New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Hello,
We have turned our website down to express our sadness of the matter happened yesterday's evening the website's back to it's normal and it is still in our custody!
However this situation have been dealt with successfully.
Friendly reminder : WE DO NOT TOLERATE SUCH ACTIVITES AND WE HEREBY DO NOT PROMOTE THEM
Virtualizor said that they have not found any issues in Virtualizor but are following it up with galaxyhostplus, so should be safe to keep using!
Did you mean to post using your galaxyhostplus account?
Here is the response of Virtualizor:
Yes, we are. We have got the web logs and as of now, there isnt anything concrete. We are still investigating and also GalaxyHost is searching from their end.
Hello.
Few updates we working with Virtualizor to find how this happened.
We found guy called Jamie who was sending these emails on the 9th of January. We have taken actions to migrate to SolusVM during that time. On 11/03/2016 no data was affected. Emails are based on same adress like on 9th January 2016. only 320 Adress out of 2000 are affected on Virtualizor panel.
Virtualizor panel logs looks to be fine so I say it's safe to use.
We still looking how did such data go to Jamie hand we trying to contact Jamie at this moment.
We are now on chat with Dark Host we are working to resolve this and track Jamie.
If anyone have anymore info about it let us know.
@GalaxyHostPlus, thanks for the updates even thou i am not a client with you but now considering it
hope you have less stressful sunday.
Thank you for your positive comment.
We hope everything is now resolved.
Also to include we are lucky only emails are stolen nothing else due our high security.
SolusVM will allow us for higher security included admin panel protection which was not possible with old panel. means IPs whitelist.
I was online all night and cross check all our clients to make sure only old VPS panel is affected which in this cause only 320 accounts are affected on 6 January 2016 which we took actions shut their service down. we are now on hunsting with virtualizor and dark cloud for Mr Jamie. We got more information of included his IP from Egypt.
I hope everyone have a nice day all is save so don't worry if you require more info fell free to contact us.
Kind Regards
Janusz C
So @GalaxyHostPlus, is it safe to conclude that Virtualizor is safe?
I think it is.
Hello.
It should be safe to use. but monitor your connections.
Best way to check is
/usr/local/emps/var/log/mysqld.log
and main to monitor
/usr/local/emps/var/log/web.access.log
Everything else is safe. We can say everything back to normal.
Yes...thanks...(I setup a couple of servers yesterday with that)
I vouch for Virtualizor they are amazing with support and are always improving, solusvm can be less buggy but support is rubbish.
Just wondering, what's the affiliation with this person and your company. If he's outside the company, it'd still be good to know how he managed to acquire said addresses.
Also, TBF, you've emailed your customer based with a title '[Critical] Virtualizor Breach of Email Data', about 2 hours after you'd became aware of the situation. Maybe a bit too quick to have stated that as fact?
We take security very seriously probably yes email was little too fast it could be sent a lot better during night. We are happy to say all personal data is safe so should not affect the service.
I would be surprised if this is the case. We have audited Virtualizor and have not discovered any SQL injection vectors so far. That doesn't mean that they don't exist, but from our review we have not discovered any so far.
You need to be careful disparaging them and calling into question the security of their product until you can actually demonstrate evidence that proves it.
@virtualizor have you reviewed this allegation? What have you found so far?
I wouldn't say that, my money is on Virtualizor being in the clear and this being a PEBCAK on the operators side.
Yes we are working on it. But nothing found as of now.
Yet another email, but this time from darkcloudhosting.co.uk, from "Inspector General" (har har)
TBH, ESL aside... I'm not buying either side's story. I think the data was sold, or they're both party to the same company (or were). I've no evidence of that, but there's just way too many inconsistencies in the explanations. One for the kangaroo court, I've put the info out there and can't see how any further explanation would be useful to me.
No data was sold and we are not the same company. I first time hear about Dark Hosting was on 11th of March. Also why would I waste 2 Years of hard work collecting my clients it just make no sense to loss such work by selling data. I work hard on this company on free time doing courses to improve from my side so selling data makes no sense here.
If anyone need send any inspector to my company fell free I give permission to check my PC and chat history to prove I'm clear and this was real hack or glitch with VPS Panel as only 320 Addresses are out which I could have other theory which I will ask Vir later about it.
