When attempting to connect to leakster.net, users are automatically re-directed to The FBI website instead.
The attacks on Comcast and WHMCS caused a media frenzy due to the credit card details and other records from 500,000 of their customers were leaked. The card information was salted and hashed, however the decryption key was allegedly stored in plain text giving the hackers easy access to the information. To that end, WHMCS released a notice on their blog. The attack only lasted a few hours, but the damage was done. The hackers tricked WHMCS’s own hosting firm into handing over admin credentials to its servers.
After the attack when WHMCS had regained use of their servers on Monday night, they made the following statement:
Following an initial investigation I can report that what occurred today was the result of a social engineering attack.
The person was able to impersonate myself with our web hosting company, and provide correct answers to their verification questions. And thereby gain access to our client account with the host, and ultimately change the email and then request a mailing of the access details.
This means that there was no actual hacking of our server. They were ultimately given the access details.
This is obviously a terrible situation, and very unfortunate, but rest assured that this was no issue or vulnerability with the WHMCS software itself.
We are immediately reviewing all of our hosting arrangements, and will be migrating to a new setup at the earliest opportunity.
I would like to take this opportunity to thank all of you who have sent in messages of support, and offers of help. It has clearly been a very stressful time, and I thank everyone both personally and on behalf of WHMCS for their loyalty and support.
The matter is now in the hands of the FBI.