JoomDonation Hacked Email

Hi Sander

There is nothing stranger with that code. And I can assure that all of your websites are safe. We are working on final steps (moving our website to a new hosting provider), then we will give full information about this issue.

Regards,

Tuan

I got the same letter from the hacker. Of the five sites I created in Joomla on Godaddy's hosting, only one still exists and it doesn't use the JoomDonation module. Does the information from those dead sites still live in your server? Because JoomDonation was used on some of those sites and since they no longer exist, I have no way of going in and "cleaning up" the sites, as the hacker suggested.

Hi

Don't worry about this. The hacker just get the name and email from our users database and sent emails to all of you (even users who don't use our extensions or don't have any joomla sites at all). He did that just to threaten users, make them fear and move away from us.

We (joomdonation.com) is the target of this attack (not our customers). All customers sites are still safe and not being hacked like he said.


Regards,

Tuan

New Email from Hacker Today:

Hello corrall

Do you remember my last email about JoomDonation.com? It's me again

JoomDonation.com lied so much about what happened in their officialy statement. I have all of their database in my hands. Here you have a snippet of your won data:

Username: corrall
Email: fullemailaddress@
Password Hash: $2y$10$xG7ri8YvuT8i4hUuw25oq.UHptiSSqno7AU0herHkQztfP3BwCuEe
Registration Date: 2013-12-05 14:20:06
Latest Order Total: 34.99
Latest Order Transaction ID: 9K321324T2099641R
All Orders Total: 34.99
Tickets Opened: 1

If you think your password is safe then go to www.google.com/search?q=Hashcat .

I hacked JoomDonation.com thanks to their Document Seller component installed on their site so BEWARE, these components are vulnerable: Document Seller, Joom Donation, Event Booking, Eshop, Payment Form, Membership Pro.

A potential hole has also been found by Joomla team: http: //extensions.joomla.org/extensions/directory-a-documentation/downloads/18008

Do you want to see the JoomDonation.com database online? Here you have it twitter.com/jjleakss or follow the #joomleaks tag on twitter.

Did I said I've also hacked their mail system and have 40000 email transactions between you and JoomDonation.com ?

You've been warned, it's up to you to act or not.

Happy Cyber Monday!

JnLiau

Of course they have our details from the FIRST attempt into the hosting provider.

These people are relentless. They're actually just doing themselves a disservice if they are the competition. They've just proven that they will hack and spam. What makes them think that anyone would actually trust them enough to move over to them? :blink:

:huh:

Hi

Last night, we decided to publish full information about the security issue. Please look at joomdonation.com/forum/questions/45092-o...ty-announcement.html and you should see what actually happened.

We emailed customers ask them to change super admin username and password few days ago. If you submitted support ticket sending us super admin / FTP account of your site for us in the past and haven't changed it, please change it now

Regards,

Tuan