Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


ISPsystem recent email (Russian Colab)
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

ISPsystem recent email (Russian Colab)

Jamie_DreamITJamie_DreamIT Member, Host Rep
edited June 2022 in General

I've had my eye on ISPsystem products for awhile as a replacement for cPanel/Virtualizor/WHMCS. I found it odd that I received this email (in Russian).

Curious to hear everyone's thoughts on this.

Orginal Email:

Translated Email:
June 2022, Moscow. ISPsystem, a developer of software solutions, and the Federal Security Service of the Russian Federation (FSB of the Russian Federation) and the DeFi project 1Inch, as technical consultants, have signed a cooperation agreement under the federal decentralized financial system (DeFI) traffic monitoring program. As previously reported, the Ministry of Finance, the Federal Security Service of the Russian Federation, the Ministry of Digital Development and other departments agreed on a plan to regulate cryptocurrencies by the end of 2022.

As part of the cooperation, the Federal Security Service of the Russian Federation will be able to monitor the activity of the IT infrastructure, both for inventory and for managing the physical infrastructure, managing virtual resources, providing hosting and cloud services, domain registrars and SSL certificates.

ISPsystem products are included in the Register of Domestic Software and meet all import substitution requirements. The company's solutions receive regular updates, are provided with round-the-clock support, have a convenient and understandable interface, and a microservice architecture allows them to cope with a load of tens of thousands of pieces of equipment.

The 1inch exchange was founded by Anton Bukov, a graduate of the Institute of Cryptography, Communications and Informatics of the Academy of the Federal Security Service of Russia, and is built on several decentralized applications (dApps) combined into a single ecosystem. Applications run on the Ethereum blockchain, which allows the use of smart contracts and ERC20 format tokens. At the same time, 1inch protocols support multi-chain architecture: they work with the BNB Smart Chain (Binance Smart Chain) blockchain and the autonomous Polygon Network side chain. 1inch specialists will provide consulting support to the joint project of ISPsystem and the Federal Security Service of the Russian Federation

“ISPsystem has a wide portfolio of promising solutions, to which both the market and engineers react with great interest. The company is included in the register of domestic software, which allows you to work with the vendor's products in the field of import substitution. The program is aimed not only at ensuring federal information security, but will also benefit international partners and domestic developers. We involve participants in joint projects, share experience, develop new competencies, and thereby provide customers with the best service as part of the transition to domestic software,” comments Anton Bukov, head of domestic software for decentralized financial systems at the Moscow Institute of New Information Technologies of the FSB.


The above is fake as confirmed by ISPsystem.

Please refer to the announcement below.

Dear Clients!

On 10.06.2022 our internal CRM system was attacked by hackers resulting in an e-mail sent on behalf of our company, the contents of which are completely false.

ISPsystem is not a technical consultant for the organizations mentioned in the email by the intruders. Also ISPsystem has no access to the IT infrastructure of its clients and their personal data is protected by the General Data Protection Regulation.

We would like to point out that our products have not been compromised and our activities have not been discontinued. At this point, we are working to assess the scope and nature of the incident. We have taken all necessary actions to prevent any attempted external interaction with our systems.

Reference: https://www.ispsystem.com/news/our-internal-crm-system-was-hacked


This post has been edited as requested by @Jamie_DreamIT (OP) and @Pavel_G (ISPsystem) -- DP ✌️


«13

Comments

  • Post full email and all headers too. Otherwise I call bullshit on this. Given how its worded, this is a corporate suicide.

    Anyone who reads this will instantly imagine that they gave full access to all of their customer's systems or that anyone who uses their panel will be at risk.

  • Jamie_DreamITJamie_DreamIT Member, Host Rep

    Seems my original screenshot didn't attach correctly.

