I think a lot of Epassporte account hacks have been the result of NATS security holes
 

Think about how many people reported money stolen from their Epass accounts, saying they had no spyware/trojans on their PC.

I think it could be because of the NATS security holes.

If people used same login/password for their affiliate program accounts and their Epassporte account, i can see how easily money could have been be stolen.

Epassporte didn't have anything to do with it, but a lot of people blamed them.

epass is to blame for the nats hack!

if you use epass
you're a scammer
simple as that.

and u'r one dumb motherfucker for trusting epass with your money.

Blame Canada

If people used same login/password for their affiliate program accounts and their Epassporte account, they're fucking retarded and should have their money stolen.

:2 cents:

so 90% of the adult industry are scammers...

the same 90% that controls 10% of all joins ??

yes if u use epass as your payout method, you're a scammer and should not be trusted.

agreed

hope more money gets stolen out of people's epass accnts

you're an idiot.

voice of an epass scammer ?

Man this is scary, you might be right. Maybe it was NATS.

and you are a fucking noob.... shall i list all the companies that pay me by epass? i guarantee they are bigger that 90% of all the programs out there...

Webmaster, Epass, Biller, Admin, ect. Passwords are not available within the NATS admin area, all they/we see is ********.

The ONLY passwords they would be able to get a hold of with Admin access are member passwords.

The only place the passwords are stored are in the DB and it is encrypted. So the chances that your pass has been decrypted is very slim.

I can't speak for all programs but I can speak for mine, our DB was NOT compromised. Heck neither was our admin area, thanks to my host!

Ray

Why are you so sure of that?

come suck my balls epass scammer

slavdogg
Registered User
Join Date: Jan 2001
Posts: 2,350

slavdog this is uncalled for.

I use epassporte for my sponsor payouts. And I am honest person.

Because when you log into nats admin you dont see them and the only place you can get them is in the DB. This hack targeted the admin area only. Again, i speak for my program when I say our DB's have deff. NOT been hacked and im pretty sure this is the case for most other programs as well.

Admin area does not mean DB, simple.

Ray

I meant why you were so sure that the DB can't be hacked.

Iven John has admitted it was very possible.

Even the Pentagon is hackable right? In this particular case the admin area was compromised. I spoke to many program owners last night and they all confired with their hosts that their DB's had not been hacked.

In THIS particular case.

How do they know if their DBs were hacked or not?

There are sponsors who say that full DB dumps were made by the intruder.

There is no way for the sponsors to know what happened to the stolen DBs.

wow im really sorry to hear that! If they indeed were able to get a db dump just by having admin access I really hope these sponsors get their hosts to secure there db's a little better. Its bad enough that they had admin access, but db access to, fuck! :(

Jet - not every program was hacked or compromised.
Some hosts are very diligent with their security and what access they allow on their servers. We are amongst some mighty happy clients of Swiftwill today and very very very thankful of their diligence.

Wow that sucks. The sponsors that had their databases wripped also had some serious security issues, unrelated to the current NATS security problem. They really do need to get their hosts to lock things down better :2 cents:

:1orglaugh:1orglaugh:1orglaugh:helpme

lawsl you kids silly kids

DING DING DING......Surfer alert.

Epass works perfectly for me. I guess it's a few dimwits who have their money stolen (by giving their epass passwords to "epass reps" on msn!)

Funny coming from someone who started such an ignorant thread. Passwords are encrypted in nats as well as database information. The "hacker" who was snagging access via the nats admin couldn't even retrieve the encrpyted password string of an affiliate account to try and decrypt it.

Never the less, epassporte passwords are not even stored in nats.

dipshit.

Because the database password is not configurable via the admin and the encrypted string for the database password isn't even available via the admin for the "hacker" to try and decrypt it. Plus 95% of the time mysql databases are either IP restricted for access _or_ restricted solely to localhost for access.

A clever hacker could find at least a few ways to extract the passwords from the admin area. :2 cents:

The problem is, that some people may have used same password for nats as they used for epassporte. It's not very smart, but it's very possible that some users would actually do that.

if that was the case i hope their epass accnts got cleaned out.

Stop hackers dead - use SwiftWill. :)

yeah, everyone who uses epassporte is a scammer :1orglaugh :helpme :Oh crap

Very good point Jet

hahah..

GFY is always entertaining. Now we have surfers calling out industry legends that they think are surfers


:1orglaugh:1orglaugh:1orglaugh