1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

VPS got hacked, all Twitter acc gone

Discussion in 'BlackHat Lounge' started by whateverfree, Sep 25, 2014.

  1. whateverfree

    whateverfree BANNED BANNED

    Joined:
    Jun 11, 2010
    Messages:
    208
    Likes Received:
    138
    I bought a VPS from Poweruphosting that advertise in this forum, Instantproxies, then I install scrapebox and Followliker on the VPS

    I run only Followliker for 12 Twitter accounts for about two weeks and yesterday my VPS got hacked, hacker changed the VPS password and steal all my Twitter accounts. He can't steal all of them if Followliker hide all the password field. That's a real problem of your software. I am contacting with Twitter but there is no answer from them since two days.

    I still not sure why my VPS got hacked. I've sent the VPS password to Poweruphosting admin about one week before to asking him optimizing the VPS to runs the tools, because the remote desktop was slow and I did not change password after he finished. But I don't think they steal my accounts.

    Please RIP me :(
     
    Last edited: Sep 26, 2014
  2. wisdomkid

    wisdomkid Jr. VIP Jr. VIP

    Joined:
    Jun 20, 2011
    Messages:
    2,593
    Likes Received:
    750
    Why did you upload this in BHW lounge? lol, there's no RIP ing you now, you've still got chances if twitter answers your queries.
     
  3. Magic5

    Magic5 BANNED BANNED

    Joined:
    Aug 30, 2014
    Messages:
    376
    Likes Received:
    83
    Sounds like you were targetted by someone outside of powerup hosting because i doubt very much that diamond damien would endorse this if the owner wasn't trusted.
     
  4. Known

    Known Regular Member

    Joined:
    Jan 27, 2013
    Messages:
    266
    Likes Received:
    187
    Occupation:
    IM
    Location:
    OH CANADA!!!!
    Check your computer for spyware, change all your email/other account passwords.
     
    • Thanks Thanks x 1
  5. avi619

    avi619 Jr. VIP Jr. VIP

    Joined:
    Apr 1, 2012
    Messages:
    1,368
    Likes Received:
    1,883
    Location:
    Somewhere out there
    I'm running poweruphosting VPS for more than a year now, no problems mate. Someone else knows your password or your system is compromised.
     
  6. ugjunk

    ugjunk Jr. VIP Jr. VIP Premium Member

    Joined:
    Jan 1, 2011
    Messages:
    2,345
    Likes Received:
    721
    Location:
    Los Angeles
    Home Page:
    Hello,

    We're sorry to hear about hacking instance which happened. Let us know your situation so we can help you out.

    Firstly, we take security issues very seriously. We've a strong and security network/server. Upon your purchase we've written in RED BOLD letters, change your password immediately upon your first login, not only that, we encourage our users to change their password from time to time to keep the security very tight on the client end. I'm not sure you ever changed that password, if you did then the hacker might have gain access to the VPS from your PC.

    Regarding not having access to your VPS anymore, did you open up a ticket with our support?

    Also,were you using a legit software? If not then, we've seen few instances in the past where customers were found using pirated version of the software which lead the hackers to easily access (This is why we strongly recommend everyone to purchase the software directly from the vendor).

    For now, to gain back access to your VPS, please open up a ticket with us from your Client Area and our techs will be happy to look into the issue.
     
    Last edited: Sep 26, 2014
  7. Moto801

    Moto801 Senior Member

    Joined:
    Apr 25, 2009
    Messages:
    849
    Likes Received:
    413
    Location:
    Far away
    How do you know for sure it was your VPS that got hacked though?

    Is there a way to check access logs of the VPS to see everyone that has gained access?
     
  8. ugjunk

    ugjunk Jr. VIP Jr. VIP Premium Member

    Joined:
    Jan 1, 2011
    Messages:
    2,345
    Likes Received:
    721
    Location:
    Los Angeles
    Home Page:
    He mentioned the name in the first post, we aren't even sure what the situation is until the OP opens up a ticket, then we can investigate and check all logs, my reply was purely based on his initial post.
     