    Headers:

    From () 2022-06-11 05:56:21 +0000
    Return-Path: m.kapustina@ispsystem.com
    Delivered-To: [email protected]
    Received: from my.email.server
    by my.email.server with LMTP
    id 01JsB4UupGLXRAAAMXWySg
    (envelope-from m.kapustina@ispsystem.com)
    for my@email.address; Sat, 11 Jun 2022 15:56:21 +1000
    Return-path: m.kapustina@ispsystem.com
    Envelope-to: [email protected]
    Delivery-date: Sat, 11 Jun 2022 15:56:21 +1000
    X-Spam-Status: No
    X-Hosting-Servers-MailScanner-From: [email protected]
    X-Hosting-Servers-MailScanner-SpamScore: ss
    X-Hosting-Servers-MailScanner-SpamCheck: not spam, SpamAssassin (not cached,
    score=2.702, required 5, BAYES_50 0.80, DKIM_SIGNED 0.10,
    DKIM_VALID -0.10, DKIM_VALID_AU -0.10, HTML_FONT_LOW_CONTRAST 0.00,
    HTML_MESSAGE 0.00, MIXED_ES 1.90, SPF_PASS -0.00,
    T_KAM_HTML_FONT_INVALID 0.01, T_SCC_BODY_TEXT_LINE -0.01,
    URI_HEX 0.10)
    X-Hosting-Servers-MailScanner: Found to be clean
    X-Hosting-Servers-MailScanner-ID: 1nzu6X-0003w4-7t
    X-Hosting-Servers-MailScanner-Information: Please contact the ISP for more information
    Received: from mail-lf1-f43.google.com ([209.85.167.43]:36448)
    by my.email.server with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
    (Exim 4.95)
    (envelope-from m.kapustina@ispsystem.com)
    id 1nzu6X-0003w4-7t
    for [email protected];
    Sat, 11 Jun 2022 15:56:12 +1000
    Received: by mail-lf1-f43.google.com with SMTP id i29so1486690lfp.3
    for my@email.address; Fri, 10 Jun 2022 22:55:51 -0700 (PDT)
    DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
    d=ispsystem.com; s=google;
    h=date:to:from:subject:message-id:mime-version
    :content-transfer-encoding;
    bh=nlJVjuVIxQ2V1ypG3vtQ1mjZRbJ5vjr8ycy2CWpHbkQ=;
    b=bPPW9Fqi57yLnpJDTY2zVNUAhUbRHiVRH+YN9SXKp+WyHZ0suTFu+fc4ThdWLbvK0E
    nWl2M+y8n6IjboDFW9bV8Ce1+HWtGrIu7YYaFWNcVIyyrjiOGfRoheePAeI9KwrVmrKS
    ItkWhhBzzA43QFZu3rYeBKtAbXF5V54ZebLhbuzQKuxHChMA3bhySYrcA5Wh90CC5qsc
    UldvqUZ5NPzN9LcV4okrR51DWO2qxmVe2C4K1J3qpTcT/aaX+Ssc1ogRU7jlMcum34sA
    wZtzo0d90CEIRy2g5TikDABsCZcY9j29bG3MpNHJ5QU61Ac6slE9DUGeXyrWjFLWjeQy
    8c6w==
    X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
    d=1e100.net; s=20210112;
    h=x-gm-message-state:date:to:from:subject:message-id:mime-version
    :content-transfer-encoding;
    bh=nlJVjuVIxQ2V1ypG3vtQ1mjZRbJ5vjr8ycy2CWpHbkQ=;
    b=MuS+nH3enuU//egVunr2WufcY0NtFj7TVFykzCcVB5loC+RD6zgCEiT/0VQotUmNGd
    NmAMOA07HWrugRd8MOYptFscattAgJzWXjpS/hlrjD8N01QQE8xJkRyzKPu0+dWGbbD7
    nm5sl13Ku/8BCqftsgdhLY1MfdGapzpYvVMJn49tY5BQcIkb3QA5jDZoXKVmYPks01CO
    2QO2m8Dy9pyXYXbwhewVoYshAnu0k4uiUloROKx2ZuCc7RbzWPk2Qzdf8BwbTUPe6gl9
    2TmiF9fN5xw8mJyS96gwztXEves9baWuaP67TGModtCGA5kMZceEHpLLVyTMjoTBVr/S
    sU/w==
    X-Gm-Message-State: AOAM530TLaMhVd7tQRWGq9cOT46CIdIkXbLHsPMviyTzACyrcyrqa5Hk
    eop77/oPpKtAIAcmEUbpuPComlXIU73iOK3a
    X-Google-Smtp-Source: ABdhPJz7M7Df7jvCZ65m1NkkNNkAsu6ANfAzYRZpcAgXKXPY5owRfNCmXg+/EMuewGH6YHoslywClg==
    X-Received: by 2002:a05:6512:2017:b0:478:f827:67ca with SMTP id a23-20020a056512201700b00478f82767camr29748847lfb.10.1654926927674;
    Fri, 10 Jun 2022 22:55:27 -0700 (PDT)
    Received: from sse3.comf5.ru ([79.143.25.196])
    by smtp.gmail.com with ESMTPSA id o6-20020ac25e26000000b004790b051822sm125853lfg.90.2022.06.10.22.55.27
    for my@email.address
    (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
    Fri, 10 Jun 2022 22:55:27 -0700 (PDT)
    Date: Sat, 11 Jun 2022 08:55:26 +0300
    To: [email protected]

