New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Just a stab in the dark.. Did you use the same low end password for everything?
Great term
I am not seeing anything wrong with the domain or contact details and the DNS is correct. Last update was the 23rd so no significant changes were made recently.
Registered through: GoDaddy.com, LLC (http://www.godaddy.com)
Domain Name: PREMIUMVM.COM
Created on: 10-Dec-12
Expires on: 10-Dec-13
Last Updated on: 23-Apr-13
It was nearly a month ago Dominic said he was coming back, maybe he got the server a few days before that and indeed the server has been cancelled for non payment. Seems to fit.
website hosted on that server too?
It's the most plausable story line anyway.
If it was due to non payment, surely the domain would just resolve to nothing rather than the go daddy parked.
Also, last domain update was 23rd, so four days sincesomething happened.
WWeird really.
It is resolving to nothing, he said he can't even get into the client areas of the server or godaddy yet the nameservers are still premiumvm.com, it's not pointing to a godaddy parking page.
If someone went in and changed the nameservers for example then the "last updated on" would change but it's not.
sounds like the typical "I swear it was this password" story
Start dig..
ns2.premiumvm.com. TTL=172800 [173.212.241.77] [NO GLUE6]
They terminated the website completely, and terminated it via WHM.
They submitted a cancellation request for our whole package at our site host basically. I've managed to get hold of the IP in question (from India) and have already reported that.
At the moment, I'm trying to see what they've done to our dedicated server (VPS node).
They also have changed password for VirtPanel/VirtPanel client area.
I'm back into my website hosts client area, and am also back into GoDaddy (as they were stupid enough not to reset my call-in PIN).
Its a trap!!! lol
@dominicl Good to know you've made some progress. Do update us. I could not imagine being in your position right now, having to lose access to so many important things.
I wonder who the attacker(s) is/are and why are they doing this. Best of luck.
Looks like @DewlanceVPS got in.
I wonder who the attacker(s) is/are and why are they doing this. Best of luck.
Obviously, I don't know who they are but I have contacted who I think the IP is being provided by. I'm hoping I'll get some sort of response to that.
I'm making progress slowly.
It's not a nice position to be in! Extra security precautions are also being taken at this time.
This dude's thread is hilarious.
This is weird. So everybody assumes his home pc was hacked?
Well, it looks like it. They got all the passwords.
I'm going to get it checked out.
What part of the security was on you and what parts were on @Jacob ?
The security was on me.
However, I'm still trying to find out how the hacker gained access to the passwords.
I'm back in everywhere now, but it looks like the hacker terminated all VM's, and submitted cancellation requests for absolutely everything.
Sucks
@dominicl So, you have to build from scratch? premiumvm.com is on but only showing index of/
It looks like it. My main priority at the moment is regaining all access, cancelling the cancellation requests, etc. Once I've found out what they've done exactly, I'll focus on getting the site back up and running.
@dominicl In this day of age, surely you have backups of everything anyway?
I was in the process of setting up website backups, and I had set up a WHMCS database back-up which doesn't seem to have worked at all.
Go play outside already.. It's a nice day
I know..lovely..just lovely.
@dominicl Hangin' tough, bro. May the force be with you :P
@Jack you jinxed it
think somewhere you wrote you were doing it properly this time :O
There you go
You're always so right
It's all a big show
It's all about you
You think you know
What everyone needs
You always take time
To criticize me
But not today
So shut up, shut up, shut up shut up shut up..
@dominicl You have someone after you with a personal vendetta or something? Who does such elaborate bs? What kind of hack can be on your PC in your opinion? Watching data packages or simple keylogger? Maybe your internet connection is compromised, you should do all the resetting not only on another PC but another connection. Since this all seems too hardcore for some idiot who would focus on one individual, I'm assuming there's gotta be something more simple behind all this than actually sneaking into your PC. Do you use the same e-mail as administrator account for all these services? Maybe someone just hacked your e-mail (if it is self-hosted) or just guessed your password or security question if the hacker is someone who knows you. Is the answer to your secret question an information that can be found on the internet? A question like "What's your mother's maiden name?" can be answered by for example checking your Facebook, find your mother there, or even your cousin (child of your uncle from your mother's side) in order to guess your mother's maiden name... Have you considered the chance of something like this happening? You said the hacker's IP was in India, this might as well be a VPN, or SOCKS over a VPS, etc...