Wow I just got two vBulletin forum message emails from admin@hosting-unlimited.net confirming that Hosting-Unlimted (where my site/blog used to be hosted) has now been hacked, and though lucky enough all the sites are hosted in a diffrent location than that of the main Hosting-Unlimted Site and forum it’s just to early to tell what the damage is and how far this hacker can go!
Here’s the emails:
1st Email:
this site us hack ny mesmat jo7a
happy dreaams
2nd Email:
THIS SITE IS HACKED MY MESMAR JO7A
HAPPY DREAMS ADMIN
Update: Site seems to be back up but appears to have errors on it and the forums are not up at all yet!
Update (23rd of August 2006): HU Community Back Online
Dear darrenstraight,
On 16th August, the Hosting-Unlimited forums were taken off-line after a script was found to have been compromised. This resulted in forums members receiving an e-mail ostensibly from Hosting-Unlimited stating “this site us hack ny mesmat jo7a happy dreams”. This was monitored by staff as it happened, and the forums were consequently taken off-line within a few minutes of the incident.
The reason for the compromise was quite simply due to our forum software not having been updated as it should have been. Subequently a cross-scripting attack was possible, and in this case, used (http://en.wikipedia.org/wiki/Cross_site_scripting).
This episode was as unwelcome as it was embarrassing, and we fully accept this was – exceptionally – a case of us not taking our own advice regarding updating software regularly. We are glad therefore to put the record straight, and also to provide the following reassurances:-
1. Only our forums were affected.
2. Only registered forum members received the e-mail.
3. No other part of our operation was affected in any way, although we did temporarily take off all systems which rely on a SQL database for a short length of time to find the source of the problem.
4. No sensitive information was compromised (i.e. forum members’ e-mail addresses were not disclosed to any other forum member nor to anyone else). This includes billing information, site usernames, passwords or e-mail information.
5. Our site – including billing, support and forums – is hosted on a dedicated server, and separate from all of our clients’ accounts. This issue therefore did not affect in any way any of our other servers nor any client site. We are currently carrying out server upgrades which involves site migrations for most of our clients; some clients have experienced some DNS issues with this, which have wrongly (although understandably) been construed as having been due to the forums issue.
The forums are now back online, and freshly upgraded. I’d like to personally assure all forum members that the HU Community is a safe place to post, and we won’t allow this issue to be replicated in the future.
Best wishes,
Kevin Austin
Tecnical Director
http://www.hosting-unlimited.net
Previous 
Next 
Categories
Tag Cloud
Blog RSS
Comments RSS
Last 50 Posts
Back
Void 
Life 
Earth 
Wind 
Water 
Fire