News: Smarters hacked. Being extorted for client details.

[urgodfather]

+++++++++++ copy of text for those who require translation +++++++++++++++++

Down for Maintenance (Err 3)​

********** Smarters Has Been Hacked **********


To Prevent Customers Credentials And Tickets Leaking 1BTC must be sent to bc1qtjau3ygp3nun9cp9j9c7cwepfnfngwemq5lcaq before GMT+5:30 13:00


Does this company care about their customers or are they going to let incriminating conversations, and personal details leak that would put everyone using their products at risk?


Are they going to let their own source codes leak so that they have no business left?


Are they going to allow the owners details of IPTV services to be revealed?


They Have 3.36 BTC In There Blockchain Wallet So They Can Afford To Protect You But The Question Is Do They Care.


You can view there bitcoin balance through there XPUB xpub6DKcDbrSS7G6kCnjSQTL49a3wY3Hi7nw2HezUX1U7CWVk5RXMkpeG4qBZtmFDa5mdB4MTpYC96174RgBXHwWvZMF5j6C1jGNYkMdxCdoYDC

 

[KingPegasus]

Good to know just in case

 

[stokedcrf]

Oh India, what would we do without you!
Always keeping it interesting for sure!

 

[urgodfather]

 

[CentOS]

I usually think and say, everything we use that is not Self hosted is a danger, every time something happens, it can take a while but at some point it gets ugly...

all licensed services went offline
from whmcssmarters.

great job alerting and keeping the community informed @urgodfather .

 

[SubZer0]

Guess it didnt work for them too well. They are back up and running it looks like.

 

[urgodfather]

Guess it didnt work for them too well. They are back up and running it looks like.

That just means that Smarters rebuilt their WHMCS server and restored a backup. That has no reflection on the fact that every client in their system has had their data compromised.

Unencrypted:
email
name
Phone
Address
Ip addresses
Purchases
Licenses, ip’s of where licensed, domains of where licensed, file path of where licensed
Tickets and all info that may have been shared in those tickets
Emails

Easily decrypted:
Passwords
Stored payment details depending on payment method used


Want me to keep going? I’m sure some of their clients are fine because they have false info being used, however, I know there is a questionable portion that do not. I mean seriously, even some of our own members I have had to message and advise them to use a little more common sense when creating their usernames.

 

[SubZer0]

That just means that Smarters rebuilt their WHMCS server and restored a backup. That has no reflection on the fact that every client in their system has had their data compromised.

Unencrypted:
email
name
Phone
Address
Ip addresses
Purchases
Licenses, ip’s of where licensed, domains of where licensed, file path of where licensed
Tickets and all info that may have been shared in those tickets
Emails

Easily decrypted:
Passwords
Stored payment details depending on payment method used


Want me to keep going? I’m sure some of their clients are fine because they have false info being used, however, I know there is a questionable portion that do not. I mean seriously, even some of our own members I have had to message and advise them to use a little more common sense when creating their usernames.

I truly think next week, it will be a wash.