Previous Thread
Next Thread
Print Thread
Hop To
Page 1 of 3 1 2 3
#247850 01/13/2012 11:23 AM
Joined: Mar 2008
Posts: 262
Iann128 Offline OP
enthusiast
OP Offline
enthusiast
Joined: Mar 2008
Posts: 262
I was just checking in on my site this morning, went to take a shower and now the site is hacked by Tn_Scorpion! WTF Can't even email support@mindraven.com because it bounces back...


Ian
http://www.firstgenmc.com/ubbthreads

"Experience is a hard teacher because she gives the test first, the lesson afterwords."
Joined: May 2006
Posts: 240
Likes: 1
Enthusiast
Offline
Enthusiast
Joined: May 2006
Posts: 240
Likes: 1
My site is the same.

FTP password has been changed, too, so no way I can fix it.

Joined: Mar 2008
Posts: 262
Iann128 Offline OP
enthusiast
OP Offline
enthusiast
Joined: Mar 2008
Posts: 262
Yeah mine too. Looks like the whole server is hosed! I hope they have good backups for us!!!


Ian
http://www.firstgenmc.com/ubbthreads

"Experience is a hard teacher because she gives the test first, the lesson afterwords."
Joined: Mar 2008
Posts: 262
Iann128 Offline OP
enthusiast
OP Offline
enthusiast
Joined: Mar 2008
Posts: 262
Anyone know how to get ahold of someone at Minderaven other than email @mindraven.com as that mail server is part of what has been hacked????

Thanks, Ian


Ian
http://www.firstgenmc.com/ubbthreads

"Experience is a hard teacher because she gives the test first, the lesson afterwords."
Joined: Jun 2006
Posts: 16,047
Likes: 67
UBB.threads Developer
Online Tapedshut
UBB.threads Developer
Joined: Jun 2006
Posts: 16,047
Likes: 67
Try administrator@mindraven.com, it's the owners email from his profile here (it's publicly listed in his profile)


I am a Web Development Contractor, I do not work for UBBCentral. I have provided free User to User Support since the beginning of these support forums.
Do you need Forum Install or Upgrade Services?
Forums: A Gardeners Forum, Scouters World
UBB.threads: UBBWiki, UBB Styles, UBB.Sitemaps
Longtime Supporter & Resident Post-A-Holic
VNC Web Services: Code Modifications, Upgrades, Styling, Coding Services, Disaster Recovery, and more!
Joined: Jan 2011
Posts: 31
newbie
Offline
newbie
Joined: Jan 2011
Posts: 31
Both my websites at MindRaven are down & my email to them got returned to. I thought this forum was hosted at Mindraven.. glad it isn't.

Joined: Jan 2011
Posts: 31
newbie
Offline
newbie
Joined: Jan 2011
Posts: 31
if that's Rick's email he doesn't own it anymore... what a ClusterF.

Joined: Jun 2006
Posts: 16,047
Likes: 67
UBB.threads Developer
Online Tapedshut
UBB.threads Developer
Joined: Jun 2006
Posts: 16,047
Likes: 67
Originally Posted by vintagerace
if that's Rick's email he doesn't own it anymore... what a ClusterF.
I'm pretty sure the NEW owner setup the account here; and he's posted here several times in the last month (the new owner, not Rick).


I am a Web Development Contractor, I do not work for UBBCentral. I have provided free User to User Support since the beginning of these support forums.
Do you need Forum Install or Upgrade Services?
Forums: A Gardeners Forum, Scouters World
UBB.threads: UBBWiki, UBB Styles, UBB.Sitemaps
Longtime Supporter & Resident Post-A-Holic
VNC Web Services: Code Modifications, Upgrades, Styling, Coding Services, Disaster Recovery, and more!
Joined: Jan 2011
Posts: 31
newbie
Offline
newbie
Joined: Jan 2011
Posts: 31
So I guess we just wait?

Joined: May 2006
Posts: 240
Likes: 1
Enthusiast
Offline
Enthusiast
Joined: May 2006
Posts: 240
Likes: 1
My server on whois is shown to be owned/run by iWeb Technologies, Montreal, CA.

