten to me yet, or it just got completely rejected.


Slow but sure
I'm a former customer, and haven't gotten the email, so I don't think it was a database leak.  Unless they just haven't gotten to me yet, or it just got completely rejected.
I'm a former customer too, and I got these email but with different email :

Data is sent to Email : [email protected]
Thanks in advance for your patience and support. - Damn::VPS - We give a damn
IP Sender match with rDNS

Received: from ([]:47085)
    by xxxxxx with esmtps (TLSv1:DHE-RSA-AES256-SHA:256)
    (Exim 4.82)
    (envelope-from <[email protected]>)
    id 1W4Ma2-0004Xl-5o
Code: has address domain name pointer
inetnum: -
netname:        ThrustVPS_HH
descr:          Thrust::VPS
Last time I got email from them about Urgent Maintenance on 2012-12-20 17:13

using same IP

Received: from ([]:41958)
    by xxxxxx with esmtps (TLSv1:DHE-RSA-AES256-SHA:256)
    (Exim 4.80)
    (envelope-from <[email protected]>)
    id 1Tld8X-0006D0-0m
    for xxxxxxxxx; Thu, 20 Dec 2012 17:13:58 +0700
maybe someone send phising email using their mail server


New Member
Got the phishing email yesterday. Woke up this morning to find that my OS had been reinstalled. 

F*cker's IP was logged as


vpsBoard Premium Member
Their site is still offline - guess they're gone - ?

Not that I really care.  I thought their service was garbage when I tried it.


Company Lube
Verified Provider
Dear (customer name)

Further to our email earlier regarding the phishing email that was sent out - it turns out it had came from our server - upon further investigation the attacker had managed to gain access to the whmcs installation and upload his own files namely a php shell and a mailer script.

These have now been removed and the server has been secured - We are also looking to introuduce extra security to make sure we have no further repeat of issues you have experienced over the weekend.

As a precaution can we ask our clients to login and update there password as soon as possible. We do not store any credit card information on our systems so this will not have been compromised or effected in any way.

We would also advise you to update your password on any sites that may have shared the password you use with us.

If you are having issues with your account can I ask you raise a ticket to [email protected] via your registered email address to allow us to assist you quickly.

Our apologies for any inconvenience this has caused and please let us know if there is anything we can assist with during this time.

Kind Regards,

ThrustVPS Admin Team
@Jack - What are the data breach laws like in the UK? I'm wondering if IOMART has already gone to the authorities over it.