  • Oh wow, now I have to migrate some of my boxes away from their panel

  • MikeAMikeA Member, Patron Provider

    @Ahfaiahkid said:
    Oh wow, now I have to migrate some of my boxes away from their panel

    ISPSystems has always been like this, they have sub-brands who will demand full access to your systems in Russia or you'll get booted from their network.

  • @Jamie_DreamIT said: As part of the cooperation, the Federal Security Service of the Russian Federation will be able to monitor the activity of the IT infrastructure, both for inventory and for managing the physical infrastructure, managing virtual resources, providing hosting and cloud services, domain registrars and SSL certificates.

    Yuk

    Thanked by 2MannDude bulbasaur
  • oplinkoplink Member, Patron Provider

    Wow.. We looked at their software once too.

  • MannDudeMannDude Host Rep, Veteran

    Gross.

  • ArkasArkas Moderator

    Keep away from sanctioned countries, especially dictatorships.

  • jarjar Patron Provider, Top Host, Veteran

    Not unusual, remember the telegram drama. I’m not all Cold War “Russia bad” but it’s not where I’d go to hide anything from their government.

  • cazrzcazrz Member

    They claim their CRM got hacked then the hacker sent this newsletter.

  • MannDudeMannDude Host Rep, Veteran

    @cazrz said: They claim their CRM got hacked then the hacker sent this newsletter.

    Where is that being said?

  • cazrzcazrz Member

    @MannDude said:

    @cazrz said: They claim their CRM got hacked then the hacker sent this newsletter.

    Where is that being said?

    Just in ticket, you can try to inquire about it.

  • rustelekomrustelekom Member, Patron Provider

    Perhaps those who support Ukraine or are simply against Putin just want to sow panic among ISPsystem's foreign customers. Especially on Russia's Independence Day on June 12.

    PS. Unfortunately, everyone who uses AMD, Intel, Apple and other American hardware already opens their ass for the CIA or a similar American structure. It seems that people in the West have a very short memory and have forgotten about the publications of Assange and Snowden.

    As for democracy - tell about democracy to the people who were arrested in the "attack" on the Capitol in the US or whose bank accounts were blocked by the Canadian government ("FreeDom Convoy").

  • MikeAMikeA Member, Patron Provider
    edited June 2022

    @rustelekom said:
    Perhaps those who support Ukraine or are simply against Putin just want to sow panic among ISPsystem's foreign customers. Especially on Russia's Independence Day on June 12.

    PS. Unfortunately, everyone who uses AMD, Intel, Apple and other American hardware already opens their ass for the CIA or a similar American structure. It seems that people in the West have a very short memory and have forgotten about the publications of Assange and Snowden.

    As for democracy - tell about democracy to the people who were arrested in the "attack" on the Capitol in the US or whose bank accounts were blocked by the Canadian government ("FreeDom Convoy").

    Do you reside in Russia currently? If so we understand if you cannot speak freely as we can.

  • sandozsandoz Veteran

    @rustelekom said:
    Perhaps those who support Ukraine or are simply against Putin just want to sow panic among ISPsystem's foreign customers. Especially on Russia's Independence Day on June 12.

    PS. Unfortunately, everyone who uses AMD, Intel, Apple and other American hardware already opens their ass for the CIA or a similar American structure. It seems that people in the West have a very short memory and have forgotten about the publications of Assange and Snowden.

    As for democracy - tell about democracy to the people who were arrested in the "attack" on the Capitol in the US or whose bank accounts were blocked by the Canadian government ("FreeDom Convoy").

    I think Russian should be banned from lowendtalk as well.

    Thanked by 2yongsiklee bulbasaur
  • Dear Clients!

    On 10.06.2022 our internal CRM system was attacked by hackers resulting in an e-mail sent on behalf of our company, the contents of which are completely false.

    ISPsystem is not a technical consultant for the organizations mentioned in the email by the intruders. Also ISPsystem has no access to the IT infrastructure of its clients and their personal data is protected by the General Data Protection Regulation.

