New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
GreenValueHost hacked, data stolen
This discussion has been closed.
Comments
I would agree, having looked at all the dates and times between both forums I think it is fairly obvious now that the actual breach took place before the events @WebSearchingPro posted and it was a bad coincidence based on prior knowledge.
Okay, another question.
Did you check the /proc contents? The log files files should be there, because they were in use at the time server was rm -rf'ed.
http://www.hackinglinuxexposed.com/articles/20020507.html
People should know, that in Linux files in use are not really deleted, they are still open in proc, even after deletion. Though, if I'm incorrect, feel free to correct me. There are definitely people out here, who know about this stuff better than me, I'm a newbie after all.
At the moment restoring the billing area is what is being worked on as far as I'm aware to get to a capacity to answer tickets. After that will be SolusVM - I imagine later today.
.
I'm currently taking a break from helping out and letting GVH staff handle the rest of the cleanup. Late night last night
Is WHMCS up now but minus SSL, SSL is 404'n over here?
Those appeared to be emptied too, likely removed and recreated by linux.
Jon mentioned earlier that they are working on getting SSL functioning again. Not sure what the status is on that.
Edit: Looks like they got it, might have been cloudflare delay.
Well... then learn from mistakes and don't restart a server, which you know was just hacked, kind of foolish.
Makes me feel good about registering with my personal info there.
Can we get rid of this shit host already? Every time I log in to check new threads, I find this shit company having problem with clients, service and now getting hacked. It's just plain stupid to run such of a company... It's like a joke.
Normally, I'd agree with you. But in this case, it's just up to the customers whether they want to take the risks or not. If people stop using GVH's services, then it will shut down on its own. However, some clients are willing to take the risks if it means they can get a "bargain" on the price.
Yeah, something definitly isn't adding up here. I also think that there isn't enough "solid proof" to even justify calling out Jack. what did @websearchingpro provided us with so far that is worth calling out someone about? some server logs and a random skype conversation that isn't showing the complete conversation. As you all know server logs could be easily edited with a texteditor and modified to however you want it to look like, i'd never call that solid. ontop of that not showing all conversations entirely isn't helping either. in my eyes there isn't enough proof saved up yet to make any solid decisions/calls this makes me question the motives of websearchingpro.
I also like to add that the reply @websearchingpro gave on my previous post http://lowendtalk.com/discussion/comment/633849/#Comment_633849 didn't convince me at all. Anyone who would choose a side right now without waiting for more solid proof would be foolish in my opinion, calling someone out should be considered a serious thing and this never should happen without anything solid that proofs the claims.
Over at VPS board, Dr Mike has posted a transcript of a chat between Jon and himself where Jon confirms Jack was involved at his request and the timings are coincidental.
If I request a refund, what are the likelihoods it will be acknowleged?
It seems I was wrong about GVH and they are effectively grossly incompetent.
*fixed most spelling mistakes http://lowendtalk.com/discussion/comment/634037/#Comment_634037
Jon claims to do a half million dollars in sales this year so, while you may be outside a refund window it sounds like a refund or healthy compensation credit wouldn't hurt the bottom line.
A screenshot or just text that could've been easily modified? link?
Thanks.
I'd like to see the figures before I believe it.
But @Jack said he did download the dump by randomly guessing the file name, so those logs are apparently real.
https://vpsboard.com/topic/4570-greenvaluehost-becoming-colocrossing-dumping-providers-etc/page-20#entry66148
.
It's just a text cut and paste, but I highly doubt Dr Mike would outright lie to protect Jack.
Can it get any better??? This is hack No? Must over 9000 already.
I'm one of the new guys here and I do not know most of the people who have been here or who still are there but I know that no matter how good I know someone I still will question the given evidence at all times, specially if it could've been possibly modified. I'll go back to the background now and watch how it plays out, I just made my previous post in the hope that people do not judge too fast without having seen anything that is worth calling out for, i've seen it many times before that people like to choose sides with minimum non-solid evidence.
Well I have him on record saying GVH will do 500k this year. I also have him on record saying that he has lost control and has no grasp on his contracted employees.
Jon said he pays all of his contractors 1600 a month, various levels such as support and system administration.
After that conversation comes this whole fiasco where it appears someone was able to gain access and wipe WHMCS and SVM. I noticed someone posted a chat log of Jon saying one of his guys should shut down etc.
This all goes to show his previous conversation about loosing all trust in his contractors is correct I assume.
Though the lies are all to real and ongoing. I mean by the looks of these conversations there is no pay involved in most cases.
Several weeks ago I told Jon specificly he needed to board up all holes in the contractors and immediately hire local employees. For 10 people making 1600 a month he could hire 2,3,4 local employees for a higher salary and have more control.
Just take a look at how many people have/have had total access to his systems. Its honestly mind blowing.
.
Jon told us all:
http://lowendtalk.com/discussion/27798/tacticalvps-busted-node-in-la/p2
Well I suppose whoever has the WHMCS database can verify.
Total or each? Total I might believe...you can get third world techs pretty cheap. I think he said he had 18 (har!) and if each of them works for less than $100/month that's about right.
Jeezus, how many people that are not connected to GVH are actually involved and looking through systems over there? Scary. Helpful or not it's a disgrace the footfall over that data.
EDIT: @W1V_Lee already mentioned what I wanted to.
Each, and all US based is what he told me.
Though I mean is it true? If he actually has these assets why are they not fixing this mess rather than random people on skype or the forum?
You mean Jon who resigned 2 days ago?
Obviously GVH weren't left in very good hands if he has had to jump back in.