We have managed to communicate with the 14 year old boy from New Zealand whose server was used for this injection attack. We are not able to trace if he is the actual person who did it but he has given all the scripts and available ftp passwords he had on his server.
we are sending an email to customers whose passwords were on his server and our phone support team will be calling all those customers in next 2 days time.
he used ftp_exec function to initiate this injection and he managed to get list of passwords for those accounts which had weak password without any numbers or Caps in them. We have modified our password policy on the signup page and now every customer will need to choose a password with minimum 10 characters.
I will update with further information as we are trying to trap the actual culprit.
__________________
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
||
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
||
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
Toll Free : 0808 262 0255 || MSN : mark @ eukhost.com || AIM : eukmark
A bunch of Sheep led by a Lion is better than a bunch of Lions led by a Sheep.
__________________________________________________
Great Opportunity :: Join our
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
for FREE and earn 20% commission on each referral.
|