1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Warning for 1and1 customers

Discussion in 'BlackHat Lounge' started by DanDanger, Jul 11, 2011.

  1. DanDanger

    DanDanger Junior Member

    Joined:
    Nov 11, 2010
    Messages:
    129
    Likes Received:
    147
    Warning for existing 1and1 customers.


    Apparently it's incredibly easy to hack a 1and1 account, which is completely outside of your control. Here's my experience.


    I hosted a reasonably high profile IT security site (oh the irony) on a dedicated server at 1and1. I put it up for sale on flippa for a few K and that's when the trouble started. After I'd disclosed the size of the email list and traffic, I imagine people saw the value in the site and the idea of stealing became quite attractive.


    I logged into my 1and1 control panel one evening to see my account email address had changed to a completely new hotmail address. Concerned I browsed around my settings to see a subdomain added to external hosting which was hosting an entire duplicate of my site, database included. WTF!


    Shortly after that I was kicked out of my 1and1 account and unable to get back in.


    I phoned up 1and1 customer support for an explanation and to get back into my account. I was told to fill out a form and wait 72 hours. It wasn't until the next day I was allowed to speak with technical support member who could understand English and wasn't based in the Philippines.


    Turns out they had got access by the following:
    1and1: ?Hi, how can I help??
    Hacker: ?Hello, I'm Dan I've forgotten my email address, customer number, password and home address. Can you change my account to these new details please?
    1and1: ?Not without ID.?
    Hacker: ?Ok, here is a photoshopped drivers license.?
    1and1: ?Thank you. Details updated!?


    It is THAT simple to get access to an account at 1and1. Thanks to that a website worth a few thousand is now stolen, duplicated and completely devalued.


    It took me 2 days to regain access to my own server. There seemed to be no concern from any customer support person in 1and1, replying to my emails with unhelpful cookie-cutter FAQ's.


    Thought I would share my story as it'll certainly be something to take into account if you've got similar high profile sites with 1and1. Imagine if a competitor did that to your account and you lost all your websites overnight.


    Now in the processing of suing via small claims, we shall see how that goes.
     
    • Thanks Thanks x 1
  2. kryptocrap

    kryptocrap Registered Member

    Joined:
    Mar 15, 2008
    Messages:
    73
    Likes Received:
    5
    Home Page:
    What's your basis that it went through that way?
    My guess.. your PC is infected and your login details were stolen. Or maybe your password was too simple - it was bruteforce :D
     
  3. DanDanger

    DanDanger Junior Member

    Joined:
    Nov 11, 2010
    Messages:
    129
    Likes Received:
    147
    My site is one of the largest in its field, I take security quite serioulsy ;)

    I found out that was what happened when I was speaking with the american guy in technical support. 1and1 log every correspondence between your account and 1and1. He then listed off what my logs said and we found out that's how they did it.

    To quote the technical support person "I'm looking at it now and it's quite obviously photoshopped".
     
  4. dogmann11

    dogmann11 Junior Member

    Joined:
    Jan 26, 2010
    Messages:
    152
    Likes Received:
    40
    Location:
    Nashville
    I stopped actively using 1&1 a while ago, thanks to the bad reviews here at BHW. Man! what a horror story.
     
  5. bertbaby

    bertbaby Elite Member

    Joined:
    Apr 15, 2009
    Messages:
    2,019
    Likes Received:
    1,496
    Occupation:
    Product marketing
    Location:
    USA
    Home Page:
    Wow, you can't even give the creep credit for doing something creative, basically they held the door open and gave him the keys!
     
  6. davids355

    davids355 Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 25, 2011
    Messages:
    8,787
    Likes Received:
    6,326
    Home Page:
    Wow! That does suck!

    Im just trying to think what should be the course of action - say you really did lose those details.

    I think the key point is probably that they should make it a requirement that you contact them via the email on file?

    Heres a story on the other side of the coin - I had a customer once (I work in IT) and they had an issue with their internet provider whereby ISP had made an error and completely changed the customers name AND physical address - it had actually been changed to a random females name.

    A letter had still arrived at the correct address, but the name and address on the statement (and on the account) were completely wrong.

    It actually took about 2 weeks to convince the ISP to rectify this problem - they wouldn't take any instruction from us (me and my client) regarding the matter, because neither of us were the account holder!!!

    My point being, if a situation like that actually arises, how can you confirm identity? Proof of identity is normally the way forward, but in a global environment where you cant meet in person, how do you ensure identity??

    After all, social-snooping and physical deception are a hackers best tools!
     
  7. Biggles

    Biggles Registered Member

    Joined:
    Jun 19, 2011
    Messages:
    61
    Likes Received:
    25
    1and1 are just bad all round. They are incompetent, their services are poor and everybody that I've ever had the displeasure of dealing with was just bad.

    Oh and they try bill you for stuff you cancelled, then put debt collectors after you even when their inept mailroom staff got the cancellation paperwork.

    I'll never use them again.
     
  8. davids355

    davids355 Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 25, 2011
    Messages:
    8,787
    Likes Received:
    6,326
    Home Page:
    I don't think I've EVER heard a good review of 1and1 !

