Si

Was just reading this:

http://www.affiliatecheaters.com/miscellaneous/nats

When did it happen?

Probably very old news but i was just browsing through it was quite an interesting read.

Ethersync

Here are a few threads I found....

http://www.gfy.com/it/794219-statement-regarding-nats-security-issue.html
http://www.gfy.com/fucking-around-and-business-discussion/794328-lot-epassporte-account-hacks-result-nats-security-holes.html

fris

pussy lips

__________________
Since 1999: 69 Adult Industry awards for Best Hosting Company and professional excellence.


WP Stuff

dial

there was never actually a "hack"

just a hundred chickens with their heads cut off running around acting like they knew what they were talking about

in reality it was a totally small deal that wasn't even all that newsworthy

__________________

crockett

Just search "NATs Hack" and I'm sure you will come across the thread.. Might wanna do a search for "pornograph" as well, because the owner of NATs also owned pornograph before it was also used by a "rogue" mystry someone to do mass installs on many sites.. including my own..

But hey it's all top notch bro's so it's all cool.

__________________
In November, you can vote for America's next president or its first dictator.

hypedough

Whoa f'ed up story there

__________________

Ricky D :: Hype Dough President | XBIZ.net | ICQ 172-939-826 AIM+Skype HypeDough | [NATS4]
Kayden420: ['09 '10 '11 XBIZ Nominee | Exclusive & HD] | ThePornScout: [Exclusive + Reality | Amateurs Want to Become Pornstars]

dial

not all that fucked up really

someone owned a site
they didn't want it anymore
they sold it
the new owners got malicious with it
the old owners are blamed
gfy is full of idiots

__________________

crockett

Maybe you should look into what the owner of the company whom took the installs said.. He claimed there was no "mysterious buyer" of that site and that it was JA himself whom did it. I'd assume the guy whom took the installs would know whom sent them and has publicly stated on another forum is was JA whom did it..

Think for 2 seconds.. you really think if he sold that counter and the buyer used it to fuck us all like he did, that he would have any reason to keep quiet about who bought it.

__________________
In November, you can vote for America's next president or its first dictator.

dav3

I got a weird email this morning from change AT toomuchmedia.com

Hello,

Since we have been very bad with the girls lately we are going to stop the activity for a few months to rethink the strategy .
We have a plan but this might involve lower payouts.You will be notified though.

Thanks for understanding


I was like, uhh what?

Perhaps this would be a decent place to see if it makes sense to anyone.

__________________

munki

__________________

Manowar

Teen dolls?

dav3

No, I'm not signed up with that one. I'm only signed up with a few that are not cams or dating. STFU Cash, Traffic Cash Gold, Incredible Dollars, HD Pays, Evil Angel, Score Cash, Perfect Gonzo, and Sex and Cash. Not sure which ones use NATS and which do not. I'm also not sure why I would get an email from toomuchmedia.com either.

I don't know, no biggie. Just seemed like an odd email and I figured some one else probably received the same one and had no clue about it either.

__________________

Ethersync

I wonder what site they are talking about.

SmokeyTheBear

huh , their main admin password was exposed and used to steal data from thousands of users, across many nats sponsors i would call that a hack

__________________
hatisblack at yahoo.com

dav3

idk

The subject line said "activity stopped till further notice".

__________________

Ethersync

weird...

TMM_John

Please don't spread misinformation.

__________________

Skype: JohnA1078
Too Much Media - Makers of the Industry's Leading Payite Management Platform, NATS!

Iron Fist

Oh man, not this shit again.

__________________
i like waffles

TeenCat

please tell the truth ... smokey is absolutelly right ... russians hackers wanted to hack one of thousands porn sites ... they got passfile, and ooops, there was nats admins pass ... it was working almost everywhere, but i cannot tell you more as i only read about it also ... doesnt matter what ttm says, this was the "hack"

__________________

borked

Some point prior to November 2007, somebody got a hold of the nats admin passwords for a large number of sites. This was used to harvest member email addresses on a daily basis. TMm were told about this, but did not wish to discuss the matter. Annoyed that tmm were seemingly doing nothing about it, certainlynot informing their clients, OC3 went public on this board with their findings.