Their website is up, and the phone listed is: 1-888-909-iWEB


Joined: Jan 2011
Posts: 31
newbie
Offline
newbie
Joined: Jan 2011
Posts: 31
yes they're hosted near Montreal.. I used to live right near there. St Jean sur Richelieu. I almost froze to death.

Joined: Jun 2006
Posts: 16,047
Likes: 67
UBB.threads Developer
Online Tapedshut
UBB.threads Developer
Joined: Jun 2006
Posts: 16,047
Likes: 67
Originally Posted by Steve C
My server on whois is shown to be owned/run by iWeb Technologies, Montreal, CA.

Their website is up, and the phone listed is: 1-888-909-iWEB
Likely the datacenter that MindRaven is renting space from


I am a Web Development Contractor, I do not work for UBBCentral. I have provided free User to User Support since the beginning of these support forums.
Do you need Forum Install or Upgrade Services?
Forums: A Gardeners Forum, Scouters World
UBB.threads: UBBWiki, UBB Styles, UBB.Sitemaps
Longtime Supporter & Resident Post-A-Holic
VNC Web Services: Code Modifications, Upgrades, Styling, Coding Services, Disaster Recovery, and more!
Joined: Mar 2008
Posts: 262
Iann128 Offline OP
enthusiast
OP Offline
enthusiast
Joined: Mar 2008
Posts: 262
I am trying to chat with someone from iWeb... Will let you know what I find out


Ian
http://www.firstgenmc.com/ubbthreads

"Experience is a hard teacher because she gives the test first, the lesson afterwords."
Joined: Jan 2011
Posts: 31
newbie
Offline
newbie
Joined: Jan 2011
Posts: 31
on whois it even says "Hacked by TN-Scorpion"

Joined: May 2006
Posts: 240
Likes: 1
Enthusiast
Offline
Enthusiast
Joined: May 2006
Posts: 240
Likes: 1
I am also on Chat at iWeb. Got sales person convinced to transfer me. Still waiting....

Also on hold on the phone....

Joined: Jun 2006
Posts: 16,047
Likes: 67
UBB.threads Developer
Online Tapedshut
UBB.threads Developer
Joined: Jun 2006
Posts: 16,047
Likes: 67
I just spent some time going through iWeb and I'm 100% certain that they're just the datacenter; though they offer really cheap dedicated servers ($59/mo for a dual core celeron with 4gb ram, comeon)... So chances are that all of you are on a couple of their discount servers... At that price, I'm sure several of you are making mindraven quite a profit...


I am a Web Development Contractor, I do not work for UBBCentral. I have provided free User to User Support since the beginning of these support forums.
Do you need Forum Install or Upgrade Services?
Forums: A Gardeners Forum, Scouters World
UBB.threads: UBBWiki, UBB Styles, UBB.Sitemaps
Longtime Supporter & Resident Post-A-Holic
VNC Web Services: Code Modifications, Upgrades, Styling, Coding Services, Disaster Recovery, and more!
Joined: May 2006
Posts: 240
Likes: 1
Enthusiast
Offline
Enthusiast
Joined: May 2006
Posts: 240
Likes: 1
on Chat with Ivan C at iWeb.

he writes:
Ivan C.: sorry, that company is not part of iweb

Ivan C.: they seem to have a server with us, please contact them if you have a technical question

Ivan C.: we only provide support to our clients

Joined: Mar 2008
Posts: 262
Iann128 Offline OP
enthusiast
OP Offline
enthusiast
Joined: Mar 2008
Posts: 262
Same info I got from him... Starting to get a little more pissed with Mindraven....


Ian
http://www.firstgenmc.com/ubbthreads

"Experience is a hard teacher because she gives the test first, the lesson afterwords."
Joined: Jan 2011
Posts: 31
newbie
Offline
newbie
Joined: Jan 2011
Posts: 31
Not sure if this is the place to ask this but when we first signed up with Mindraven a year ago, it, along with UBB was owned by Rick B, correct? I bought domain name hosting, and UBB from Rick, one stop-shopping. Now Mindraven is owned elsewhere as we all aware. Who now owns UBB? Unfortunately we just renewed our domain name and hosting with MindRaven. I'm wondering if it's soon enough we can have that stopped through the credit card company and move our forums & websites elsewhere. But I don't even know who owns UBB now. If I were going to try this I'd need help. I can move my other websites but I don't know how to move the forum.. presumably it's not much different. Anyone care to discuss this with me while our sites are down?

