{"id":881,"date":"2006-08-16T19:34:09","date_gmt":"2006-08-16T18:34:09","guid":{"rendered":"http:\/\/www.darrenstraight.com\/blog\/2006\/08\/16\/hosting-unlimited-site-hacked\/"},"modified":"2006-08-23T14:37:49","modified_gmt":"2006-08-23T13:37:49","slug":"hosting-unlimited-site-hacked","status":"publish","type":"post","link":"https:\/\/www.darrenstraight.com\/blog\/2006\/08\/16\/hosting-unlimited-site-hacked\/","title":{"rendered":"Hosting-Unlimited Site Hacked!"},"content":{"rendered":"

Wow I just got two\u00a0vBulletin forum\u00a0message emails from\u00a0admin@hosting-unlimited.net<\/a> confirming that Hosting-Unlimted<\/a>\u00a0(where my site\/blog used to be hosted) has now been hacked, and though lucky enough all the sites are hosted in a diffrent location than that of the main Hosting-Unlimted<\/a>\u00a0Site and forum it’s just to early to tell what the damage is and how far this hacker can go!<\/p>\n

Here’s the emails:<\/p>\n

1st Email:<\/p>\n

this site us hack ny mesmat jo7a
\nhappy dreaams<\/p><\/blockquote>\n

2nd Email:<\/p>\n

THIS SITE IS HACKED MY MESMAR JO7A
\nHAPPY DREAMS ADMIN<\/p><\/blockquote>\n

Update:<\/strong> Site seems to be back up but appears to have errors on it and the forums are not up at all yet!<\/p>\n

Update (23rd of August 2006): <\/strong>HU Community Back Online<\/p>\n

Dear darrenstraight,<\/p>\n

On 16th August, the Hosting-Unlimited forums were taken off-line after a script was found to have been compromised.\u00a0 This resulted in forums members receiving an e-mail ostensibly from Hosting-Unlimited stating “this site us hack ny mesmat jo7a happy dreams”.\u00a0 This was monitored by staff as it happened, and the forums were consequently taken off-line within a few minutes of the incident.\u00a0<\/p>\n

The reason for the compromise was quite simply due to our forum software not having been updated as it should have been.\u00a0 Subequently a cross-scripting attack was possible, and in this case, used (http:\/\/en.wikipedia.org\/wiki\/Cross_site_scripting<\/a>).<\/p>\n

This episode was as unwelcome as it was embarrassing, and we fully accept this was – exceptionally – a case of us not taking our own advice regarding updating software regularly.\u00a0 We are glad therefore to put the record straight, and also to provide the following reassurances:-<\/p>\n

1.\u00a0 Only our forums were affected.<\/p>\n

2.\u00a0 Only registered forum members received the e-mail.<\/p>\n

3.\u00a0 No other part of our operation was affected in any way, although we did temporarily take off all systems which rely on a SQL database for a short length of time to find the source of the problem.<\/p>\n

4.\u00a0 No sensitive information was compromised (i.e. forum members’ e-mail addresses were not disclosed to any other forum member nor to anyone else).\u00a0 This includes billing information, site usernames, passwords or e-mail information.<\/p>\n

5.\u00a0 Our site – including billing, support and forums – is hosted on a dedicated server, and separate from all of our clients’ accounts.\u00a0 This issue therefore did not affect in any way any of our other servers nor any client site.\u00a0 We are currently carrying out server upgrades which involves site migrations for most of our clients; some clients have experienced some DNS issues with this, which have wrongly (although understandably) been construed as having been due to the forums issue.<\/p>\n

The forums are now back online, and freshly upgraded.\u00a0 I’d like to personally assure all forum members that the HU Community is a safe place to post, and we won’t allow this issue to be replicated in the future.<\/p>\n

Best wishes,<\/p>\n

Kevin Austin
\nTecnical Director
\nhttp:\/\/www.hosting-unlimited.net<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Wow I just got two\u00a0vBulletin forum\u00a0message emails from\u00a0admin@hosting-unlimited.net confirming that Hosting-Unlimted\u00a0(where my site\/blog used to be hosted) has now been hacked, and though lucky enough all the sites are hosted in a diffrent location than that of the main Hosting-Unlimted\u00a0Site and forum it’s just to early to tell what the damage is and how far this hacker can go! Here’s<\/p>\n

<\/div>\n
Continue reading “Hosting-Unlimited Site Hacked!”<\/span> <\/i> <\/a> <\/div>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2,1],"tags":[],"class_list":["post-881","post","type-post","status-publish","format-standard","hentry","category-my-life","category-site-news"],"_links":{"self":[{"href":"https:\/\/www.darrenstraight.com\/blog\/wp-json\/wp\/v2\/posts\/881","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.darrenstraight.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.darrenstraight.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.darrenstraight.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.darrenstraight.com\/blog\/wp-json\/wp\/v2\/comments?post=881"}],"version-history":[{"count":0,"href":"https:\/\/www.darrenstraight.com\/blog\/wp-json\/wp\/v2\/posts\/881\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.darrenstraight.com\/blog\/wp-json\/wp\/v2\/media?parent=881"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.darrenstraight.com\/blog\/wp-json\/wp\/v2\/categories?post=881"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.darrenstraight.com\/blog\/wp-json\/wp\/v2\/tags?post=881"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}