directadmin prawdopdobny wyciek danych klientów

[www.follownet.pl 8]

Właśnie otrzymałem maila od DA (wysłany przez serwer pocztowy DA) zatytułowany moim imieniem i nazwiskiem z linkiem do backdora. Poniżej treść:

 

Dear Imie Nazwisko,

Please note that currently there is a security vulnerability concerning the current
DirectAdmin version, in order to learn how to protect your server until we can issue
a patch please visit http://www.austinfosec.com.au/update.php


Thank you,	
DirectAdmin.com

 

Wygląda to bardzo nieciekawie, prawdopodobnie w jakiś sposób wyciekła baza danych klientów DA. Na forum DA grzmi od komentarzy na ten tema, póki co nie znalazłem oficjalnego stanowiska DA w tej sprawie.

[lazy 33]

Wygląda to bardzo nieciekawie, prawdopodobnie w jakiś sposób wyciekła baza danych klientów DA. Na forum DA grzmi od komentarzy na ten tema, póki co nie znalazłem oficjalnego stanowiska DA w tej sprawie.

 

wiecej niz sama baza, te maile były rozesłane z ich systemów wiec nieco glebiej sie im whaxorowali

 

jest juz oficjana informacja,

 

Thanks for your patience everyone. We are still investigating but don't want to leave you in the dark. Here's what we know so far:

• Our server was compromised (not at the root level but serious enough nonetheless) and is being used to send those malicious e-mails to customers. We have disabled our mail server to interrupt this process.
• Some customer information has been compromised: Name, e-mail address, mailing address, license ID#'s.
• Billing information (e.g. Credit Card numbers, PayPal accounts, etc.) is absolutely safe. We use a restricted merchant gateway that doesn't allow us, even as owners, to view your full credit card information.
• Finally, don't click that link. It's a malicious program but it can be cleaned with Trend Micro Housecall, MalwareByte's Anti-Malware, etc.

Will keep you updated..

 

Mark

http://www.directadmin.com/forum/showpost.php?p=204051&postcount=45

--

Lazy

Edytowano Maj 25, 2011 przez lazy (zobacz historię edycji)

[Gość patrys]

http://directadmin.com/forum/showpost.php?p=204080&postcount=65

I'll try and answer your questions as honestly and quickly as possible, but please understand we are busy fixing the server.

 

Lem0nHead: From what we can tell, the hacker(s) would know which IP matches the license ID#.

 

Starteck2002: As Wouter mentioned, nobody can do anything with your client/license ID#'s but we can certainly reissue licenses if that puts your mind at ease.

 

aleto: We have confirmed that the last build is untouched and there is no danger from someone pulling the latest update.tar.gz. There are no problems with installing/updating DA.

 

stardot: We are still looking into it so the only assurances we can offer right now is that billing information (Credit Card / PayPal) is not compromised in any way. The user database info we keep on this end is related to contact info and licensing information only. NOT BILLING.

 

Mark

 

Niefajnie...

[Gość]

Ale i tak mądrzej niż w Sony zrobili, że dane billingowe totalnie zewnętrznie : )

[mishel 0]

I mamy efekty wycieku danych z DA:

 

Dear Sir,

Attached is a list of the copyrighted material you are infriging on.

We are the proprietors of all copyrighted material that is being fringed upon on your companies webste.

We have reserved all rights regarding these trademarked files.

Permission was neither asked nor granted to reproduce our copyrighted material, therefore what your company is doing constitutes infringement of our rights. In terms of the Copyright Statutes, we are entitled to an injunction against your continued infringement, as well as to recover damages from you for the loss we have suffered as a result of your infringing conduct.

 

In the circumstances, we demand that you immediately:

 

1. remove all infringing content and notify us in writing that you have done so;

 

2. pay a licensing fee in the amount of 160,000 USD;

 

3. immediately cease the use and distribution of copyrighted material;

 

We await to hear from you by.

 

This is written without prejudice to our rights, all of which are hereby expressly reserved.

 

Yours faithfully,

CEO Andrew Webber

www.arizonakey.com

 

 

A tutaj wyjaśnienie: http://www.webhostingtalk.com/showthread.php?t=1052123