Verotel hacked passes?...
 

We use Verotel on 4 of our paysites along with Pennywize and a few other billers.
This morning we've have an unusually high amount of Pennywize emails informing us of abused accounts - all Verotel ID's and from all 4 different sites.
We get a few abused accounts most days but as i say, today is getting a lot from only Verotel ID's - more than we've had in the last few months.
Anyone else getting this?

Hey, hey...

Chances are it's Verotel. On their end.
I dumped those cheeseheads last week.
Or, it could be on your end. I know 100% for sure that mine were hacked, somehow, on their end.

http://www.gofuckyourself.com/showth...hreadid=235941

It is possible to hack the older version of Verotels' add/remove password
scripts (verotelrum.pl). People do actively scan for that script,
as evidenced by server logs of sites I have seen.
It is quite possible that the breach occurred through
verotelrum.pl on your server.

Also, due to the way Vertoel chooses usernames, Verotel usernames
and good targets for brute force attacks. Pennywize's
brute force detection is broken in so far as it does not acount
for open proxies, which most brute force attackers use nowadays.

For optimal security, you should update verotelrum.pl
to the latest version and have a security aware tech take a
look at your script configuration and related items.
Also you may wish to replace pennydumb's suckurity based
on 1998 methods with something up to date and far more
secure, such as Strongbox.

Interesting link - thanks

Good post :thumbsup