Is that more correct?

You mentioned during that thread that an investigationwas underway. Did anything result from that?

__________________

For coding work - hit me up on andy // borkedcoder // com
(consider figuring out the email as test #1)

tranza

The link drop me in blogger.com, is it normal?

__________________
I'm just a newbie.

TeenCat

__________________

SmokeyTheBear

please tell me what part of what i said was misinformation ?

Was your admin username and pass exposed ?

Was it used to login to several nats sponsors and steal info from users ?

Didn't you come on gfy to verify your admin pass was compromised ?

Didnt several of your clients come on gfy and verify the compromised u/p was being used to skim info from their database ?

Isn't it true nats was aware of this compromise well before it was reported on gfy by your own admission ?

Isnt it true that even though you were aware of the compromise it wasnt until your clients reported this information on gfy that the usernames and passwords were changed ?

feel free to correct me if i am wrong , but thats how i remembered it ?

__________________
hatisblack at yahoo.com

natas

ooooooooh damn

HorseShit

a friendly bump for this thread

crockett

It was the guy on the grassy null.. It's just like the "mystery" guy that "supposedly" bought pornogragh.com and fucked over many of us here on GFY by using it to infect our websites with BS installs.

__________________
In November, you can vote for America's next president or its first dictator.

borked

Funny youtube clip

What I don't understand, though you may have a better understanding of the situation is why the programme that alerted TMM to this security breach, so that TMM could investigate it, was subsequently treated as second class customers, with ticket response times taking a nose dive.

Or it mayjust have been my imagination...

__________________

For coding work - hit me up on andy // borkedcoder // com
(consider figuring out the email as test #1)

Si

Very interesting sounds like a few people are still having problems or rants about the whole thing aswell.

So if I was to set up a program, what would be THE best way to do it, what system to use?

please don't say epoch or ccbill

borked

It depends how many sites and billers you have. If it's just 1, then CCBill (if you have CCBill that is)....

If you have multiple sites, and billers for cascades, then nats or mas is worth a look as they are easier to maintain/administer.

__________________

For coding work - hit me up on andy // borkedcoder // com
(consider figuring out the email as test #1)

KillerK

Bump for Porngraph! Can't believe we let him off that easy...

V_RocKs

Epoch or CCBILL...

SmokeyTheBear

i would say NATS is your #1 choice. That may sound strange considering the previous comments but hey hacks do happen, i dont appreciate being accused of being a liar by john and i dont think nats handled the situation appropriately but with that being said, i can see somewhat why it was mishandled ( in my opinion ). What it boils down to is NATS makes business sense and while i dont think nats handled the situation properly i dont think any nefarious deeds were done with ill intent by anyone at nats and hopefully they learned a lesson besides just the security risk associated with this particular problem.

__________________
hatisblack at yahoo.com

ladida

There's not a company mentioned in this thread that has not been hacked in one form or another in the past.

__________________
agentGFY *at* gmail.com

borked

PBucksJohn:

Is your investigation complete? After more than 14 months, I would assume so. Was anyone indicted?

Who headed the investigation btw, because I find it odd that programmes that were involved in the member rape were not contacted as part of the investigation. If they were, I could have given you some very interesting logs, IP addresses from an independent internal investigation. Also from that, a whole bunch of emails from (non-adult) server owners that were hacked (and their logs) to hide the hackers trail revealed quite a trail of destruction, with some extremely interesting endpoints.

All to harvest emails (and god knows what else).

Very very unfortunately, I don't have the authority to release this information publicly, because I'm sure a few people here could take the trail to completion and help you find the person responsible for this. I no longer work for the company that holds this information, but if you don't know who that company is (think "first contact"), I can put you in touch with them if you wish to re-open your investigation.

__________________

For coding work - hit me up on andy // borkedcoder // com
(consider figuring out the email as test #1)

lazycash

Lets get Minusonebit in here to clarify the matter.