Latest Announcemnent
New thread

WHMCS-One of the most popular billing systems gets hacked

Status
Not open for further replies.
P

Praveer

Active Member
1,616
2010
135
0
whmcs hacked

Did anyone noticed that whmcs hacked?

Didn't see any thread made hence started it.
______________________________________________________
An recent e-mail from WHMCS
Unfortunately today we were the victim of a malicious social engineering attack which has resulted in our server being accessed, and our database being compromised.

To clarify, this was no hack of the WHMCS software itself, nor a hack of our server. It was through social engineering that the login details were obtained.

As a result of this, we recommend that everybody change any passwords that they have ever used for our client area, or provided via support ticket to us, immediately.
Regrettably as this was our billing system database, if you pay us by credit card (excluding PayPal) then your card details may also be at risk.

This is just a very brief email to alert you of the situation, as we are currently working very hard to ensure everything is back online & functioning correctly, and I will be writing to you again shortly.

We would like to offer our sincere apologies for any inconvenience caused. We appreciate your support, now more than ever in this challenging time.
Click to expand...
 
Last edited by a moderator:
51 comments
Not sure if any one noticed but today one of the most popular billing system got hacked.

No information yet out as to how it was hacked but if you check whmcs.com you would notice that the site shows a database connection error.

http://puu.sh/vYl6

The guy who hacked it is going to post the database out here

https://twitter.com/#!/joshthegod/status/204595003379548160


Message from Matt- CEO of WHMCS

Hi Guys,

As you've seen we have unfortunately become the victim of a hack just a little over an hour ago.

So far early indications are that they were able to compromise my email, and subsequently impersonate myself with HostGator staff. In response to those saying it's an unsecured box, we use a fully managed service from HostGator for our website, in connection with McAfee Secure.

We'll post more updates as soon as we have them.

Matt
Click to expand...
 
Last edited:
Man that's real bad for them, imagine all the CC details that they store, and no doubt the idiots kept the encryption key on the same server..
 
Their Twitter account hacked as well

ildBAl.jpg
 
@Jesse not condoning hacking but a site like this security should be their main concern and them replying on hostgator to secure their shit seems extremely stupid and they deserve to be hacked


Also if you look at the hackers site they are not arseholes
Code: 
removed

We understand that these websites will enevitably take back their website.
We don't steal users data, only here to make them aware.
From SOPA/PIPA, to ACTA to just pissing us off...there is always a reason (Targets).
Click to expand...
 
Last edited by a moderator:
shadow.prx said:
@Jesse not condoning hacking but a site like this security should be their main concern and them replying on hostgator to secure their shit seems extremely stupid and they deserve to be hacked


Also if you look at the hackers site they are not arseholes
Code: 
Removed
Click to expand...

Hacking a site will get them just more mad, it won't help a bit.
btw http://i.imgur.com/lrG3y.png
 
Last edited by a moderator:
Just looked at my whmcs, and my expire date has changed to -

Expires - 2000-01-01
Also said
An Update Is Available

Seems they have more than just the support ticket database... id say they have everything!!
 
Just few security tips for all the guys here:

Take backups RIGHT NOW, before something goes wrong.
Disable all cron-jobs like auto-setups.
Do not check for updates on whmcs.
If your WHMCS installation shows any updates available - DO NOT UPDATE.
And lastly, if possible - turn off whmcs until issues are resolved.
 
Status
Not open for further replies.
Back
Top