PERINGATAN dari cPanel support, hacked!

[Bforce]

Salutations, 

You are receiving this email because you have opened a ticket with our support staff in
the last 6 months. cPanel, Inc. has discovered that one of the servers we utilize in the
technical support department has been compromised.

While we do not know if your machine is affected, you should change your root level password
if you are not already using ssh keys. If you are using an unprivileged account with "sudo"
or "su" for root logins, we recommend you change the account password. Even if you are
using ssh keys we still recommend rotating keys on a regular basis.

As we do not know the exact nature of this compromise we are asking for customers to take
immediate action on their own servers. cPanel's security team is continuing to investigate
the nature of this security issue.

--cPanel Security Team

 

[cpserv]

tak kirain cpanelnya itu sendiri yg kena hack. gataunya server supportnya tho.. blom pernah buka ticket kesana brarti aman yak pakde? tapi tak rotate dulu ah keynya, udah 2 bulan blom dirotasi.

 

[duniadata]

As far as I know, this is not from cPanel. I've contacted the cPanel Security team concerning this thread.

Thanks for reporting this.

Cek di forum cPanel http://forums.cpanel.net/f185/cpanel-security-325062.html

Tapi aneh juga, kok bisa terkirim dari mail server-nya cPanel ya ?

 

[Afiv]

Threadnya sama kaya yang dibuat om ceo.ahul

 

[Bforce]

As far as I know, this is not from cPanel. I've contacted the cPanel Security team concerning this thread.

Thanks for reporting this.

Kayaknya itu bukan jawaban resmi dari staff cpanel.

Juga alamat yang menerima email tersebut private dan hanya digunakan untuk kontak tertentu, termasuk cpanel, dan menerima email tersebut yang dikirim dari IP cpanel.

Received: from mx1.cpanel.net (mx1.cpanel.net. [208.74.121.68])
        by mx.google.com with ESMTPS id q15si315431ann.199.2013.02.21.16.50.20
        (version=TLSv1 cipher=RC4-SHA bits=128/128);
        Thu, 21 Feb 2013 16:50:21 -0800 (PST)

 

[twistedshells]

Sudah ada jawaban resmi dari Cpanel:

Greetings,

Please accept my apologies for responding erroneously to this thread last evening. I was visiting the forums off shift and was not aware of the situation at hand other than the threads posted here, nor had I received the email myself, yet.

The email that you and I have received is now confirmed, legitimate.

As explained in that email, you need to update any of your servers passwords provided to cPanel Technical Support via the ticket system in the past 6 months, right away. This situation is still being investigated, additional information aside from that, is not available at this time.

As soon as there is additional information available, a more formal announcement will be made available to all.


Thank you.

 

[duniadata]

Dapat konfirmasi dari technical support cPanel

I can confirm that this message is a legitimate notification sent by cPanel.

--
Brian Dowd
cPanel Technical Analyst

So, segera ganti password root, login SSH, dll
Tapi selama ini kalau minta bantuan ke cPanel kita selalu kasihnya temporary password kok, mestinya ya aman ya ....
Masalah secara periodik mesti ganti password itu kan sudah SOP-nya lah ....