psychz.net yardvps.com photonvps.com got hacked

Francisco

Company Lube
Verified Provider
BE CAREFUL.

Google is claiming there is malware being pushed. Here is the contents of the page pulled via CURL.

Code:
<html>
<head>
<title>Hacked By Spectrum</title>
</head>
<body bgColor="#FFFFFF">
<div align=center>
<img src="http://zonehmirrors.org/defaced/2013/11/28/shrinathji.co.in/im42.gulfup.com/2YIA1.gif" border=0 width=500 height=279>
<br></br>
<div class="wpmd">
<font color="#FF0000"> </font><font color="#FF0000">&gt;&gt;</font><font color="#000000" size=7> HACKED </font><font color="#FF0000" class="ws48">&lt;&lt;</font></div>
<br></br>
<font color="#FF0000"> </font><font color="#FFFFFF">&gt;&gt;</font><font color="#000111" size=7> I told you motherfucker don't fuck with me go now and cry like a  little bitch you and your fucking CEO all your data downloded and one of it has been sold  </font><font color="#FFFFFF" class="ws48">&lt;&lt;</font>
<br></br>
<font color="#FF0000"> </font><font color="#FFFFFF">&gt;&gt;</font><font color="#000111" size=7> Fuck you Tim ;)  </font><font color="#FFFFFF" class="ws48">&lt;&lt;</font>
<br></br>
<font color="#FF0000"> </font><font color="#FFFFFF">&gt;&gt;</font><font color="#000111" size=7> Fuck you psychz.net ;)  </font><font color="#FFFFFF" class="ws48">&lt;&lt;</font>
<br></br>
<font color="#FF0000"> </font><font color="#FFFFFF">&gt;&gt;</font><font color="#000111" size=7> and thank you for the great data :D you can laugh now :D </font><font color="#FFFFFF" class="ws48">&lt;&lt;</font>
<br></br>
<img src="http://image.spreadshirt.com/image-server/v1/designs/11236846,width=178,height=178/middle-finger-fuck.png" border=0 width=500 height=279>
<br></br>
<font color="#FF0000"> </font><font color="#DDDDDD">&gt;&gt;</font><font color="#FF0000" size=7> This sites  </font><font color="#FFFFFF" class="ws48">&lt;&lt;</font>
<br></br>
<font color="#FF0000"> </font><font color="#111111">&gt;&gt;</font><font color="#111111" size=7>  psychz.net yardvps.com photonvps.com  </font><font color="#FFFFFF" class="ws48">&lt;&lt;</font>
<br></br>
<font color="#FF0000"> </font><font color="#FFFFFF">&gt;&gt;</font><font color="#FF0000" size=7> has been hacked </font><font color="#FFFFFF" class="ws48">&lt;&lt;</font>
<br></br>
<font color="#FF0000"> </font><font color="#FFFFFF">&gt;&gt;</font><font color="#FF0000" size=7> I offer all of the databases for sale for just 100$ </font><font color="#FFFFFF" class="ws48">&lt;&lt;</font>





<br></br>
<font color="#111111" size=6 > [email protected] </font>
</div>
</div>


</body>
</html>
 

peterw

New Member
This is the result of what Psychz Network allowed to be hosted on their network. I banned their whole range long time ago.

Code:
23.91.0.0/19 	        Psychz Networks
23.91.4.0/24 	        Psychz Networks
23.91.14.0/24 	        Psychz Networks
23.91.21.0/24 	        Psychz Networks
23.228.192.0/18 	Psychz Networks
23.228.230.0/24 	Psychz Networks
23.228.252.0/24 	Psychz Networks
23.236.96.0/20 	        CrosSystem Company
23.238.128.0/17 	Psychz Networks
23.238.142.0/24 	Psychz Networks
23.238.151.0/24 	Psychz Networks
23.238.164.0/24 	Psychz Networks
23.238.165.0/24 	Psychz Networks
23.238.189.0/24 	Psychz Networks
23.251.32.0/19 	        VpsQuan L.L.C.
69.165.64.0/22 	        VpsQuan L.L.C.
69.165.72.0/21 	        VpsQuan L.L.C.
74.117.56.0/21 	        Psychz Networks
108.171.240.0/20 	Psychz Networks
173.224.208.0/20 	Psychz Networks
192.126.124.0/23 	NexteCloud L.L.C.
192.184.32.0/19 	Psychz Networks
192.184.63.0/24 	Psychz Networks
192.210.48.0/20 	Psychz Networks
198.13.96.0/19 	        Psychz Networks
198.44.160.0/19 	VpsQuan L.L.C.
199.15.112.0/21 	Psychz Networks
199.71.212.0/22 	Psychz Networks
199.83.88.0/21 	        Psychz Networks
199.119.200.0/21 	Psychz Networks
199.245.58.0/24 	CrosSystem Company
208.87.240.0/22 	Psychz Networks
216.24.192.0/20 	Psychz Networks
216.99.144.0/20 	Psychz Networks
 

Francisco

Company Lube
Verified Provider
There was a tweet where someone claimed their VPS is now crapping out input/output errors...

It was removed now but it might get ugly.

Francisco
 

Shados

Professional Snake Miner
There was a tweet where someone claimed their VPS is now crapping out input/output errors...


It was removed now but it might get ugly.


Francisco
Heh, that's a pretty perfect indication that the disk or FS has fallen out from under it if they're getting it on random operations.
 

Francisco

Company Lube
Verified Provider
Heh, that's a pretty perfect indication that the disk or FS has fallen out from under it if they're getting it on random operations.
Usually :)

The owner posted on WHT that the issue was just their ENOM account getting exploited.

It's possible the I/O ticket was just the planets aligning but who knows.

Francisco
 
Top