WHMCS-One of the most popular billing systems gets hacked

[LEVAC109]

I don't care how much desire he has to bring the attention to SOPA of wtf it's called, I don't f**king forgive anyone messing up my time, I won't mind kicking this guy's ball 100 times. I'll do it, if I'm mad FFS! Use your skills for good will!

 

[softleaks]

"Fuck With The Best , Die Like The Rest"

 

[Qoo]

Got an e-mail from them

Unfortunately today we were the victim of a malicious social engineering attack which has resulted in our server being accessed, and our database being compromised.

To clarify, this was no hack of the WHMCS software itself, nor a hack of our server. It was through social engineering that the login details were obtained.

As a result of this, we recommend that everybody change any passwords that they have ever used for our client area, or provided via support ticket to us, immediately.
Regrettably as this was our billing system database, if you pay us by credit card (excluding PayPal) then your card details may also be at risk.

This is just a very brief email to alert you of the situation, as we are currently working very hard to ensure everything is back online & functioning correctly, and I will be writing to you again shortly.

We would like to offer our sincere apologies for any inconvenience caused. We appreciate your support, now more than ever in this challenging time.

 

[iAmDjMAD]

WOW now change your CC details, your client password, any thing which relate WHMCS change it man change it
i am wondering what if they got details of huge Hosting company.
its a win win for a hacker :D

 

[install]

Very unfortunate

I can't believe how they got hacked, don't tell me next time is the no. of Cpanel.

 

[shadow.prx]

The hackers have said why the did it

“Many websites use WHMCS to scam and rip people off. For example: Users from "hackforums.net" are using WHMCS to sell illegal hosting, booters, malware, etc,” a member of UGNazi explained.

“We have reported these sites to WHMCS before and they did not take any action whatsoever to stop the illegal activity. By releasing their files, we wanted to make it known that we are watching; and will continue to be watching.”

Their logic here does not seem.... thought out ? i bet most of the people on hackforums are using a pirated whmcs anyway


HUMOR I HOPE QUOTING THE HACKERS WONT GET ME AN INFRACTION

 

[CJ]

HUMOR I HOPE QUOTING THE HACKERS WONT GET ME AN INFRACTION

I guess its pretty much logical that you shouldnt spread the links to Hacked WHMCS DB, people can use the DB to harm others.

PLEASE DO NO POST ANY LINK LINKING TO WHMCS HACKED DB or anything such

 

[sampathneo]

Who hacked WHMCS?

[mod]Removed, user banned.[/mod]

 

[DLow]

Josh the hacker pwnt ?

http://whmcs-hacker.soup.io/

 

[shadow.prx]

Just an update

They have been hacked again
They have finally admitted that yes everyone's credit card info is out in the wild
They are failing to admit that everyone credit card info is easily decodable because they left the encryption method on the same server
They cant regain control of their twitter
They cant seem to stop being ddosd they are constantly under attack
They wont just step back and let someone who know what they are doing secure their server
They are staying with hostgator even after all thats happened

These guys are total idiots they havent a fucking clue what they are doing this is really embarrassing

 

[HostLower]

Hi,

I would agree it is a an absolute joke how they have handled this.

Danny

 

[BHost.net]

Annoyingly we ended up having to cancel a CC, as we recently signed up to test WHMCS out as an alternative to Ubersmith.

Definitely leaving that decision for a while until we have seen the full response of WHMCS play out over the next few weeks.