Tempest - I can guarantee you, Topbucks never sent you one email. I STRONGLY suggest you send a copy of 'that' email or any email that you got with the account specifically to them to support. I will point them to this post either way.

No program has sent an email ever. That's the beauty. If you're at that stage that you receive email on the account, your data has already been traded. Hackers hack you and share info with their fellow hackers. Then spammers buy from hackers. So, when you start receiving spam on a dedicated email to a program, you're already few months behind the hackers.

:1orglaugh:1orglaugh

Like I said, inflated opinion of yourself. You really need to learn how to be more humble. As it stands, you've neither busted my bubble or changed my opinion of you. You're still an arse ....

The amount of wrong information, assumptions, and completely wrong accusations here is astounding.

This will be my last post in this thread and possibly on this board. I am tired of people running around saying whatever they want and there being no repercussions for it. It is ridiculous and I'm not going to sit here and argue with them.

This fully appears to be a compromised password list. It is not an "exploit" in the software. It is not Fred spamming your members, etc. We have changed our policy so that we no longer maintain ANY passwords to ensure this does not happen via us ever in the future. We are also continuing to implement other protective measures.

Those of you who have actual valid feedback and comments I appreciate them. Anyone is welcome to contact us regarding this with their questions or concerns and we will be further communicating directly with our clients about it.

However as to dealing with the people who make their living making things up about other people, I'm done here.

Yep, threatened to sue me, and thats really all i am going to say here. OC3 has done a lot of work to help resolve this issue for our clients but our clients deserve most of the credit for helping us to find the problem. And for the record, when john said to me " I need yours and OC3's lawyers info, I twice told him that my cell number is in the thread about the issue, and invited him to call me. He never did.

Just a simple statement that my momma taught me along time ago

Why does the farmer let the fox fix the whole in the fence?

Im not IMPLYING ANYTHING here guys ....
Just looking at the POSSIBILITY not any facts here at all

and john why is it immediatly blame on all your customers servers and no blame at all on yourself? Im just looking at all this here and I see alot of people having a problem INCLUDING US .......

And im seeing you blaming us and our servers/hosting its easy to point a finger.....

ANYWAYS THAT IS ALL I HAVE TO SAY....

What a total wanker you are!

Quickbuck uses Nats and they said this? wtf

RazorSharpe - I have an idea, want to hit me up?

LOL wow
I cant believe you just said that....

ladida - I understand your points and as it stands with the NATS issue, my least concern is the emails right now. Don't bash me for it, but I think there's a SHITLOAD more to be worried about right now than emails.

As for the Topbucks issue - I have reasons for wanting him to contact them so they can log it even if we're a few months behind.

I guess we are all working through the holidays :Oh crap

Wasn't bashing you, wasn't my intention, just informing you, and other in the thread that are all so alerted and worried now.

And it gets even funnier with John's suicidal PR heh. :)

OK i forgot one thing. In my last thread on this from a few months ago (http://www.gfy.com/showthread.php?t=779742) I urged OC3 customers to call me directly, but If any of you running NATS are bamboozled on how to fix this please just email our support [email protected] and we'll be happy to help you. I am not here to say anything about the developer, I am just offering to help fix the issue. Same as I was before.

ladida - no I didn't take it as a bash just was saying that since mailing is the last thing that's concerning me right now ;)

:helpme burying their heads in the sand

wow this is one hell of a thread....all I can say is wow....

the whole industry is crooked....i better get a bigger piece of the pie quick before those sharks eat it all.

Just some friendly advice...

You might really think about this twice before you let your ego get into the way :2 cents: - as this REALLY is the LAST thread where this is to be used / needed in.

You do realize how many programs are affected and just about HOW many affiliates sensitive data, not even hinting at all the Members data.

So will you please reconsider and show some support here, oh and also, please FIX THIS MESS.

Considering that I, amongst others will have to deal with my stolen Identity and Data now, and change a lot of info because of it, you might probably imagine, that I will NOT enter any new data into ANY NATS install anymore before this is not 110% fixed and secured.

