ruff

I am an affiliate of a program using NATS. My account has been hacked now twice. Once in November by that asshole in Canada and yesterday. Probably the same shitheel. Apparently a brute force password hack, although my password is 9 digits. The IP the hacker used is 162.219.176.58.

My question is, since I do not use NATS I don't know, does the NATS program have two factor login security? Does the NATS program allow the owner to limit login attempts? I should mention that I did not receive any notifications that there were account changes and I have them all set up.

Can someone just run a brute force attack on a NATS site until he gets a password? Oh, and by the way, my personal computer has not been hacked and the information did not come from me.

The real problem is all of my information is available now to the hacker including my social security number.

I would like to hear from the NATS people about their security solutions so I can inform this program how to tighten up their webmaster section.

__________________
CryptoFeeds

lucas131

maybe hacked email? if he reset pass, you dont need even know if he is fast. or bf is possible nats dont have ip blocking i think. stay safe

ruff

He didn't change anything this time. Last time he changed the payout name and address. Of course, I got a password reset sent to my email and got back in. I immediately received an email notifying of the password change. So go figure. Something is very wrong if someone can do as they please inside of a NATS affiliate page and I don't find out until I cannot login.

__________________
CryptoFeeds

lucas131

i mean, that if he is on your email, he can reset nats pass also. but if its only one program, it is more like the program is hacked

signupdamnit

It really is kind of ridiculous that in 2014 NATS still shows the whole SSN rather than just the last four digits. It's stupid. Legally I'm not sure if it would qualify as negligence if a major incident occurred. Possibly?

__________________

You don't like my posts? Put me on ignore or fuck right off. I'll say what I want.

ruff

I think it is hard to hack a Google email address, but I could be wrong. I think you are right about the program being hacked.

This is the same hacker fuck you can read about in this thread:
https://gfy.com/showthread.php?t=1124799

__________________
CryptoFeeds

ruff

That's is a fact. Also there should be some serious security solutions available to webmasters that use NATS if only to protect affiliates. I suppose NATS will be along in this thread to explain. But, for the life of me, I cannot imagine, in this day and age, that some one can use a brute force password attack on a program like this and get my password. If in fact, that is how they got in.

__________________
CryptoFeeds

AHarper

Sent this thread to Vlad from TMM. Guess he will respond soon

__________________
Bitcoin Webcams | Send your EU traffic here | Cheap Shared & Reseller Adult Hosting

freecartoonporn

__________________

SSD Cloud Server, VPS Server, Simple Cloud Hosting | DigitalOcean

HomerSimpson

I doubt he hacked account by using brute force attack than rather by hacking your computer, browser or email account...

__________________
Make a bank with Chaturbate - the best selling webcam program
Ads that can't be block with AdBlockers !!! /// Best paying popup program (Bitcoin payouts) !!!

PHP, MySql, Smarty, CodeIgniter, Laravel, WordPress, NATS... fixing stuff, server migrations & optimizations... My ICQ: 27429884 | Email:

ruff

I spoke to the program owner and he checked his server logs so no brute force attack. My computer and browsers have not been hacked. My email is handled by Google so doubtful that was hacked. I kept the password in my head. If the hacker requested a password reset, that would suggest he hacked my email address, but that has not happened. Any other ideas?

__________________
CryptoFeeds

ladida

Chances are high the program is hacked and the owner knows it but does not care.

__________________
agentGFY *at* gmail.com

ruff

I can't imagine that. A hacker could bring down his whole operation just by redirecting affiliate payouts. I agree the program may be hacked, but the owner may not be aware of it or is denying it. At any rate, I have heard nothing of simple basic security features to protect affiliates using NATS. I think I will go back to depending on CCBill programs for my affiliate work. At least hackers can't get my personal information handed to them on a platter there.

__________________
CryptoFeeds

dunhill

xss .