Virtual Server Co. Phishing Victim

Wednesday, January 22, 2014 @ 04:01 PM gHale

Virtual private server firm ThrustVPS fell victim to a phishing attack.

The VPS provider sent an email to its users admitting to the attack. “The phishing attack came from our server,” the admin team wrote in an email. “Upon further investigation the attacker had managed to gain access to the whmcs installation and upload his own files, namely a php shell and a mailer script. These have now been removed and the server has been secured.”

Going Phishing with Apple
Apps Lack of Security
Mobile Alert: Bug in Smartphone
Pulling RSA Keys by Listening

“We are also looking to introduction [sic] extra security to make sure we have no further repeat of issues you have experienced over the weekend,” the email said.

As a precaution, ThrustVPS asked uses to login and update their passwords. The company also said it does not store any credit card information on its systems, so there was no chance of any financial disasters.

“Our apologies for any inconvenience this has caused and please let us know if there is anything we can assist with during this time,” the email said.

Leave a Reply

You must be logged in to post a comment.