Maybe you can get a little sense of actually how "happy" I am about all this.
And I'm just an affiliate (of many).

I'm sure you'll do the right thing, John - this time.

Thanx,
Steve

OC3 goes above and beyond for their clients

:thumbsup

Two questions....

1. Was the same admin account metinioned in this thread valid for all/most NATS installs?

2. Was there a way for a NATS program owner (or employee) to get the password of this admin account?

If the answer to both questions is yes, there was no need for any exploit or hacking.

---

BTW you probably wouldn't believe how many affiliate programs have serious security holes. It has happened so many times in the last years that we got access to admin data while analyzing the affiliate stats of an affiliate program in order to add it to StatsRemote.

Just a few weeks ago we had a case with a big program (non adult). While querying the referral stats we made a mistake and sent the wrong parameters. The result was a page with a list of more than 1000 affiliates including all their info and total earnings of the last years.

Most of the times companies fix it right away after we let them know but we also had cases when they just didn't seem to care :error

I don't really know what to believe here...

http://www.gfy.com/showthread.php?t=671565 looks very much like a hack to me, which is especially targeting NATS installs / DB's

And from the feedback that RazorSharpe wrote, that banning the account in question did not help also suggests a backdoor, or some kind of undetermined access to add / restore logins.

The worst that can be done here is to cover this up, or try to shut helpful people up with threatening with lawyers etc.

Yes, it doesn't look good on NATS, but I'd rather see this fixed with support of ALL sides, as GFY does have some pretty bright / talented people on board and in the End to have the TRUST in NATS be restored / re-established than all of this being covered up / taken lightly.

Been reading this on and off during the day and what comes through is the fact that NATS were alerted by threads on the boards. They did not take the necessary action then and it seems a drama thread got the right response. So John consider that before you flame people.

Also GFY is not the centre of the Adult Internet, there are many big programs and sites with NATS who do not post or follow the boards, especially GFY.

So has this been spread around other boards? You ask why, well the answer is simple. Has anyone told NATS about the problem earlier by submitting a ticket to them and what was the response?

If the answer is YES, then NATS should consider getting their lawyers working on this.

These ips keep getting posted that are from The Planet, so does this mean the person doing it is using a proxy that's hosted @ The Planet, or has their program on a server there?

Probably already being done, but perhaps The Planet would assist in tracking down whoever/whatever is doing it. Seeing the amount of logins, etc, then makes sense that a bot/program of some sort is doing it, so that program/bot needs to be found.

probably just one comprimised server of many, if the guy is any smart the trail won't end just there...

But yeah, it would be a step into the right direction to actually find the guy.

I think the issue is that this was brought up many months ago on different boards, and not actually dealt with, nor were customers told to check as a precaution. That's bad.

wow this is still going. hope some issues got resolved for those affected.

You people are blaming the wrong Company... NATS has a protection system built in, straight in the admin - config section.

This isn't a NATS exploit - it's an exploit on programs that didn't use the NATS features to protect itself properly.

Every program, db, software, script.. all of it is hackable and with 100's of people using NATS it's going to be VERY targeted. Don't blame NATS, blame the damn programs - it's their fault for not using the protection and got exploited.

