Hi,
One of my VPS servers was hacked.
This person was able to:
access my main cPanel account
change my contact email to a Yahoo email
change my server contact email to same Yahoo email
create a new account owned by root user with another Yahoo email address
I'm running WHM 10.8.0 cPanel 10.9.0-S80
Fedora i686 - WHM X v3.1.0
Have since changed my root password and the email addresses back, and deleted the new account.
Asked my VPS provider if they could have a look around, and also track down the IP so we can block it.
Amazingly, they said they cannot find the IP this person used.
I am no expert in such matters, but find this a little difficult to swallow.
Can anyone here help or know how?
Lastly, any cPanel exploit know that let's this happen?
Only thing I can think of is my password was 10 characters, and seem to remember cPanel had a problem with anything over 8?
Appreciate any help.
- Vince
One of my VPS servers was hacked.
This person was able to:
access my main cPanel account
change my contact email to a Yahoo email
change my server contact email to same Yahoo email
create a new account owned by root user with another Yahoo email address
I'm running WHM 10.8.0 cPanel 10.9.0-S80
Fedora i686 - WHM X v3.1.0
Have since changed my root password and the email addresses back, and deleted the new account.
Asked my VPS provider if they could have a look around, and also track down the IP so we can block it.
Amazingly, they said they cannot find the IP this person used.
I am no expert in such matters, but find this a little difficult to swallow.
Can anyone here help or know how?
Lastly, any cPanel exploit know that let's this happen?
Only thing I can think of is my password was 10 characters, and seem to remember cPanel had a problem with anything over 8?
Appreciate any help.
- Vince