Please think again before making any judgment as I'm also victim here I think no one want to be on my position today while he know his doing his best to protect from such things. I hope for the best and hope this is the last cause like this.
Kind Regards
Janusz Czeropski
Galaxy Digital Networks
Janusz, close the browser/pc and have a break/sleep, comeback tomorrow ...
Wish to do that but no one will do the work for me
Also need finish migration to SolusVM today to make sure everything full safe.
Have a nice Sunday.
I guess that's a rhetorical question because I'm not up to speed on your motivations and work history, nor should I be. I imagine the rest of the customer base is in the same boat.
To be fair, you (edited out) a post saying it was person X, then you said it was Virtualizor, then not Virtualizor... and now some mysterious person called Jamie. If anything needs to be done, just come back in a couple of days, maybe 3, maybe 4 and giving the final analysis would probably be a nice course of action.
Not singling you out here, but I notice this with many LET hosts (not all). You want some kind of charitable status because you're costing 10 bucks a year and suddenly it's "understandable" that you leak private data, or you're doing the customer a favour by offering such a service, or that because WHMCS/SolusVM/Virtualizor make a hosts job more convenient, that it's a legitimate reason to be excused for whatever can/can't happen.
All I'm actually saying here is that leaking data is probably the worst thing a provider could do, for everyone involved. You're definitely not a victim if you choose to run buggy software for your convenience at the expense of customer integrity, it's a bit rich to say that. Also, what you've said so far is pretty patchy and you're swinging in between blaming a bit of software and some random person who you've gave no background on. I reserve the right to be sceptical
Maybe get your head around the problem and then communicate what actually happened when you are more sure about it. And sorry, there's no excuses or acceptable reasons for that info being leaked out. Tis how it is.
I should add, the service you have given has been absolutely fine, no downtime and nice value. I'd hope that you can find a clear-cut answer to this little ... mishap.
I got the info about Jamie from Leo who own mountrix where the emails were sent out.
When we start with Vir everything was stable during that time. Issues only started after 1000VMs.
I leave the rest uncomment I already said what I have to said.
I still maintain my belief that this is nothing to do with Virtualizor.
If there is no evidence to support this then the provider needs to retract their allegation and examine their internal processes for the cause of the leak.
Wow 1.000 vps on a server?
Nope. We have more than one server even more.
Update.
More soon once got more info correctly from the source.
Looks like it will be hard cause.
You don't name and shame and contact police unless you want to be the one that gets arrested. If it's criminal activity contact the police and your lawyer and speak no further of it in public domain other than information required for security.
So someone was advertising for darkdickhost with your emails and now you have found who was spamming?
Darkdickhost told you that they are not involved in this and you trusted them? After blaming virtualizor now you say database was not hacked? Wtf is this?
Dear Client's.
We have investigate about Emails where were send out on 9th January and 11th March.
We have finally find out what happened and how emails were taken from GalaxyHostPlus.
Our X Staff member have copy and paste 320 Email Addresses out of GalaxyHostPlus to Mountrix on the 9th January which is strongly against our rules.
We have taken actions against Mountrix and shut their website down with legal help.
We are ready to take legal actions against our X Staff which was fired from his position back in February. however his access was taken back in January after emails were out of GalaxyHostPlus same with other staff members.
X staff was Level 1 support which means he was limited only to support ticket and live support and basic settings. No other data was affected based on his custom permission. X staff was behaving very well during this time and was working normal like all our staff which is actually shocked for us what happened. thank you to people who helped us in this Investigation.
We have full details of X Staff which we collect from all our staff. we cannot name him due legal issues it may cause.
I Janusz CEO of Galaxy Digital Networks want also Apologize officially to @Virtualizor for false judgment on data leak from their VPS Panel.
We deeply apologize for any inconvenience this may have caused.
Also note from other providers please be careful with your staff even if its trusted you may also have his IDs and so on it's still not safe even with limited access.
Kind Regards
Janusz Czeropski
CEO & Founder, Galaxy Digital Networks
So if he had 'very limited access', how did he get an email address export?
He copy and past manually from VPS panel he heaved basic access such as reboot and start in panel.