I banned the user yesterday
still logging in today


67.19.188.250 - 2007-12-22 10:26:30
67.19.188.250 - 2007-12-22 04:26:27
67.19.188.250 - 2007-12-21 22:26:38
67.19.188.250 - 2007-12-21 18:56:46
67.84.12.95 - 2007-12-21 18:32:27
67.84.12.95 - 2007-12-21 18:32:06
67.19.188.250 - 2007-12-21 16:26:34
67.19.188.250 - 2007-12-21 10:26:44
67.19.188.250 - 2007-12-21 04:26:28
67.19.188.250 - 2007-12-20 22:26:39
67.19.188.250 - 2007-12-20 19:01:25
67.19.188.250 - 2007-12-20 16:26:36
67.84.12.95 - 2007-12-20 12:49:39
67.84.12.95 - 2007-12-20 11:45:32
67.19.188.250 - 2007-12-20 10:26:32
67.19.188.250 - 2007-12-20 04:26:29
67.19.188.250 - 2007-12-19 22:26:39
67.19.188.250 - 2007-12-19 19:02:09
67.19.188.250 - 2007-12-19 16:27:00
67.19.188.250 - 2007-12-19 10:26:57
67.19.188.250 - 2007-12-19 04:26:53
67.19.188.250 - 2007-12-18 22:27:03
67.19.188.250 - 2007-12-18 18:27:13
67.19.188.250 - 2007-12-18 16:27:05
67.19.188.250 - 2007-12-18 10:27:02
69.94.70.187 - 2007-12-18 04:26:58
65.110.53.100 - 2007-12-17 18:25:48
65.110.53.100 - 2007-12-17 16:27:06
65.110.53.100 - 2007-12-17 10:27:02
65.110.53.100 - 2007-12-17 04:26:59
65.110.53.100 - 2007-12-16 18:25:57
65.110.53.100 - 2007-12-16 16:27:04
65.110.53.100 - 2007-12-16 10:27:00
65.110.53.100 - 2007-12-16 04:27:13
65.110.53.100 - 2007-12-15 22:27:09
65.110.53.100 - 2007-12-15 18:26:00
65.110.53.100 - 2007-12-15 16:22:25
65.110.53.100 - 2007-12-15 10:22:21
65.110.53.100 - 2007-12-15 04:22:17
65.110.53.100 - 2007-12-15 02:19:28
67.84.12.95 - 2007-12-14 17:51:59
67.84.12.95 - 2007-12-14 17:47:03
0.0.0.0 - 2007-12-14 04:26:58
0.0.0.0 - 2007-12-13 22:27:09
0.0.0.0 - 2007-12-13 18:26:36
0.0.0.0 - 2007-12-13 16:27:05
0.0.0.0 - 2007-12-13 10:27:02
0.0.0.0 - 2007-12-13 04:26:58
0.0.0.0 - 2007-12-12 22:27:08
0.0.0.0 - 2007-12-12 18:27:06
0.0.0.0 - 2007-12-12 16:27:05
0.0.0.0 - 2007-12-12 10:27:02
0.0.0.0 - 2007-12-12 04:26:58
0.0.0.0 - 2007-12-11 22:27:08
0.0.0.0 - 2007-12-11 18:24:03
0.0.0.0 - 2007-12-11 16:27:05
0.0.0.0 - 2007-12-11 10:27:01
0.0.0.0 - 2007-12-11 04:27:01
0.0.0.0 - 2007-12-10 22:27:20
67.84.12.95 - 2007-12-10 18:33:54
0.0.0.0 - 2007-12-10 18:25:04
0.0.0.0 - 2007-12-10 16:27:01
67.84.12.95 - 2007-12-10 14:51:06
67.84.12.95 - 2007-12-10 14:45:45
67.84.12.95 - 2007-12-10 14:38:23
0.0.0.0 - 2007-12-10 10:27:00
0.0.0.0 - 2007-12-10 04:26:53
0.0.0.0 - 2007-12-09 22:27:01
0.0.0.0 - 2007-12-09 18:25:20
0.0.0.0 - 2007-12-09 16:27:12
67.84.12.95 - 2007-12-09 16:12:43
0.0.0.0 - 2007-12-09 10:26:58
0.0.0.0 - 2007-12-09 04:27:19
0.0.0.0 - 2007-12-08 22:27:27
0.0.0.0 - 2007-12-08 18:24:37
0.0.0.0 - 2007-12-08 16:27:37
0.0.0.0 - 2007-12-08 10:27:30
0.0.0.0 - 2007-12-08 04:27:32
0.0.0.0 - 2007-12-07 22:27:27
0.0.0.0 - 2007-12-07 18:23:38
0.0.0.0 - 2007-12-07 16:27:41
67.84.12.95 - 2007-12-07 14:07:32
67.84.12.95 - 2007-12-07 13:28:26
0.0.0.0 - 2007-12-07 10:27:28