Joined: Jun 2011
Posts: 112
Sysop
Offline
Sysop
Joined: Jun 2011
Posts: 112

We are no longer affiliated with Mindraven, I suggest having expresshosting.net move your sites over to them to avoid these and future issues, it's been one thing after another after Rick sold Mindraven.





Originally Posted by vintagerace
Both my websites at MindRaven are down & my email to them got returned to. I thought this forum was hosted at Mindraven.. glad it isn't.

Joined: May 2006
Posts: 240
Likes: 1
Enthusiast
Offline
Enthusiast
Joined: May 2006
Posts: 240
Likes: 1
Got nowhere with telephone support from iWeb. He said I should contact Mindraven.

I see Mindraven's site is back up.

Joined: May 2006
Posts: 240
Likes: 1
Enthusiast
Offline
Enthusiast
Joined: May 2006
Posts: 240
Likes: 1
Whoa!!! My site is UP!

Joined: Jun 2006
Posts: 16,047
Likes: 67
UBB.threads Developer
Online Tapedshut
UBB.threads Developer
Joined: Jun 2006
Posts: 16,047
Likes: 67
Originally Posted by vintagerace
Not sure if this is the place to ask this but when we first signed up with Mindraven a year ago, it, along with UBB was owned by Rick B, correct? I bought domain name hosting, and UBB from Rick, one stop-shopping. Now Mindraven is owned elsewhere as we all aware. Who now owns UBB? Unfortunately we just renewed our domain name and hosting with MindRaven. I'm wondering if it's soon enough we can have that stopped through the credit card company and move our forums & websites elsewhere. But I don't even know who owns UBB now. If I were going to try this I'd need help. I can move my other websites but I don't know how to move the forum.. presumably it's not much different. Anyone care to discuss this with me while our sites are down?
Rick split Mindraven into 3 areas, Hosting, Dedicated Servers, and the UBB; he sold the UBB to UBBSystems, Mindraven he sold elsewhere, and he retains the dedicated server customers.

UBBSystems offers hosting under "Express Hosting".

It'd seem that Mindraven has issue after issue after the move... Keeping a server secure and up to date isn't rocket science, utilities on the server such as "yum" make running updates on a server fairly painless.


I am a Web Development Contractor, I do not work for UBBCentral. I have provided free User to User Support since the beginning of these support forums.
Do you need Forum Install or Upgrade Services?
Forums: A Gardeners Forum, Scouters World
UBB.threads: UBBWiki, UBB Styles, UBB.Sitemaps
Longtime Supporter & Resident Post-A-Holic
VNC Web Services: Code Modifications, Upgrades, Styling, Coding Services, Disaster Recovery, and more!
Joined: Jun 2011
Posts: 112
Sysop
Offline
Sysop
Joined: Jun 2011
Posts: 112

Rick sold UBB to us (UBB Systems), but kept the hosting business. He then auctioned off/sold the web hosting business (Mindraven) a few months ago. We would have bought the Mindraven hosting business as well, but we were not notified about the sale.

Tom at expresshosting.net will move the board for you at no charge.




Originally Posted by vintagerace
Not sure if this is the place to ask this but when we first signed up with Mindraven a year ago, it, along with UBB was owned by Rick B, correct? I bought domain name hosting, and UBB from Rick, one stop-shopping. Now Mindraven is owned elsewhere as we all aware. Who now owns UBB? Unfortunately we just renewed our domain name and hosting with MindRaven. I'm wondering if it's soon enough we can have that stopped through the credit card company and move our forums & websites elsewhere. But I don't even know who owns UBB now. If I were going to try this I'd need help. I can move my other websites but I don't know how to move the forum.. presumably it's not much different. Anyone care to discuss this with me while our sites are down?