    We would like to point out that our products have not been compromised and our activities have not been discontinued. At this point, we are working to assess the scope and nature of the incident. We have taken all necessary actions to prevent any attempted external interaction with our systems.

  • @rustelekom said:
    Perhaps those who support Ukraine or are simply against Putin just want to sow panic among ISPsystem's foreign customers. Especially on Russia's Independence Day on June 12.

    PS. Unfortunately, everyone who uses AMD, Intel, Apple and other American hardware already opens their ass for the CIA or a similar American structure. It seems that people in the West have a very short memory and have forgotten about the publications of Assange and Snowden.

    It's not clear that you remember Snowden stuff, either. Plenty of the underground sea cable taps talked about the back and forth tapping/cutting with Russia.
    The other thing is that Americans still required warrants (albeit rubber stamped) whereas the foreign people had their data freely slurped - the exact same everywhere else on the planet. In Russia, your data doesn't require warrants and slurped up by default. It's nowhere near comparable.

    But you go ahead and dump all the AMD, Intel, Apple and ARM processors and replace them with Russian made ones.

    As for democracy - tell about democracy to the people who were arrested in the "attack" on the Capitol in the US or whose bank accounts were blocked by the Canadian government ("FreeDom Convoy").

    You know laws were broken and people died? Are you fucking stupid? Of course they should be punished, you silly fuck.

    Start a proper non-profit that operates legally and this isn't a problem. The convoy? A real fucking problem ran by cousin fucking idiots.

  • sandozsandoz Veteran

    @ISPsystem_official said:
    Dear Clients!

    On 10.06.2022 our internal CRM system was attacked by hackers resulting in an e-mail sent on behalf of our company, the contents of which are completely false.

    ISPsystem is not a technical consultant for the organizations mentioned in the email by the intruders. Also ISPsystem has no access to the IT infrastructure of its clients and their personal data is protected by the General Data Protection Regulation.

    We would like to point out that our products have not been compromised and our activities have not been discontinued. At this point, we are working to assess the scope and nature of the incident. We have taken all necessary actions to prevent any attempted external interaction with our systems.

    Start moving your company of Russia to any country of Europe or outside EU. That's a must. Or you will lose clients from Europe, even if is false / fake, people are in doubt if really you can do it in near future or not.

    My advice ;)

  • Pavel_GPavel_G Member
    edited June 2022

    @sandoz said:

    @ISPsystem_official said:
    Dear Clients!

    On 10.06.2022 our internal CRM system was attacked by hackers resulting in an e-mail sent on behalf of our company, the contents of which are completely false.

    ISPsystem is not a technical consultant for the organizations mentioned in the email by the intruders. Also ISPsystem has no access to the IT infrastructure of its clients and their personal data is protected by the General Data Protection Regulation.

    We would like to point out that our products have not been compromised and our activities have not been discontinued. At this point, we are working to assess the scope and nature of the incident. We have taken all necessary actions to prevent any attempted external interaction with our systems.

    Start moving your company of Russia to any country of Europe or outside EU. That's a must. Or you will lose clients from Europe, even if is false / fake, people are in doubt if really you can do it in near future or not.

    My advice ;)

    Hi @sandoz. We (ISPsystem) are a EU based company, residing in Cyprus. We also have a large presence in Russia in terms of customer base and our talent.

  • Jamie_DreamITJamie_DreamIT Member, Host Rep

    Wrong account @Pavel_G

  • @rustelekom said:

    As for democracy - tell about democracy to the people who were arrested in the "attack" on the Capitol in the US or whose bank accounts were blocked by the Canadian government ("FreeDom Convoy").

    Good to see you're useless in your argument as usual.

    People are arrested, beaten, fined and jailed in your Russia for single person peaceful picket.

  • DPDP Administrator, The Domain Guy
    edited June 2022

    @Jamie_DreamIT said:
    Wrong account @Pavel_G

    I can see 3 individual representatives of ISPsystem here on LowEndTalk so I would assume that @ISPsystem_official is a shared account between the 3 of them, or more.

    Perhaps @Pavel_G can confirm this.

  • Pavel_GPavel_G Member
    edited June 2022

    I am ISPsystem’s rep and can speak for the company.
    @ISPsystem_official is also our account, shared between several Customer Service and Marketing reps.