    I quite like them though - I've been with them for nearly 7 years and back then I started off with 6 months completely free! That started my opinion off with them and it's stuck.

    Now I have two dedicated servers and two pro hosting accounts and over 150 domains with them.

    I have had viruses on my server, accidental loss of data and other bad situations and they have always been dealt with well - They must have mistaken me for someone important!

    Having said that the first and only issue I have had has been recently where their control panel has been REALLY slow to log in etc (anyone else had that?), when I emailed them they basically fobbed me off... ;(
     
  9. BassTrackerBoats

    BassTrackerBoats Moderator Staff Member Moderator Jr. VIP

    Joined:
    Mar 10, 2010
    Messages:
    12,769
    Likes Received:
    22,007
    Occupation:
    I don't actually have a job
    Location:
    It's an Algo, of course it can be gamed.
    Home Page:
    The Cpanel has been stupid slow lately for me as well.
     
  10. DanDanger

    DanDanger Junior Member

    Joined:
    Nov 11, 2010
    Messages:
    129
    Likes Received:
    147
    A little common sense would've been nice. Maybe someone who has basic photoshop experience who can spot a fake? A quick phone call to the number on the account? Check account activity to see last login dates?

    This was a dedicated server I had with them.... not the average Joe's hosting plan. Only the big fish play around with dedicated server accounts, a little extra validation would've been nice when so much is at stake with any dedicated server.

    It's very apparent their support team have no concern, common sense or motivation to actually help. Simply wanting to get the customer out of their support queue as quickly as possible.... 9 times out of 10 with a pasted in FAQ that doesn't even cover the question you asked.

    I'll certainly never be recommending or using 1and1 again.
     
  11. MisterF

    MisterF Jr. VIP Jr. VIP Premium Member

    Joined:
    Nov 29, 2009
    Messages:
    2,017
    Likes Received:
    903
    Occupation:
    Beating the odds ;)
    fucking nightmare brother, I hope the court case goes your way.
     
  12. tonegawa

    tonegawa Junior Member

    Joined:
    Mar 3, 2011
    Messages:
    128
    Likes Received:
    24
    mwuawuwauwuauaauwuauwu :D

    The power of a genius hacker!!
     
  13. davids355

    davids355 Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 25, 2011
    Messages:
    8,787
    Likes Received:
    6,326
    Home Page:
    Basetracker glad it's not just me.
    Guess they just won't spent enough resources on their own site hosting!!!???

    I'm going to mail them again about it.

    I also have a box with xsserver (great so far) and with a certain bhw member I have a hosting plan, so maybe it's time to move away from 1and1, I don't know...

    Tonegawa, it's true, it's techniques like that that real hackers use - simple is best!
     
  14. tonlilaz

    tonlilaz Executive VIP Premium Member

    Joined:
    Feb 28, 2008
    Messages:
    1,558
    Likes Received:
    1,700
    Occupation:
    Deleting crappy threads on BHW, making good use of
    Location:
    Over There
    Home Page:
    when are people going to understand that 1and1 is bottom of the barrel?
     
    • Thanks Thanks x 1
  15. gorang

    gorang Elite Member

    Joined:
    Dec 6, 2008
    Messages:
    1,891
    Likes Received:
    1,650
    Occupation:
    SEO Consultant - Marketing Strategy
    Location:
    UK
    I've had terrible problems with 1and1, thankfully i've moved to evohosting which are a great company.
     
  16. blackhataffiliate

    blackhataffiliate Senior Member

    Joined:
    Oct 19, 2008
    Messages:
    847
    Likes Received:
    1,364
    Location:
    USA
    They pulled that shit on me and I threatened to sue and showed all my docs to prove canceled products and they immediately stopped all debt collections.
     
  17. angelas111

    angelas111 Jr. VIP Jr. VIP Premium Member

    Joined:
    Jan 4, 2009
    Messages:
    1,570
    Likes Received:
    1,016
    Location:
    ohio
    i have been dealing with 1&1 for years. never had any problems accept the cpanel being very slow now.
     
    • Thanks Thanks x 1
  18. davids355

    davids355 Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 25, 2011
    Messages:
    8,787
    Likes Received:
    6,326
    Home Page:
    Tonlilaz who do you use for your hosting (if you don't mind me asking)?

    I know there are loads of alternatives and as I said, I have hosting accounts at several places, BUT I do like 1and1 because they are a large company - and I know with that you get less personal touch, but I do trust them in the larger sense of the word with all my domains.

    If I were moving 150 domains i don't know who I would trust to move them to...??
     
  19. Bross

    Bross Senior Member

    Joined:
    Feb 6, 2010
    Messages:
    859
    Likes Received:
    355
    I've seen better looking & performing control panels in 2003.

     
    • Thanks Thanks x 1
  20. marcus.watts

    marcus.watts Junior Member

    Joined:
    Sep 18, 2010
    Messages:
    118
    Likes Received:
    21
    Well, i was with 1and1 before then i switched to hostinizer.com and things are pretty much settled now.