Welcome to Laser Pointer Forums - discuss green laser pointers, blue laser pointers, and all types of lasers

Buy Site Supporter Role (remove some ads) | LPF Donations

Links below open in new window

FrozenGate by Avery

WickedLasers hacked!






Maybe I'm missing something...:thinking:
Why does this serve them right...

The only thing I can see is that they have a Security Problem...
They can now see the hole that needs to be plugged...
If they are smart... they will invest money to plug it... If not... Well...

If you are referring to their high prices on Lasers... do what I do..

But them elsewhere... Duh...

BTW... giving kudos to Hackers just encourages them to do even more harm...
and perhaps the next site they hit could be yours...

Just my
2c.gif


I just tested some links on their site.... they show a 404 error...


Jerry
 
Last edited:
Someone with a lot of experince.. wicked lasers would of had an awesome webserver and to hack that must of been pretty hard.. unless they are running a unix server which could be attacked may ways... not that i would know.. or would i? :D

Sure sure ...

BOB.PNG


:D

Sorry about the large image, you can't read it if I shrunk it for some reason ...
 
Someone with a lot of experince.. wicked lasers would of had an awesome webserver and to hack that must of been pretty hard.. unless they are running a unix server which could be attacked may ways... not that i would know.. or would i? :D

Doubtful. Slicehost is a VPS company, meaning if that Wicked employed an administrator that decided to use 5 character passwords on all the user accounts, it would have been easy.

The attackers could have gotten in several ways. Based on what I can see, they likely got control of either an FTP account or an SSH account. FTP is typically far less secure, so I'm leaning more toward that.

We've all griped about the prices Wicked charges and we get angry about the fact that people without much experience will buy from them instead of choosing other companies because they have more publicity. But nothing of that sort justifies hacking. I think it's incredibly unfortunate when something like this happens.

Hopefully, in the future, Wicked will employ administrators who know how to lock down a server. That means SSH on a nonstandard port with port knocking, no FTP or any unnecessary services, Linux distros designed specifically for server applications (i.e. distros with as few packages as possible to minimize the chance of a hacker using exploits), etc.
 
So, how many people's credit card numbers and personal info was/will be exposed? Kudos to the guy who did it; this temporary "loss of sales" should be somewhat of a "retribution" to those who have been ripped off...
 
I just hope who ever hacked WL isn't interested in money. If their site is this insecure the hacker could easily get anyone's credit card/ SS #/ and other info. It would suck for the people who ordered from WL.
 
I agree it's a pointless and childish thing to do.
Hmm I wonder how long its going to be down for?

Should we place bets? :)
 
Their host most likely has logging, so it wouldn't take long for them to figure out the whereabouts of their hacker ...
 
I agree it's a pointless and childish thing to do.
Hmm I wonder how long its going to be down for?

Should we place bets? :)

I doubt they will just put it back up when the hacker still has access. So in my opinion I think over a week.

They should have just changed all the prices to prove a point, they actually deleted all of the site. If they get CC numbers thats horrible, hopefully they only did it for fun.
 
not sure if you guys seen this but at the moment a lot of customer data is exposed... names addresses and phone numbers.
 
as of 1:00am Asian TIme (GMT+8) i think wicker laser is on the process of rebuilding their site..

exposed they are using Ubuntu system 5.7...

whoever hacked this site... is really good..

and credit card informations are unsecured..

look at the picture..

wickedlaserhacked.jpg
 
Last edited:


Back
Top