7 {{ upvoteCount | shortNum }}
7 {{ upvoteCount | shortNum }}

Be careful, www.pushbuttonpublishing.com has been hacked

by nmb
6 replies
A very nice hacker has just emailed me my login details for the above website which has been hacked.
#careful #hacked
  • Profile picture of the author brianoh
    Me too. Can't see the point, unless they want to disrupt the company's business, but it begs the question as to whether these passwords are stored in plaintext, and if not, then what kind of algorithm has been used that makes it so easy to decrypt. Disturbing.
    {{ DiscussionBoard.errors[6115886].message }}
  • Profile picture of the author nmb
    It was something of a shock to receive my private log in info in such a plain email!
    {{ DiscussionBoard.errors[6115962].message }}
    • Profile picture of the author brianoh
      It looks like a scripting attack on cronmail.php at pushbuttonpublishing, which is why you got an email. The originating mail server apears to be at infogoround.com, which hosts pushbuttonpublishing.com (the only site hosted there in fact, maybe the same owner).

      I wouldn't be too worried about it except as a warning not to use the same password on multiple sites, especially where sensitive data is concerned. If you have done so, I would change them all pronto.
      {{ DiscussionBoard.errors[6116827].message }}
      • Profile picture of the author SMSWriter
        You need some security plugins, bro!

        I use Better WP plugin. It's in the directory. The other stuff, like Wordpress Firewall, doesn't work.

        Shanen
        {{ DiscussionBoard.errors[6118259].message }}
        • Profile picture of the author brianoh
          Originally Posted by Shanen Smith View Post

          You need some security plugins, bro!

          I use Better WP plugin. It's in the directory. The other stuff, like Wordpress Firewall, doesn't work.

          Shanen
          Not sure what good that would do. pushbuttonpublishing.com doesn't seem to use WP. Take a look at the HTML code. And on the affiliate login page (seriously screwed up) it says "Powered by DH Softwares". That could be where the problem lies - and if so, there may be a lot more web sites open to this scripting attack. See DH Softwares SQL Injection ≈ Packet Storm - the link is from last year, so presumably that has been fixed, but there are always new exploits being discovered.

          I guess if anyone has a site powered by these guys they should at least check this out with them just to be on the safe side.
          {{ DiscussionBoard.errors[6118904].message }}
  • Profile picture of the author therenegadeleader
    I think the hacker is just concern on people who want to buy from the owner of the site.
    Signature
    The Renegade Leader
    {{ DiscussionBoard.errors[6119145].message }}

Trending Topics