67.84.12.95 - 2007-12-07 09:26:17
0.0.0.0 - 2007-12-07 04:27:27
0.0.0.0 - 2007-12-06 22:27:44
0.0.0.0 - 2007-12-06 18:21:23
0.0.0.0 - 2007-12-06 16:27:30
0.0.0.0 - 2007-12-06 10:27:34
0.0.0.0 - 2007-12-06 04:27:25
0.0.0.0 - 2007-12-05 22:27:45
0.0.0.0 - 2007-12-05 18:24:34
0.0.0.0 - 2007-12-05 16:27:46
0.0.0.0 - 2007-12-05 10:27:52
0.0.0.0 - 2007-12-05 04:27:36
0.0.0.0 - 2007-12-04 22:27:40
0.0.0.0 - 2007-12-04 18:26:32
0.0.0.0 - 2007-12-04 16:27:28
0.0.0.0 - 2007-12-04 10:27:25
0.0.0.0 - 2007-12-04 04:27:19
0.0.0.0 - 2007-12-03 22:27:22
0.0.0.0 - 2007-12-03 18:24:05
0.0.0.0 - 2007-12-03 16:27:27
0.0.0.0 - 2007-12-03 10:27:27
0.0.0.0 - 2007-12-03 04:27:19
0.0.0.0 - 2007-12-02 22:27:32
0.0.0.0 - 2007-12-02 18:29:20
0.0.0.0 - 2007-12-02 16:27:25
0.0.0.0 - 2007-12-02 10:27:25
0.0.0.0 - 2007-12-02 04:27:16
0.0.0.0 - 2007-12-01 22:27:29
0.0.0.0 - 2007-12-01 18:25:23
0.0.0.0 - 2007-12-01 16:27:34
0.0.0.0 - 2007-12-01 10:27:36
0.0.0.0 - 2007-12-01 04:27:27
0.0.0.0 - 2007-11-30 22:27:36
0.0.0.0 - 2007-11-30 18:22:11
0.0.0.0 - 2007-11-30 16:27:35
0.0.0.0 - 2007-11-30 10:27:31
0.0.0.0 - 2007-11-30 04:27:30
0.0.0.0 - 2007-11-29 22:27:33
0.0.0.0 - 2007-11-29 18:21:12
0.0.0.0 - 2007-11-29 16:46:29
0.0.0.0 - 2007-11-28 18:20:21
0.0.0.0 - 2007-11-27 18:19:36
0.0.0.0 - 2007-11-26 20:31:03
0.0.0.0 - 2007-11-26 18:19:43
0.0.0.0 - 2007-11-25 18:24:23
0.0.0.0 - 2007-11-25 16:27:32
0.0.0.0 - 2007-11-25 10:27:31
0.0.0.0 - 2007-11-25 04:27:29
0.0.0.0 - 2007-11-24 22:27:31
0.0.0.0 - 2007-11-24 18:23:20
0.0.0.0 - 2007-11-24 16:27:32
0.0.0.0 - 2007-11-24 10:27:48
0.0.0.0 - 2007-11-24 04:27:47
0.0.0.0 - 2007-11-23 22:27:40
0.0.0.0 - 2007-11-23 18:21:11
0.0.0.0 - 2007-11-23 16:27:38
0.0.0.0 - 2007-11-23 10:27:33
0.0.0.0 - 2007-11-22 18:21:38
0.0.0.0 - 2007-11-22 18:10:34
0.0.0.0 - 2007-11-22 05:12:32
0.0.0.0 - 2007-11-21 23:12:42
0.0.0.0 - 2007-11-21 18:59:17
0.0.0.0 - 2007-11-21 18:22:03
0.0.0.0 - 2007-11-20 18:21:07
0.0.0.0 - 2007-11-19 22:40:38
0.0.0.0 - 2007-11-19 18:21:15
0.0.0.0 - 2007-11-18 18:16:07
0.0.0.0 - 2007-11-17 18:14:50
0.0.0.0 - 2007-11-17 14:06:53
0.0.0.0 - 2007-11-17 09:56:00
0.0.0.0 - 2007-11-16 18:15:12
0.0.0.0 - 2007-11-15 18:16:50
0.0.0.0 - 2007-11-15 09:56:16
0.0.0.0 - 2007-11-15 08:15:08
0.0.0.0 - 2007-11-14 18:18:05
0.0.0.0 - 2007-11-13 18:17:59
0.0.0.0 - 2007-11-13 16:17:26
0.0.0.0 - 2007-11-12 18:20:17
0.0.0.0 - 2007-11-12 16:00:30
0.0.0.0 - 2007-11-12 09:21:28
0.0.0.0 - 2007-11-12 07:04:37
67.84.12.95 - 2007-10-30 11:38:41
67.84.12.95 - 2007-10-30 10:43:03
67.84.12.95 - 2007-10-29 19:43:57
67.84.12.95 - 2007-10-29 18:59:22
67.84.12.95 - 2007-10-26 19:45:01
66.118.176.86 - 2007-10-26 18:51:22
0.0.0.0 - 2007-10-26 16:28:16
66.118.176.86 - 2007-10-26 10:32:06
66.118.176.86 - 2007-10-26 04:28:06
66.118.176.86 - 2007-10-25 18:22:52
66.118.176.86 - 2007-10-25 16:28:37