  9. whateverfree

    whateverfree BANNED BANNED

    Joined:
    Jun 11, 2010
    Messages:
    208
    Likes Received:
    138
    I have asked on the current ticket and supporter told me get the help from Twitter. 12 acc belong to 6 emails and I still access to my email. I am using Linux mint so I think my pc is clean.

    I only install Scapebox and Followliker paid version on the vps.

    Hacker changed the vps password so I know he hacked my vps.

    Twitter did not answer ticket till now :(

    Hosting supporter help me change the vps password but I will not use it till known how I got hacked

    Ticket number # 679207, Ugjunk plz help check the log, I hope you find the reason
     
    Last edited: Sep 26, 2014
  10. Paper-Boy

    Paper-Boy Elite Member

    Joined:
    Jun 17, 2009
    Messages:
    5,116
    Likes Received:
    1,821
    I highly doubt the supporter hacked your account because there's lots of people on this forum running bots on their vps'.

    Have you tried running a virus scan on your computer though? there are hackers who sell RDP logins on hacking forums.
     
  11. whateverfree

    whateverfree BANNED BANNED

    Joined:
    Jun 11, 2010
    Messages:
    208
    Likes Received:
    138
    I will scan my pc when I back home but if my pc was hacked he will not only steal my Twitter accs

    I don't think supporter hacked my accs, each Twitter acc has less than 1000 followers. But I don't know why my vps get hacked
     
    Last edited: Sep 26, 2014
  12. HostSailor

    HostSailor Junior Member

    Joined:
    Jul 5, 2014
    Messages:
    107
    Likes Received:
    4
    Change all your password and make it secure.. reinstall OS if possible
     
  13. davids355

    davids355 Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 25, 2011
    Messages:
    8,796
    Likes Received:
    6,349
    Home Page:
    when you have a server thats open on port 3389 (remote desktop/RDP) you need a majorly secure password otherwise its easy for someone to hack into your server.
    I mean you cant ever use any dictionary word, you need 8 characters minimum and special characters as well.
    good luck getting your twitter accounts back.
     
  14. jazzc

    jazzc Moderator Staff Member Moderator Jr. VIP

    Joined:
    Jan 27, 2009
    Messages:
    2,468
    Likes Received:
    10,148
    In general for passwords, anything short of 11 is meaningless. 14+ for sure.
     
  15. lostgringos

    lostgringos Senior Member

    Joined:
    Dec 5, 2008
    Messages:
    837
    Likes Received:
    266
    Occupation:
    Online Reputation Manager
    Location:
    Dumaguete City, Philippines
    I also had a problem ... see below

    Regarding your server being compromised, their could be multiple reasons, we've already replied to your ticket, so please respond back to that, this way we're using one medium to communicate.

    Originally Posted by lostgringos
    I just want to let you know that my server has been hacked. Well, it is located in Russia, correct? I mean what can I expect. Poor judgement on my part. Found out I was wrong and the server is located in the US. My mistake!


    All my sites and data have been compromised. It will take me a long time to fix it. Also, some of my software that I have recently purchase cannot be changed to a new server until month end.

    I have to have my proxies changed.

    I imagine it will only be a matter of time until they have found their way into my computer!

    They now have all my dropbox files with passwords.

    If they gain access to my computer they may gain access to my bank account and Paypal to mention just a few of my accounts. They have access to everything in my dropbox folder.

    I am so upset!

    I sent in a ticket regarding this matter.

    Alternatively, it is possible they have already hacked my computer and found their way through my VPS to my computer?

    Is there a way to find out what happened here?

    Ticket Created #919984

    Frank


    -------------------------------------------
    Hello,

    If your VPS got hacked we can terminate it and give you a new one. That is the only thing you can do in this case.

    Let us know and we will be happy to provide you a new VPS with a secured password. Big deal!

    Also note that all data will be deleted. If you want us to reset your password so you can gain access to the VPS (if you need any files from it) we can do that for you.

