New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Comments
Yes.
Agreed, but they're different circumstances this is like the WHMCS Social Engineering attack, when hackers pretended to be Matt to Hostgator, but different. This is the scary part. SolusVM wanted an account to access to fix an issue with SolusVM's software. Most suppliers do this (I've learnt from this and build my software around this issue).
That temp account was used to access SolusVM and Blesta's VMs. So was it an inside hack from SolusVM Employee or was it an exploit? Was Pauls password and username easy to guess?
https://www.bitdefender.com/en-us/blog/hotforsecurity/commercial-billing-company-whmcs-attacked-by-hackers
God! 2012! I feel old my daughter was born then 14 years ago!
SolusVM, Blesta, Fiesta, Virtualizor, Dickbulizor, all the shit that needs access to your
internal infra - is a big no-no, and piece of shit you will avoid if you are a good admin.
@Cam important news, don't miss
Replace the title from ransom gang to WHMCS, if it wasnt made by an intern then your data is no longer safe with WebPros.
Is complete solution (ransom)
This.
Honestly sucks for Blesta but goes to show, never trust the security (or lack of) of other people/companies. If it's all accurate it's crazy that someone with WebPros was given enough access to their system to do this, just to solve a support issue with a client.
if it was someone from webpros there would be a law suit and a big one , so i rule that out, giving access on their system and not on a staging - dev environment is what puzzles me
"On June 25, we created a temporary support account for a third-party virtualization software vendor in connection with an active support request."
I believe it since this has been standard in the past with other WebPros companies. Just look at WHMCS for example, they ask for access every time pretty much. Sometimes they refuse help without access.
There's no way for a lawsuit against em since there's no trace leaved behind to whom did that puppet show.
How it was in a case of a data breach while they do still works on v6 ?
Oh, wow! -- Our Cloud software are more safer than others!
Clowns.
Why not provide access to a development environment instead of giving access to production?
https://www.whmcs.com/support-agreement/
Probably just wanting WebPros to reply to the client directly in a support ticket on the Blesta system to avoid going through three people. It's unnecessary, yea.
That's WHMCS's support agreement, SolusVM doesn't have that agreement nor is it in their terms and conditions: https://www.solusvm.com/terms-of-service/
still can’t comprehend why someone would decide to give a third party access to a production system without specific agreements and an NDA, or AT minimum restrict the account to only the sections it needs to access
This is more serious than a discovered vulnerability.
https://www.dickbulizor.com/support-agreement/
I thought Blesta is probably 2nd or 3rd most used Billing panel after WHMCS in the Hosting industry and is fairly popular. But this thread is giving me a very different vibe.
I am not sure about the popularity of it, the industry is quite small and biggest share goes to whmcs, lately a lot of other free and paid alternatives have raise, and may decide to vibe code their own solution , which logically results to even smaller market .
I summon Mythos to hack it back
Hi! In the good news, we don't use Blesta. I'm sorry for those who will suffer from this
But you use WHMCS (SolusVM) where that leak comes from.
Valid point, but there’s a huge difference between using a software and how you manage its access. We don't hand out production root/admin credentials to third-party support on a whim. Everything goes through isolated staging environments, and any temporary access is strictly firewalled and monitored. Lesson learned from others' mistakes long ago.