Joined: May 2006
Posts: 240
Likes: 1
Enthusiast
Offline
Enthusiast
Joined: May 2006
Posts: 240
Likes: 1
Originally Posted by Steve C
Whoa!!! My site is UP!

Running my own backup right now...

Joined: Mar 2008
Posts: 262
Iann128 Offline OP
enthusiast
OP Offline
enthusiast
Joined: Mar 2008
Posts: 262
Me too, but I am on a limited wireless account and can't download the file frown May have to get one of my other Admins to download it for safe keeping.


Ian
http://www.firstgenmc.com/ubbthreads

"Experience is a hard teacher because she gives the test first, the lesson afterwords."
Joined: May 2006
Posts: 240
Likes: 1
Enthusiast
Offline
Enthusiast
Joined: May 2006
Posts: 240
Likes: 1
My site came up with the board closed. I started a backup, then noticed someone "opened" the board. ...Mindraven people must be fiddling as we type.

Joined: Jan 2011
Posts: 31
newbie
Offline
newbie
Joined: Jan 2011
Posts: 31
Will Tom also answer all my dumbass questions? Seriously. Rick was great about that even if he did eventually throw us under the bus. If we can get the payment to Mindraven stopped through the credit card company I'll consider moving but it's got to be worth it in terms of tech support and reliability of course. I'm not continually demanding but I have my blonde moments and appreciate having someone to ask.

Joined: May 2006
Posts: 240
Likes: 1
Enthusiast
Offline
Enthusiast
Joined: May 2006
Posts: 240
Likes: 1
Ok, my site is back up, and I have a backup.

But of course, some jerk out in cyberspace likely has the password to the site. Can someone post the steps to change the site password and the forum password, without getting things locked up?

Joined: Dec 2011
Posts: 23
newbie
Offline
newbie
Joined: Dec 2011
Posts: 23
Hello everyone,

Yes we have been hacked.. the hacker have bypassed the suspension module in whmcs.. we are currently looking to fix this break with the whmcs staff because we have the latest version..

Everything is back now.. and don't worry it's just a "suspension" hack, no any websites are damaged.

Sorry about that, whmcs is reputed to be very secure.. we have no real control about this but we make our best at this time to find the break and block it !

Thank you for your understanding.

Israel Gaudette
Mindraven.com

Joined: Dec 2011
Posts: 23
newbie
Offline
newbie
Joined: Dec 2011
Posts: 23
Quote
I just spent some time going through iWeb and I'm 100% certain that they're just the datacenter; though they offer really cheap dedicated servers ($59/mo for a dual core celeron with 4gb ram, comeon)... So chances are that all of you are on a couple of their discount servers... At that price, I'm sure several of you are making mindraven quite a profit...

Not really fair to say this Gizmo, the quality of our servers is a priority at Mindraven and we don't own cheap server. We have only 4 cores servers and 8 cores servers with 8gb of ram each, configured in raid-1 with daily and weekly backups.

Lost files is not an option in our politic.

This case this morning is just a badluck and not related with our server security settings..

I find it sad to have consistently unpleasant remarks to our services as we always do our best for our clients. This type of situation can happen to anyone!

Israel Gaudette
Mindraven.com

Joined: Dec 2011
Posts: 23
newbie
Offline
newbie
Joined: Dec 2011
Posts: 23
WHMCS Security Patch 5.0.x

As you can see on this post, there is a security patch for a breach in whmcs. We have applied the latest patch and now everything is secure.

Joined: Dec 2003
Posts: 6,326
Likes: 49
Online Yawn
Joined: Dec 2003
Posts: 6,326
Likes: 49
Originally Posted by Mindraven
WHMCS Security Patch 5.0.x

As you can see on this post, there is a security patch for a breach in whmcs. We have applied the latest patch and now everything is secure.

Thank you for staying on top of this critical issue and keeping this site informed.


Blue Man Group
There is no such thing as stupid questions. Just stupid answers
Joined: May 2006
Posts: 240
Likes: 1
Enthusiast
Offline
Enthusiast
Joined: May 2006
Posts: 240
Likes: 1
...so a hack into WHMCS causes all the managed sites to go down???

And Israel G, are you in Quebec?

