Cosmo, one of the members of the UGNazi hacktivist group, has been arrested in connection to a breach of the client management and billing solutions WHMCS. UGNazi hackers managed to gain access to the systems of WHMCS - the company that offers client management, billing and support solutions to many web hosting companies. Along with leaking 1.7 gigabytes' worth of data onto bit torrent sites, the intruders also deleted all the files from the firm’s server, which resulted in the loss of the latest orders and tickets.
Shortly after the incident took place, the company came forward with a statement, admitting that their systems were penetrated. A few hours later, almost everything had been restored to normal and the site’s owners could make an estimate of the damages caused. The data leak comprised 500,000 usernames, passwords, IP addresses and in some instances credit card details.
According to Matt Pugh, WHMCS founder and lead developer, the passwords were “stored in hash format” so they’re safe, but the credit card information may be at risk, along with the contents of all the recently submitted tickets. The company has also learned that the breach was the result of a social engineering attack.
Later Paug in an update reported that what occurred was the result of a social engineering attack. The person was able to impersonate myself with HostGator, our web hosting company, and provide correct answers to their verification questions,” Pugh explained.
And thereby gain access to our client account with the host, and ultimately change the email and then request a mailing of the access details. This means that there was no actual hacking of our server. They were ultimately given the access details.
Softpedia is reporting that Cosmo was actually the one who social engineered Hostgator employees in order to get the access information to WHMCS systems.
The hacktivists’ website ugnazi.com, on cloudflare nameservers is loading a default cpanel page. A few days ago a tweet from @UGNazi stated that domains were seized by the FBI.