Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


HostSolutions hacked? - Page 5
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

HostSolutions hacked?

1235718

Comments

  • NeoonNeoon Community Contributor, Veteran

    You go to sleep and then you wake up to this, kurwa.

  • jarjar Patron Provider, Top Host, Veteran
    edited December 2021

    @gdarko said:

    @brueggus said:

    @gdarko said:
    If i am not mistaken, WHMCS uses BCRYPT so, the password hashes are useless?

    Yes, but:

    @jar said:
    Don't forget by default WHMCS sends the password you create for your login to you via email. It also sends you the password generated for services on provision typically. These are stored in plain text in the email history table.

    Well. F*ck WHMCS then, we should collectively sue them for storing this sensitive data in plain text.

    What is the logic of storing email contents in the database in plaintext when they advertise encryption bla bla. Fu*king idiots.

    Been this way forever. It's fine if you train your users to change passwords and if they're randomly generated but sending the ones you create is where it gets really bad, which it always did by default. I had to go in and wipe a bunch of them when from the DB once because I forgot about that default. Luckily users notice and quickly alert you, though usually through calling you incompetent publicly, oh well 😂

  • @dosai did you see this?

  • edoarudo5edoarudo5 Member
    edited December 2021

    Good thing my data that was stored there was not sensitive in the slightest. I have a generic name and that's it, it also helped that my account there was long inactive.

    Thanked by 1vpsTQ
  • We could start a first things to do thing for affected users:
    1. Check if any HO password is used twice for any other service/mail provider-> change all passwords
    2. Used still valid CC? Inform CC firm and block old card and order a new card

  • The site is gone offline and I haven't recevied any mails yet... But my friend did receive one...

    Guess my gmail will be spammed soon...

  • fLoofLoo Member
    edited December 2021

    I've had an test-account with them an preparing actions against them right now. Already filed all necessary papers to my lawyer. Financial ruin incoming.

    Thanked by 2JasonM TimboJones
  • awesome, finally someone has vps backups

    Thanked by 1tux
  • I have received this mail too. However, since I am self-employed, I am required by law to have my address on my website. So basically, nothing ‘really leaked’. The IP in the data log is at least 3 years old.

  • Anyone else that showed a German IP (probably his webserver), I don't use a German VPN, so... luckily I moved a few months ago, they only have my phone nr/name/password.

    Am I the only one that prefers to find out this way or not?

  • Great news.

    Epik, please get these and use them to advertise for underground hosting >:)

  • @dahartigan said:
    Ho Lee Phuc.

    More like

    Hoe Lee Phuck.

  • R.I.P HostSolutions

    Thanked by 1JasonM
  • I talked with Marius. He acknowledges the issue and says he is working on securing this asap. But ‘like in every business shit happens.’

  • @DennisdeWit said:
    I talked with Marius. He acknowledges the issue and says he is working on securing this asap. But ‘like in every business shit happens.’

    Should we wait for the answer from @cociu to Monday?

  • @DennisdeWit said:
    I talked with Marius. He acknowledges the issue and says he is working on securing this asap. But ‘like in every business shit happens.’

  • DennisdeWitDennisdeWit Member
    edited December 2021

    @Hotmarer said:

    @DennisdeWit said:
    I talked with Marius. He acknowledges the issue and says he is working on securing this asap. But ‘like in every business shit happens.’

    Should we wait for the answer from @cociu to Monday?

    I have him on Skype. So I don’t expect he will reply here.

  • @DennisdeWit said:

    @Hotmarer said:

    @DennisdeWit said:
    I talked with Marius. He acknowledges the issue and says he is working on securing this asap. But ‘like in every business shit happens.’

    Should we wait for the answer from @cociu to Monday?

    I have him on Skype. So I don’t expect he will reply here.

    Yeah no shit he'll not be replying here. He's been in hiding for almost half a year, ignored and ditched his customers. So what's he going to do now? Just because he sells perfume it doesn't mean he can make this shit smell good.

  • jarjar Patron Provider, Top Host, Veteran

    @default said:

    @DennisdeWit said:
    I talked with Marius. He acknowledges the issue and says he is working on securing this asap. But ‘like in every business shit happens.’

    First time I ever heard of them was in a little club they were playing at, a friend took me along. Had no idea they were about to blow up so big right afterward.

  • MaouniqueMaounique Host Rep, Veteran
    edited December 2021

    Shoot, now he is never going to come back :P
    I guess cociu didnt have the money to pay them and they got upset.

  • @DennisdeWit said:
    I talked with Marius. He acknowledges the issue and says he is working on securing this asap. But ‘like in every business shit happens.’

    is it joke or what? securing what??? it is too late. he made this shit

    he can now secure money for GDPR fine:
    https://tessian.com/blog/biggest-gdpr-fines-2020/

    Thanked by 1Demindiro
  • @Sanjue007 said:
    another drama?

    Man you should change your signature. Hostsolution 👺

  • @Andrews said:

    @DennisdeWit said:
    I talked with Marius. He acknowledges the issue and says he is working on securing this asap. But ‘like in every business shit happens.’

    is it joke or what? securing what??? it is too late. he made this shit

    he can now secure money for GDPR fine:
    https://tessian.com/blog/biggest-gdpr-fines-2020/

    It’s Romania. Romanian institues almost never fined any Romanian company for breaching GDPR.

  • @Sanjue007 or even better Hostsolution 🤢

    Thanked by 1JasonM
  • @Maounique said: I guess cociu didnt have the money to pay them and they got upset.

    He spent all his money and sold all his equipment to pay his GTS Telecom debt. Didn't have much left after that to feed the hackers.

  • @DennisdeWit said:

    @Andrews said:

    @DennisdeWit said:
    I talked with Marius. He acknowledges the issue and says he is working on securing this asap. But ‘like in every business shit happens.’

    is it joke or what? securing what??? it is too late. he made this shit

    he can now secure money for GDPR fine:
    https://tessian.com/blog/biggest-gdpr-fines-2020/

    It’s Romania. Romanian institues almost never fined any Romanian company for breaching GDPR.

    that is simply NOT TRUE:

    https://cookiefirst.com/top-10-countries-with-most-gdpr-fines-october-2021/

    Romania ranks third on our list of countries that have issued the most GDPR fines. They have imposed a total of 60 sanctions that add up to €699,550 in mandated payments.

    Thanked by 1Maounique
  • @malignify said:

    @Maounique said: I guess cociu didnt have the money to pay them and they got upset.

    He spent all his money and sold all his equipment to pay his GTS Telecom debt. Didn't have much left after that to feed the hackers.

    wasnt he adamant that GTS was wrong?

  • jarjar Patron Provider, Top Host, Veteran

    @Andrews said: that is simply NOT TRUE:

    Vampires and fines? Is there any reason to visit Romania?

  • MaouniqueMaounique Host Rep, Veteran
    edited December 2021

    @cybertech said: wasnt he adamant that GTS was wrong?

    There is no debt to GTS. That is their standard "business" practice, make contract where you can't cancel and then pretend to be paid for services they don't plan to deliver "for the reminder of the contractual duration".
    I never heard about that holding up in court here, at most they are allowed to take an installation fee they waivered or something along those lines, but many ppl probably pay up when they see the case has been filed just to get rid of the annoyance.

  • @cybertech said: wasnt he adamant that GTS was wrong?

    Yeah but look who ended up paying close to US$60,000 :)

Sign In or Register to comment.