000webhost hakovan, ukradeni login podaci korisnika

000webhost hakovan, ukradeni login podaci korisnika

offline
  • Pridružio: 14 Feb 2008
  • Poruke: 12340

Citat iz maila :
Citat:What happened?
A hacker used an exploit in an old PHP version, that we were using on our website, in order to gain access to our systems. Data that has been stolen includes usernames, passwords, email addresses, IP addresses and names.

Although the whole database has been compromised, we are mostly concerned about the leaked client information.

What did we do about it?
We have been aware of this issue since 27th of October and our team started to troubleshoot and resolve this issue the same day, immediately after becoming aware of this issue.

In an effort to protect our users we have temporarily blocked access to systems affected by this security flaw. We will re-enable access to the affected systems after an investigation and once all security issues have been resolved. Affected systems include our website and our members area. Additionally we have temporarily blocked FTP access, as FTP passwords have been stolen as well.

We reseted all users passwords in our systems and increased the level of encryption to prevent such issues in the future.

We are still working around the clock to identify and eliminate all security flaws. We will get back to providing the free service soon. We are also updating and patching our systems.

What do you need to do?
As all the passwords have been changed to random values, you now need to reset them when the service goes live again.
DO NOT USE YOUR PREVIOUS PASSWORD.
PLEASE ALSO CHANGE YOUR PASSWORDS IF YOU USED THE SAME PASSWORD FOR OTHER SERVICES.

We also recommend that you use Two Factor Authentication (TFA) and a different password for every service whenever possible. We can recommend the Authy authenticator app and the LastPass password manager.

We are sorry
At 000webhost we are committed to protect user information and our systems. We are sorry and sincerely apologize we didn't manage to live up to that.
At 000webhost our top priority remains the same - to provide free quality web hosting for everyone. The 000webhost community is a big family, exploring and using the possibilities of the internet together.
Our leadership team will closely monitor this issue and will do everything possible to earn your trust every day.

Sincerely,
000webhost CEO,
Arnas Stuopelis



Registruj se da bi učestvovao u diskusiji. Registrovanim korisnicima se NE prikazuju reklame unutar poruka.
offline
  • Pridružio: 02 Jan 2008
  • Poruke: 2167

Ovde mozete proveriti da li je vas nalog kompromitovan u ovom hakerskom napadu na 000webhost: https://haveibeenpwned.com/



offline
  • Pridružio: 14 Feb 2008
  • Poruke: 12340



Najgora stvar je što se ne sećam koju sam lozinku koristio tamo a oni su sve resetovali GUZ - Glavom U Zid

A za ove genijalce koji drže PW u plain textu, ja bih kaznu za to svaki put kad procure podaci Evil or Very Mad

offline
  • Pridružio: 02 Jan 2008
  • Poruke: 2167

Cim se ne secas, najverovatnije si je samo tu iskoristio i nigde vise, tako da mislim da nece biti problema Razz

A za "genijalce" nemam reci... Kao da nije bilo dovoljno ovakvih ispada sa plain text siframa, ali izgleda da ce ih biti jos, na zalost.

offline
  • Pridružio: 14 Feb 2008
  • Poruke: 12340

Citat:At Amazon we take your security and privacy very seriously. As part of our routine monitoring, we discovered a list of email address and password sets posted online. While the list was not Amazon-related, we know that many customers reuse their passwords on several websites. We believe your email address and password set was on that list. For your security, we have assigned a temporary password to your account.


Verovatno vezano za 000webhost.

Interesantno je da je Amazon umešao sebe u celu priču ...

offline
  • Pridružio: 02 Jan 2008
  • Poruke: 2167

Iskreno, to je za pohvalu Smile

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

To se zove ozbiljna kompanija. Sto njih neko ne hakuje? Zato sto ne postoji mogucnost za tako nesto Smile

Ko je trenutno na forumu
 

Ukupno su 713 korisnika na forumu :: 25 registrovanih, 5 sakrivenih i 683 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Aleksandar Tomić, babaroga, Cufo, dragon986, Drug pukovnik, eighty-one, galijot, goxin, HrcAk47, ikan, Ilija Cvorovic, kreza, Oscar, Panter, Penzula, proka89, proleter373, repac, royst33, sokars, StefanNBG90, su27, virked, voja64