Whats with the exoclick.com hack email?
 

wtf is this?

It looks like you would hit the delete key, and move along with your day?

:helpme

from what im reading is that this guy has a problem with exo for freezing his account. He hacked exoclicks and has ALL the info about all their affiliates. That means he also has all my information aswell.

Why would i want to move along when my information can get exposed?

wtf.

Feng is nub :1orglaugh

Um it looks like the data base got hacked if you follow those links on that page

sounds legit, have luck everyone :upsidedow

yeap so ALL the affiliates their information (iban,swifty,paypal,paxum etc) is in the hands of this hacker....

sounds like he's mad and looking for a little payback

Damn , i understand the guy is made, but what the point to make trouble to the other client

Hey Fengwu if your client like us, perhaps it would be better for all of us if you pulled out the link on the topic and just let people discuss...

Dought it will make any diff as it looks like he has the users email addreses which he is using to send out this info

looks like it :Oh crap

Well im concern about all GFY got access to this list..

Well all Exoclick members who get an email from him will have access to it and anybody else he wants to send the info to on the web, its a bit late to worry about it now and anyway looking at the passwords they are encoded

Well that your opinion, certainly not mine. People on the list have no gain to publish that list.. anyway we cant stop all info to go on the web, but at least if we could avoid publish it here, you can avoid some potential problem...

I just had a look at some of those screenshots and it does show user login names, thier real names, addresses the company ID's and tel no. I think Exoclick need to get in here quick smart

Why would you publicly post this?

I got that message too.

Wonder whats going on?

Exoclick got hacked.

The most interesting part is that he claims he has proof that Exoclick is cheating it's customers.

With all the info and database dumbs and screenshot he already posted there is no doubt that this guy hacked Exoclick and had full access to their databases and all info.

Ugh.
Has this been taken care of yet?

The OP removed the link but the guy has been sending out emails to Exoclick users with the link and he does have all the info up on a site. He also has a password to access info about credit cards, paypal ect on the site

Hi Everyone,

About 6 months ago, ExoClick has been under heavy attack, from pretty nasty DDOS to all sorts of attempts to hack our servers or take them down.

Fortunately, we have a very high performance infrastructure and these attacks never took us down.
Unfortunately, one of their blind SQL injection attack got successful and they were able to fetch encrypted passwords as well as other information we have in our database. During all this time, he has been trying to blackmail us in all sorts of ways.

It appears the last thing he could do is to hurt our reputation and contact our clients about it.

To all our clients, please, rest assured your account is 100% safe. We have taken all necessary measures to prevent this type of issues in the future and to protect ExoClick clients. After the incident, we also hired a company expert in online security to audit our platform and make sure there was no other possible flaws.

I sincerely and personally apologies for this. And I apologies for any inconvenience that this might have caused you. Believe me we are taking this very seriously.

If you have any questions or doubts, please don't hesitate to contact me personally.

Best,
Benjamin.

You can see the hacker used super simple SQL injections to get access, meaning that they were using non-escaped querystring in the SQL - which is like one of the most basic security measures these days... At least they did seed the user passwords.

Well all personal and bank information of all users is public already now...

Nice quick repsonce and I hope you can find the idiot who did it

That's not going to help anything, he emailed the link to 10,000s of users from the exoclick database already.

Nice quick response??

6 months too late. They should have informed their users as soon as it happened. Especially because of the sensitive personal and bank info that has been compromised!!

Not all of it is yet. He had the banking info for Exoclick users password protected and all the users passwords are encrypted anyway , but whos to say that he wont start pasting it all over the net if he doesent get want he wants and if they do give him what he wants whos to say he wont keep on doing it.

I hope Exoclick can find this idiot :2 cents:

Im talking about a responce on the board

exactly. how are all accounts safe when there is db dump online? come one exoclick, are you serious? you cannot hide the fact that all users info is out behind any words :2 cents:

and please, how can someone who hacked 82k of users, be an idiot? :) :error

I have an Exoclick account and got no email...

Because anybody who trys to blackmail a company by hacking into their users data base is an idiot

Are you doing anything to go after the guy behind this? Do you know who he is?

:2 cents:

I didn't get the email. Where is the link?

we need to know what exo is going to do about this.

Same someone get it to me please.

PLEASE, dont spread the email, if you received it, please keep it for yourself.

Exoclick is a victim with all their clients, even if its long time ago and everyone concerned had their password changed, spreading this info wont do any good to anyone on top of the blackmailer and other hackers and scammers who will use it and potentially harm the people on the list, people that can be your friends, partners, affiliates or just part of our community.

rogue email admin