Joined: Dec 2003
Posts: 6,326
Likes: 49
Online Yawn
Joined: Dec 2003
Posts: 6,326
Likes: 49
Originally Posted by Steve C
...so a hack into WHMCS causes all the managed sites to go down???

And Israel G, are you in Quebec?
I can't speak for mindraven. But if it were me and I was hacked as a hosting service I would shut everything down till I found a resolution. Being concerned that it may impact all of my customers.
Would not you!


Blue Man Group
There is no such thing as stupid questions. Just stupid answers
Joined: Apr 2007
Posts: 3,940
SD Offline
Former Developer
Offline
Former Developer
Joined: Apr 2007
Posts: 3,940
Rick was using whcms too on the old mindraven, if i remember correctly, so it probably woulda happened regardless ( assuming of course all other things being equal )

Good that the NEW Mindraven got on this and applied the patch.

I'm pro NEW Mindraven wink

Joined: Jun 2011
Posts: 7
A
stranger
Offline
stranger
A
Joined: Jun 2011
Posts: 7
Does this have anything to do with anyone running ubb 7.5.6p2?

Joined: Apr 2007
Posts: 3,940
SD Offline
Former Developer
Offline
Former Developer
Joined: Apr 2007
Posts: 3,940
Originally Posted by apfund
Does this have anything to do with anyone running ubb 7.5.6p2?


nope..

it is a completely separate thing..

however, if you are currently running a NON patched version of ubbthreads, i highly recommend you do that.

the risk is that your site ( only the site ) will be compromised / hacked as others have found..

Joined: Dec 2011
Posts: 23
newbie
Offline
newbie
Joined: Dec 2011
Posts: 23
Quote
..so a hack into WHMCS causes all the managed sites to go down???

And Israel G, are you in Quebec?

The websites have not been down but simply suspended. In WHMCS there are several modules which sends queries directly to the server, including a suspension module. The hacker has simply used this flaw in WHMCS to run the module suspension on all accounts on the server and then change the page of his suspension. Fortunately for us, no sites have been damaged. The hacker has just executed a command line that suspended all server accounts.

Yes i live in the state of Quebec, more precise at Saint-Jean-sur-Richelieu.

Quote
I can't speak for mindraven. But if it were me and I was hacked as a hosting service I would shut everything down till I found a resolution. Being concerned that it may impact all of my customers.
Would not you!

Turn off the server is not always the best thing to do in this case.. After receiving the alert, it took only 20 minutes to realize that the hack was passing by the user WHMCS on our server so we systematically remove all the access to this account. For the rest, we needed about 1 hour to un-suspend all accounts on the server.

I prefer that your sites remain active and you know what's going on than simply shut down the server and give you no news.

Israel Gaudette
Mindraven.com

Joined: Jun 2011
Posts: 7
A
stranger
Offline
stranger
A
Joined: Jun 2011
Posts: 7
Is 7.5.6p2 the patched version?

I'm pretty sure I installed it properly a few months ago, but i wanted to double check.

I have it installed at assetprotectioncorp dot com/forums/

Page 1 of 3 1 2 3

Link Copied to Clipboard
ShoutChat
Comment Guidelines: Do post respectful and insightful comments. Don't flame, hate, spam.
Recent Topics
Cannot redeclare class Admin
by Antoine20 - 03/05/2021 11:36 AM
legend for admin log operation names?
by Ruben - 03/04/2021 3:14 PM
active text
by isaac - 03/02/2021 6:48 AM
How to delete all PM's for one user
by Ruben - 02/27/2021 7:10 AM
Active links corrupts image links/urls
by Morgan - 02/24/2021 1:03 PM
Who's Online Now
5 members (Gizmo, Ruben, Morgan, Antoine20, 1 invisible), 50 guests, and 55 robots.
Key: Admin, Global Mod, Mod
Random Gallery Image
Latest Gallery Images
gallery test
gallery test
by Mors, September 23
Los Angeles
Los Angeles
by isaac, August 6
3D Creations
3D Creations
by JAISP, December 30
Artistic structures
Artistic structures
by isaac, August 29
Powered by UBB.threads™ PHP Forum Software 7.7.5