66.118.176.86 - 2007-10-25 10:35:50
66.118.176.86 - 2007-10-25 04:28:31
66.118.176.86 - 2007-10-24 22:28:36
66.118.176.86 - 2007-10-24 18:21:52
66.118.176.86 - 2007-10-24 16:28:26
66.118.176.86 - 2007-10-24 10:28:25
66.118.176.86 - 2007-10-24 04:30:24
66.118.176.86 - 2007-10-23 22:28:27
66.118.176.86 - 2007-10-23 18:20:56
66.118.176.86 - 2007-10-23 16:28:02
66.118.176.86 - 2007-10-23 10:28:03
66.118.176.86 - 2007-10-23 04:29:26
66.118.176.86 - 2007-10-22 22:28:09
66.118.176.86 - 2007-10-22 18:33:29
66.118.176.86 - 2007-10-22 16:28:25
66.118.176.86 - 2007-10-22 10:28:20
66.118.176.86 - 2007-10-22 04:29:35
66.118.176.86 - 2007-10-21 22:28:21
66.118.176.86 - 2007-10-21 18:25:00
66.118.176.86 - 2007-10-21 16:28:36
66.118.176.86 - 2007-10-21 10:28:18
66.118.176.86 - 2007-10-21 04:30:06
66.118.176.86 - 2007-10-20 22:28:21
66.118.176.86 - 2007-10-20 18:21:06
66.118.176.86 - 2007-10-20 16:28:06
66.118.176.86 - 2007-10-20 10:28:03
66.118.176.86 - 2007-10-20 04:30:31
66.118.176.86 - 2007-10-19 22:28:11
66.118.176.86 - 2007-10-19 18:25:30
66.118.176.86 - 2007-10-19 16:28:27
66.118.176.86 - 2007-10-19 10:28:18
66.118.176.86 - 2007-10-19 04:30:02
66.118.176.86 - 2007-10-18 22:28:32
66.118.176.86 - 2007-10-18 18:22:41
66.118.176.86 - 2007-10-18 16:28:31
66.118.176.86 - 2007-10-18 10:28:27
66.118.176.86 - 2007-10-18 04:30:03
66.118.176.86 - 2007-10-17 22:28:33
66.118.176.86 - 2007-10-17 18:22:25
66.118.176.86 - 2007-10-17 16:28:33
66.118.176.86 - 2007-10-17 10:28:28
66.118.176.86 - 2007-10-17 04:29:45
66.118.176.86 - 2007-10-16 22:28:37
66.118.176.86 - 2007-10-16 18:22:26
66.118.176.86 - 2007-10-16 16:28:15
67.84.12.95 - 2007-10-16 10:39:01
66.118.176.86 - 2007-10-16 10:28:11
66.118.176.86 - 2007-10-16 04:29:42
66.118.176.86 - 2007-10-15 22:28:16
66.118.176.86 - 2007-10-15 18:23:09
67.84.12.95 - 2007-10-15 17:26:10
66.118.176.86 - 2007-10-15 16:28:31
66.118.176.86 - 2007-10-15 10:28:32
66.118.176.86 - 2007-10-14 22:28:38
66.118.176.86 - 2007-10-14 18:19:59
66.118.176.86 - 2007-10-14 16:28:35
66.118.176.86 - 2007-10-14 10:28:30
66.118.176.86 - 2007-10-14 04:30:03
66.118.176.86 - 2007-10-13 22:28:36
66.118.176.86 - 2007-10-13 19:26:43
66.118.176.86 - 2007-10-13 18:27:33
66.118.176.86 - 2007-10-13 16:28:23
66.118.176.86 - 2007-10-13 10:28:20
66.118.176.86 - 2007-10-13 04:29:49
66.118.176.86 - 2007-10-12 22:28:34
66.118.176.86 - 2007-10-12 18:27:16
66.118.176.86 - 2007-10-12 16:28:19
66.118.176.86 - 2007-10-12 10:28:13
66.118.176.86 - 2007-10-12 04:29:41
66.118.176.86 - 2007-10-11 22:28:25
66.118.176.86 - 2007-10-11 18:15:20
66.118.176.86 - 2007-10-11 16:28:17
66.118.176.86 - 2007-10-11 10:28:18
66.118.176.86 - 2007-10-11 04:28:55
66.118.176.86 - 2007-10-10 22:28:25
66.118.176.86 - 2007-10-10 18:15:06
66.118.176.86 - 2007-10-10 16:28:26
67.84.12.95 - 2007-10-10 16:09:28
82.199.118.23 - 2007-10-10 15:03:32

