M
MartinSIT
Guest
add:
there are some more questions... even if they dumped the database, i would imagen that the passwords are stored encrypted and not clean?
first: at least one of the hacked customers had a password 12 characters long, with numbers and alpha.. you can't brute force them in that short time!
second: another customer don't have plesk panel access! it is switched off in the controls. so even they have this password, it should not work because the control panel access is turned off!
in my opinion, it is to easy to say they used the database they dumped a few month ago!!
there are some more questions... even if they dumped the database, i would imagen that the passwords are stored encrypted and not clean?
first: at least one of the hacked customers had a password 12 characters long, with numbers and alpha.. you can't brute force them in that short time!
second: another customer don't have plesk panel access! it is switched off in the controls. so even they have this password, it should not work because the control panel access is turned off!
in my opinion, it is to easy to say they used the database they dumped a few month ago!!