Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


ApacheBooster mass mailing all customers CC'd
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

ApacheBooster mass mailing all customers CC'd

cu_ollycu_olly Member
edited December 2019 in General

This is a funny one!

We used to use ApacheBooster many moons ago, to (allegedly) increase the speed of cPanel servers. ApacheBooster is simply a cPanel/WHM plugin that installs Nginx and Varnish, and then allows the server admin and end user to control what gets cached on a per-domain basis via the plugin.

It's already been plagued with security issues and supposed code copying from Unixy's own Varnish cPanel plugin in the past -- https://www.webhostingtalk.com/showthread.php?t=1367693.

However things hit a new all-time low today, when their mailing list or billing/customer system was misused to send hundreds of emails with ALL of their customers in the to: field!
http://prntscr.com/qake9g

We're talking over 200 emails sent, each with different customers' email addresses exposed to one another:
http://prntscr.com/qakf2q

I have obfuscated the first screenshot so as not to expose anyone further but one can clearly see the state of the damage. ApacheBooster were contacted back immediately but no reply as of yet. Note that we've not been customers for likely 4-5 years so this is both interesting and alarming.

I hasten to add, if ApacheBooster's previous security issues and supposed code stealing were not enough to have warned you away, this ought to do it good and proper.

Thanked by 1dedipromo

Comments

  • Forgot to add, this is the content in the email: http://prntscr.com/qakhey

    No personal info in the body at all. No username or password, and even the "activation" link is a generic one from what I can tell.

  • why is ANYONE using them?

  • @hzr said:
    why is ANYONE using them?

    I have no idea, but I hope their latest idiocy kills off the remainder of their customers.

Sign In or Register to comment.