Wow what a complete asshole you are, i was considering using NATS for my new program, no way in hell i will be now with someone like you running th company.

GFY troll lynch mob strikes agan.

Guess what - no one cares.

Move on to your next target.

If you had this problem you need to... Change EVERY admin password, flip the TMM account to not have admin access, then IP lock your system down.

The guy had access to everything, changing the TMM password will not correct this.

Glad I don't use that shitty software.

Sucks for all of you program owners getting fucked by this asshole

I just posted by popular request what we know about this issue

http://www.gfy.com/showthread.php?t=794159

If a program get's hacked, it is the program owners responsibility to notify anybody that has had the slightest possibility that their data was stolen. Doesn't matter if it's because of NATS or not. There are laws in the US & from what this thread said the UK too, where you're suppose to contact anybody and everyone that had the possibility of their data being stolen.

Any data gets stolen, a company should make a statement. I know I would want to know, atleast then I could change my password to my affiliate account.

Fuckhead.:2 cents:

I sincerely wish to thank you guys
for this critical information...

Thanks
Tom

and here's my input, not accusing anyone, just something to look into for all NATS users:

splitfinity posted this in 2006:

http://www.gfy.com/showpost.php?p=11184768&postcount=26

on gfy theres user "k0nr4d" http://www.gfy.com/member.php?u=78744 with the signature

:upsidedow

I would not be too quick to accuse people of being a lynch mob. I have information from respected sources (that have not said jack in this thread) that this is just the tip of the iceberg.

You could still limit it by IP range. I'm sure your ISP has a limited range they assign to you when you log on, and it's doubtful that the hackers are using the same ISP as you.

I'm not saying that should relieve TMM of their responsibility to you, just saying that if you want your data secure in the meantime that's one way to do it.