WHMCS kena hack ?

PusatHosting · 25 May 2012

vkios01 said:
hemmm ini dari google analytics ya? atau mod forum yang menambahkan tracking kalau ada link?
iya muncul box untuk login. btw post di sini kok tidak ya?

sudah saya edit linknya, itu sepertinya otomatis dari vbulnya bikin openlink dengan javascript

BennyKusman · 26 May 2012

yang saya baca di wht, mereka force reset password dan kirim lewat email, tetapi ngga ada email yang terkirim..
apa yang pake whmcs masi bermasalah ?

Well they forced a password reset which will send an email to reset the password but no emails are being sent. So this in turn is locking everyone out of their licensing system. At this point nothing can be done without the email being sent. Fun...

PusatHosting · 27 May 2012

Masuk kok ga ada masalah, mungkin saja masuk SPAM.

indonic · 27 May 2012

Iya dari Matt WHMCS mengirimkan email ke customernya untuk melakukan reset password dan berikut ini emailnya

Dear Customer,

This is a follow up to the Urgent Security Alert email sent earlier this week. As you will be aware from that, we were the victim of a malicious attack which has resulted in our server being accessed, and our database being compromised.

As a security precaution, we are expiring all passwords for our client area. In order to restore access to your account, please visit the following url to reset your password:

https://www.whmcs.com/members/pwreset.php

We have restored all essential services except for our forums, and resumed normal operations as quickly as possible in order to keep licensing and support channels open. We are still actively working to restore the forums, and we expect them to return to operation soon.

A full security audit and hardening was undertaken immediately following the breach, and the site remains safe to use. It is important to note that the breach we experienced was the result of a social engineering attack, and not the result of a hack or a breach in the WHMCS software.

We continue to experience a distributed denial of service attack, which has caused disruption to our public facing site. We are in the process of moving to a more expansive infrastructure which should mitigate this type of attack in the future. With this move, we will have a much stronger setup with additional layers of security, and these upgrades to our infrastructure will ultimately mean that our servers, and your data, will be better protected than ever before.

Please be aware, that in order to deliver these security upgrades, we expect some very brief downtime during the migration process. We apologize in advance for any inconvenience this may cause.

While we are all currently focused on security, we would like to take this opportunity to ask everyone to read our Security Guide @ Further Security Steps - WHMCS Documentation

While it would be ideal for all steps to be followed, we recommend that you at least rename (Further Security Steps - WHMCS Documentation), and apply IP protection (Further Security Steps - WHMCS Documentation) and/or password protection (Further Security Steps - WHMCS Documentation) to the admin directory.

We are continuing to work tirelessly to resume normal service and regain your trust. On behalf of everyone at WHMCS please accept my apologies for the inconvenience and we thank you for your support.

----Matt WHMCS Limited WHMCS - The Complete Client Management, Billing & Support Solution

Sepertinya mereka melakukan peningkatan security pada sistem mereka.

mixmaxspace · 27 May 2012

Sebaiknya email dari whmcs di add kontak pada email temen-temen, supaya bener2 masuk ke inbox dan tidak masuk ke spam. Terakhir email ya seperti indonic katakan diatas, supaya semua mereset password yg ada. Ini juga saya terapkan ke klien saya

siap-siap banyak komplenan

jaapns · 27 May 2012

mixmaxspace said:
Sebaiknya email dari whmcs di add kontak pada email temen-temen, supaya bener2 masuk ke inbox dan tidak masuk ke spam. Terakhir email ya seperti indonic katakan diatas, supaya semua mereset password yg ada. Ini juga saya terapkan ke klien saya siap-siap banyak komplenan

bener ini pak, kuatirnya kayak email abuse nggak di add contact, pas di email kita ga baca krn masuk spam box, tiba2 server di shutdown ....

mixmaxspace · 27 May 2012

jaapns said:
bener ini pak, kuatirnya kayak email abuse nggak di add contact, pas di email kita ga baca krn masuk spam box, tiba2 server di shutdown ....

Hahahaha pengalaman pait lebih pait dari kopi item ya pak jaap

indonic · 28 May 2012

iseng baca blog whmcs, ternyata jebolnya lewat authentication pada hosting providernya dan berikut kutipannya:

.....
The person was able to impersonate myself with our web hosting company, and provide correct answers to their verification questions. And thereby gain access to our client account with the host, and ultimately change the email and then request a mailing of the access details.

This means that there was no actual hacking of our server. They were ultimately given the access details.

This is obviously a terrible situation, and very unfortunate, but rest assured that this was no issue or vulnerability with the WHMCS software itself.
.....

sumber: WHMCS - 21st May 2012 - Further Update

kira-kira hosting providernya siapa ya??? apakah si hostbuaya?

jaapns · 28 May 2012

Sepertinya mmg di buaya, hackernya sendiri di twitter nya kan blg begitu ....

WHMCS kena hack ?

PusatHosting

Hosting Guru

BennyKusman

Hosting Guru

PusatHosting

Hosting Guru

indonic

Apprentice 1.0

mixmaxspace

Hosting Guru

jaapns

Hosting Guru

mixmaxspace

Hosting Guru

indonic

Apprentice 1.0

jaapns

Hosting Guru