    Thanked by 1vimalware
  • sandozsandoz Veteran

    @Pavel_G said:

    @sandoz said:

    @ISPsystem_official said:
    Dear Clients!

    On 10.06.2022 our internal CRM system was attacked by hackers resulting in an e-mail sent on behalf of our company, the contents of which are completely false.

    ISPsystem is not a technical consultant for the organizations mentioned in the email by the intruders. Also ISPsystem has no access to the IT infrastructure of its clients and their personal data is protected by the General Data Protection Regulation.

    We would like to point out that our products have not been compromised and our activities have not been discontinued. At this point, we are working to assess the scope and nature of the incident. We have taken all necessary actions to prevent any attempted external interaction with our systems.

    Start moving your company of Russia to any country of Europe or outside EU. That's a must. Or you will lose clients from Europe, even if is false / fake, people are in doubt if really you can do it in near future or not.

    My advice ;)

    Hi @sandoz. We (ISPsystem) are a EU based company, residing in Cyprus. We also have a large presence in Russia in terms of customer base and our talent.

    Let's be honest, do you think European people will believe on that? Oligarcs are being killed, people in russian military who did something wrong or did something which wasn't successfully they have been killed "natural cases", are you sure?

    Yes you maybe have a EU Company, but you have a large presence in Russsia and most of your customer base is from Russia. I don't think you are thinking losing them alright? When they are most of 70% of your clients / customers is from Russia.

    Any European even if that message is fake, they probably will run away from you. My advice to you is switch and end the company in Russia, still providing access and services there but end there, move your company employeers if they can to other place.

    I respect and I think ISPManager have a great product (unfortunately their update development is quite slow, we are waiting for openlitespeed which was been delayed to other Q3 or Q4 month).

    Privacy and Security is a MUST in any control panel, maybe your company being audited by any European Company or 911Racks to users feel safe?

    The only easy way and solution I see here is Auditing your company for security purposes and search for vulnerabilities, then you will have the trust of customers and clients back when you show that @Pavel_G ;)

  • @sandoz We serve a global community of customers, regardless of their country of residence. We have been doing so for over 20 years now, will not abandon our users, and will continue to strive to make our solutions as accessible as possible for everyone, within our power.

    Many of ISPsystem's team reside in the EU and other countries outside of Russia. However, it is not up to the Company to decide where its' employees should live - it is people decision, which we respect.

    As per security audits - we have had monthly audits by Rack911 prior to 2022, and will continue that practice going forward - we are currently switching security auditors, and will announce our new USA based regular auditor soon.

  • SpeedTestSpeedTest Member
    edited June 2022

    @DanSummer said:

    @rustelekom said:

    As for democracy - tell about democracy to the people who were arrested in the "attack" on the Capitol in the US or whose bank accounts were blocked by the Canadian government ("FreeDom Convoy").

    Good to see you're useless in your argument as usual.

    People are arrested, beaten, fined and jailed in your Russia for single person peaceful picket.

    https://www.youtube.com/watch?v=_McMB3Wmnos

    I have to explain this video for those who do not understand Russian, the first woman asked if she can be arrested for a poster with the words "two words", two words are "no war" in the calculation or any other words, and the second woman said that she supports Putin and the war and she was also arrested. Single pickets are allowed in Russia but these fascists arrest people even for that

    Thanked by 1DanSummer
  • Jamie_DreamITJamie_DreamIT Member, Host Rep

    @Pavel_G said:
    As per security audits - we have had monthly audits by Rack911 prior to 2022, and will continue that practice going forward - we are currently switching security auditors, and will announce our new USA based regular auditor soon.

    Would you be able to provide us proof of these audits?

  • @Jamie_DreamIT Not the contents of the reports, but I am sure Rack911 reps would be happy to confirm that they have been our auditors for a while, for all our solutions.

  • One of the accounts is the GRU?

    Thanked by 1SpeedTest
  • rustelekomrustelekom Member, Patron Provider

    @MikeA said: Do you reside in Russia >currently? If so we understand if you cannot speak freely as we can.

    As a citizen of Russia, I cannot spread fakes, aggression against social groups, call special military actions as war, discriminate against a person or a group of people on national, religious or professional grounds, abuse state symbols: the flag, the constitution, and so on.

    It seems to me that these are common requirements in any country, and they do not interfere with my life in any way.

    Thanked by 2coreflux dosai
Sign In or Register to comment.