Direct Admin has been hacked


Status
Not open for further replies.

galuh82

Hosting Guru
Verified Provider
saya dapet email dari DA, yang ternyata itu scam hehehe ... katanya nyebarin virus kalau yang pake win$, tapi pas di cek ternyata link itu accountnya dah di suspend :)
 

nashr_hp

Beginner 1.0
kalo ada yang jadi client disana buat antisipasi pass mail / PP / admin ganti langsung jika ada yang sama login nya kesana
awas kena dump dan scaning ..

semoga bermanfaat
 

PusatHosting

Hosting Guru
cukup mengerikang mengingat akhir2 ini makin meningkat aktifitas hacking, jadi ingat kasus LxLabs salah satu vendor yang kena hack.

untungnya langsung ada konfirmasi dari DA support
 

galuh82

Hosting Guru
Verified Provider
Just info:

In the last 24 hours an e-mail was sent to clients with the subject: "DirectAdmin Client Message." This message claimed there was a serious DirectAdmin security issue and included a link to a phishing website.

We apologize to all our clients because this was a result of our server being compromised. Please DELETE the phishing e-mail and run a virus scanner if you clicked on the link. Most people were not exposed to the phishing site because it was taken down very quickly. For this reason you may have seen a 404 error only.

First and foremost, your billing information remains 100% safe. We store no financial information on our server. In addition, we use a merchant gateway that restricts us, even as owners, from viewing your credit card information. Secondly, there is no security issue with the latest version of DirectAdmin. We have no reason to belive that DirectAdmin or any related software is vulnerable to attack. There are thousands of DirectAdmin servers and no reports of any being compromised.

Please note that we encrypt ALL passwords; for example, any password generated (e.g. client account password) and any password you provide (e.g. server password on the order form). Although cracking encrypted passwords is unlikely, changing your password is the best way to guarantee 100% security. Aside from that, there is nothing else you need to do as a customer. Your DirectAdmin server is not open to any new vulnerabilities.

We sincerely apologize and take responsibility for this incident. If you require more specific information please contact me at mark@jbmc-software.com for a personal response, or you can use our regular support@directadmin.com address. I'm available for addressing specific questions and concerns.

Mark
JBMC Software
 
Status
Not open for further replies.

Top