GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Paycom Clients Change your FTP Passwords!!! (https://gfy.com/showthread.php?t=625018)

aico 06-22-2006 10:23 PM
Paycom Clients Change your FTP Passwords!!!
 
I have just been informed by my server company (reflected.net) that they have found the source of how I, and other clients of theirs, that apparently Paycom has been hacked and they got my FTP passwords from them, which is how they fucked with my and many other peoples sites lately.

Discuss...

Pron Don 06-22-2006 10:25 PM
very very shitty

artman 06-22-2006 10:27 PM
that's fucked

aico 06-22-2006 10:27 PM
*how I, and several of their other clients, got hacked (sorry got sidetracked mid-sentence).

aico 06-22-2006 10:30 PM
Ok, I may have jumped the gun, they are not sure it was Paycom, they are still looking into it... my bad. Will let you know more as I do.

marketsmart 06-22-2006 10:36 PM
sounds to me like your host needs to lock down your server... if its just ftp issues have them make ftp restricted to ip's.....

Phil21 06-22-2006 10:43 PM
Just thought I'd interject here..

We've been tracking an issue a few other hosts have been looking into over the past weeks or so. The common thread essentially is a one-shot successful login to a valid FTP account (e.g. no password guessing, etc.), and adding of some malicious code containing an iframe to various html and php pages.

Currently, at least with our customer base, it appears an external third party may have had a password database compromised. Paycom is just one of a few sources this data could be from, and in Aiko's case that was one biller used. Some unfortunate language was used by an technician in the ticket response, which made it look like we were certain of the source.

The other possibility is a backdoor of some sort (like spyware) going around that may look into FTP software saved passwords.

Anyways, as we know more we will dispense info on to our clients. A good practice for most everyone would be to change any FTP or other account passwords you have given out to any third parties immediately. Also as someone mentioned, if you have the ability to know where you'll always be FTP'ing from, firewalling off everything else provides a good level of protection from leaks such as these in the future.

-Phil

WiredGuy 06-22-2006 10:48 PM
I have a feeling if the source was the processor, there would be a lot more clients who were compomised.
WG

CaptainHowdy 06-23-2006 12:26 AM
Holy crappers, that's bad...

Choppa 06-23-2006 12:38 AM
hmmmm not good at all :(

gooddomains 06-23-2006 12:40 AM
that's not good news

V_RocKs 06-23-2006 01:47 AM
Doesn't mean Paycom was hacked... Could mean you are leaving the info open or the FTP software itself is hackable.


All times are GMT -7. The time now is 12:03 PM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123