    Otherwise I would advise to get rid of this hacked VPS and move on with a new one.

    ----
    All the best,

    Oscar Hernandez
    Sr. System Administrator
    Power Up Hosting, Inc - Los Angeles

    Absolutely no investigation into what happened. These hackers created an account in GSA, Followliker and in Twitter. Why in the world would they do this? Very strange behaviour. This sounds like someone inside did this! I could be wrong!

    No apology whatsoever!

    I have to wait to the end of the month now to change Scrapebox, GSA and FollowLiker as you can only change once a month! Bummer.

    I left GSA running so they could actually see what was going on. No response from Powerup Hosting. I am surprised they would not want to find out who was doing this! Some guy has hacked my VPS and is running my GSA. Looks like they are not concerned;

    Bottom line is this VPS is inferior. The help is inferior.

    I have so many passwords to change now. What a pain in the ass.

    I don't another server with them. I don't care if they give me a discount or my money back. I just want to wash my hands with this service ASAP.
     
  16. prab1996

    prab1996 Elite Member

    Joined:
    Jan 8, 2013
    Messages:
    3,496
    Likes Received:
    2,028
    Occupation:
    your gf's <3 ♥♥♥♥
    Location:
    Prab1996.com
    Home Page:
    i also got some problems with my account on powerup , but my vps was not hacked. i think some one might have got access to your email or some other thing.hacking a windows rdp is not that easy and some one who know how to do it won't be hacking a cheap vps.
    it's a work of a password cracker or some type of key logger on your home pc.
    -=-
     
    Last edited: Oct 27, 2014
  17. ItsBlinkHere

    ItsBlinkHere Regular Member

    Joined:
    Apr 27, 2014
    Messages:
    409
    Likes Received:
    150
    Location:
    At Large
    PowerUp works good for me. Iv'e been running over 500 twitter accounts. Nothing has happened and iv'e been going strong for at least 2 months now. I have no complaints at all.

    I think a moderator should close this thread. Its not in the right place.
     
  18. lostgringos

    lostgringos Senior Member

    Joined:
    Dec 5, 2008
    Messages:
    837
    Likes Received:
    266
    Occupation:
    Online Reputation Manager
    Location:
    Dumaguete City, Philippines
    You may be right, but whoever they are they knew their way around GSA and Follow Liker. It still seems strange to me. Even stranger was the response from Powerup Hosting. You would think they would want to investigate and find out who this phantom hacker was. I would! But they never looked into this and suggested I delete all my files.

    I don't think this is the right approach to take. You should try and learn from this not just tell your clients that have hacked to just delete their files and they will given a different ip!
     
  19. lostgringos

    lostgringos Senior Member

    Joined:
    Dec 5, 2008
    Messages:
    837
    Likes Received:
    266
    Occupation:
    Online Reputation Manager
    Location:
    Dumaguete City, Philippines
    I have to update my dealings with Powerup Hosting. I received an email from Oscar Hernandez
    Sr. System Administrator Power Up Hosting, Inc - Los Angeles saying how sorry he was to hear about my situation. He is bending over backwards to help me even though I am a low level consumer. I do appreciate that and how he is approaching the situation.

    I had been asked a number of times to update my password and never did. I have also been asked to do this on BHW and have not changed them enough and when I did I only used a few digits for my password. I was also using the same password for many accounts. I will no longer be doing this. I have been to lax regarding my passwords. I will be generating unique and different 20 digit passwords for all my accounts from now on. So, I have to admit that this problem I am having with Powerup Hosting is probably my own undoing. Lesson learned.

    Another thing that may have contributed to my problem could have come from not having a good virus checker on my VPS as I do download files from time to time. It has been suggested to me that this hacker could have been using a keylogger on my VPS.

    Anyway, I am happy with the solution Oscar has given me thus far and and very happy with his concern about keeping me as a customer. I understand that no VPS is bullet proof if users don't have decent passwords and if they don't scan files for viruses etc.

    Frank