when did this NATs Hack happen?
 

Was just reading this:

http://www.affiliatecheaters.com/miscellaneous/nats

When did it happen?

Probably very old news but i was just browsing through it was quite an interesting read.

Here are a few threads I found....

http://www.gfy.com/it/794219-statement-regarding-nats-security-issue.html
http://www.gfy.com/fucking-around-and-business-discussion/794328-lot-epassporte-account-hacks-result-nats-security-holes.html

pussy lips

there was never actually a "hack"

just a hundred chickens with their heads cut off running around acting like they knew what they were talking about

in reality it was a totally small deal that wasn't even all that newsworthy

Just search "NATs Hack" and I'm sure you will come across the thread.. Might wanna do a search for "pornograph" as well, because the owner of NATs also owned pornograph before it was also used by a "rogue" mystry someone to do mass installs on many sites.. including my own..

But hey it's all top notch bro's so it's all cool.

Whoa f'ed up story there :2 cents:

not all that fucked up really

someone owned a site
they didn't want it anymore
they sold it
the new owners got malicious with it
the old owners are blamed
gfy is full of idiots

Maybe you should look into what the owner of the company whom took the installs said.. He claimed there was no "mysterious buyer" of that site and that it was JA himself whom did it. I'd assume the guy whom took the installs would know whom sent them and has publicly stated on another forum is was JA whom did it..

Think for 2 seconds.. you really think if he sold that counter and the buyer used it to fuck us all like he did, that he would have any reason to keep quiet about who bought it.

I got a weird email this morning from change AT toomuchmedia.com

Hello,

Since we have been very bad with the girls lately we are going to stop the activity for a few months to rethink the strategy .
We have a plan but this might involve lower payouts.You will be notified though.

Thanks for understanding


I was like, uhh what?

Perhaps this would be a decent place to see if it makes sense to anyone.

:error:error

Teen dolls?

No, I'm not signed up with that one. I'm only signed up with a few that are not cams or dating. STFU Cash, Traffic Cash Gold, Incredible Dollars, HD Pays, Evil Angel, Score Cash, Perfect Gonzo, and Sex and Cash. Not sure which ones use NATS and which do not. I'm also not sure why I would get an email from toomuchmedia.com either.

I don't know, no biggie. Just seemed like an odd email and I figured some one else probably received the same one and had no clue about it either.

I wonder what site they are talking about.

huh , their main admin password was exposed and used to steal data from thousands of users, across many nats sponsors i would call that a hack

idk

The subject line said "activity stopped till further notice".

:helpme

weird...

Please don't spread misinformation.

Oh man, not this shit again.

please tell the truth ... smokey is absolutelly right ... russians hackers wanted to hack one of thousands porn sites ... they got passfile, and ooops, there was nats admins pass ... it was working almost everywhere, but i cannot tell you more as i only read about it also ... doesnt matter what ttm says, this was the "hack" :winkwink:

Some point prior to November 2007, somebody got a hold of the nats admin passwords for a large number of sites. This was used to harvest member email addresses on a daily basis. TMm were told about this, but did not wish to discuss the matter. Annoyed that tmm were seemingly doing nothing about it, certainlynot informing their clients, OC3 went public on this board with their findings.

Is that more correct?

You mentioned during that thread that an investigationwas underway. Did anything result from that?

The link drop me in blogger.com, is it normal?

please tell me what part of what i said was misinformation ?

Was your admin username and pass exposed ?

Was it used to login to several nats sponsors and steal info from users ?

Didn't you come on gfy to verify your admin pass was compromised ?

Didnt several of your clients come on gfy and verify the compromised u/p was being used to skim info from their database ?

Isn't it true nats was aware of this compromise well before it was reported on gfy by your own admission ?

Isnt it true that even though you were aware of the compromise it wasnt until your clients reported this information on gfy that the usernames and passwords were changed ?

feel free to correct me if i am wrong , but thats how i remembered it ?

ooooooooh damn

a friendly bump for this thread

It was the guy on the grassy null.. It's just like the "mystery" guy that "supposedly" bought pornogragh.com and fucked over many of us here on GFY by using it to infect our websites with BS installs.

Funny youtube clip :thumbsup

What I don't understand, though you may have a better understanding of the situation is why the programme that alerted TMM to this security breach, so that TMM could investigate it, was subsequently treated as second class customers, with ticket response times taking a nose dive. :(

Or it mayjust have been my imagination...

Very interesting sounds like a few people are still having problems or rants about the whole thing aswell.

So if I was to set up a program, what would be THE best way to do it, what system to use?

please don't say epoch or ccbill :(

It depends how many sites and billers you have. If it's just 1, then CCBill (if you have CCBill that is)....

If you have multiple sites, and billers for cascades, then nats or mas is worth a look as they are easier to maintain/administer.

Bump for Porngraph! Can't believe we let him off that easy...

Epoch or CCBILL...

i would say NATS is your #1 choice. That may sound strange considering the previous comments but hey hacks do happen, i dont appreciate being accused of being a liar by john and i dont think nats handled the situation appropriately but with that being said, i can see somewhat why it was mishandled ( in my opinion ). What it boils down to is NATS makes business sense and while i dont think nats handled the situation properly i dont think any nefarious deeds were done with ill intent by anyone at nats and hopefully they learned a lesson besides just the security risk associated with this particular problem.

There's not a company mentioned in this thread that has not been hacked in one form or another in the past.

PBucksJohn:

Is your investigation complete? After more than 14 months, I would assume so. Was anyone indicted?

Who headed the investigation btw, because I find it odd that programmes that were involved in the member rape were not contacted as part of the investigation. If they were, I could have given you some very interesting logs, IP addresses from an independent internal investigation. Also from that, a whole bunch of emails from (non-adult) server owners that were hacked (and their logs) to hide the hackers trail revealed quite a trail of destruction, with some extremely interesting endpoints.

All to harvest emails (and god knows what else).

Very very unfortunately, I don't have the authority to release this information publicly, because I'm sure a few people here could take the trail to completion and help you find the person responsible for this. I no longer work for the company that holds this information, but if you don't know who that company is (think "first contact"), I can put you in touch with them if you wish to re-open your investigation.

Lets get Minusonebit in here to clarify the matter.