Sborg.us hacked and Database online

[ibby]

Heres a Quick way to Be Safe..

Just FUCKING change ur Passes, and close this thread.. shit

[Deadmau5]

Heres a Quick way to Be Safe..

Just FUCKING change ur Passes, and close this thread.. shit

+1

Its all sayed

[intensecool]

Had to read all the mess of 12 pages before posting this :

1. Mr Happy should be named Mr Worried after this,, thanks to him for all help he did.

2. To sBorg Team,

As an owner of this thing and as the coders , you guys know what infos you had saved in that database and in what type, may be instead of everyone poking and finding from DB, you guys should come forward to reveal everything what has happened, what has been leaked, what may have been lost so your clients can take actions ASAP.

And that was the dumbest thought ever of the crew saying :

Mass emailing will get us banned.

Your 1 mistake or may be we can call this misfortune has leaked out so much of private infos.
You should be worrying about informing them rather then getting banned for mass emailing.

[Smith]

I never thought people would link their login info for sBorg in tickets > filehost accounts. Not to mention IPs, emails, names, etc.

But then again even if they do change your password on filehosts you can change it back via email, happened to me once actually, thank god for "verify before changing mail/password"

So try not to get heard attack.

You better start mass changing passwords people...

[CyberHacker]

Your wrong. (I can do annoying fonts too)
Their are usernames and passwords leaked too along with paypal, alertpay and moneyborker details like emails. These are contained in the support database. The things you list are only in the client database but that is not the only DB leaked.

I posted proof of usernames and passwords earlier and managed to gain access to people's websites. Gavo gained access to 3 different websites and others have gained access to file host accounts. Just look at what WaffeSS posted above.

So what i never said there where no password leeks,

I already looked in the support db and yes i did see lot of passwords

But like i already said before those are the default passwords

People change the password from there sborg page then the file saves the password in encrypted format

Thats the reason when you ask the support to recover the password

They tell you to remove the file which resets the password but also removing all the account info

And i never said people's websites cant be hacked from this, That's the reason i said to remove the sborg script if they are using it on there own domain

Look buddy i dont work for the sborg, I am jest trying to help

Both our styles may be different but we both are

Trying to do the same thing do u agree ?

I find there is no point in this, I know sborg staff didn't do right

They should have told everyone soon as they knew but they may had there reasons, Whatever it was i think there is no point arguing about it

[soft2050]

Isn't this the time to close the thread now? This thread was created for telling other people about the hack! But now The sBorg team has already sended notification to all the user about the hack and also published in the main website!

sBorg team should have told about the hack and its consequences! They should have got the lesson now <-- Thats the only mistake i think sBorg team did!

People trolling here with comments like 'they suckz at security ....' should be knowing that everything could be hacked and mistakes are done by human beings only not bots

It was user responsibility that he used same password, given right name ... knowing the fact that he is going to use the script for illegal purposes!

[deAthbLisS]

Well People who are making a login/checking the sborgs/sites..
good peoples can still make a difference.

when you log in.. just goto the setup page and clear all the accounts details and save.
so that the next user can only make a login and do nothing..

atleast We can protect the filehost accounts.. from getting leaked.

if the email is there mail them, ping them on msn etc..
create awareness rather than just sitting on the laptop/computers and watching people getting hacked

[SaKIB]

Here is a tutorial

Link removed.

[nichole]

That's why you shouldn't be using a public script

[LuDo8]

@SaKIB is that a filipino site with instructions on how to use it?

By the way, I never recieved any emails, and I have two accounts with Sborg..not in spam box either.

Anyways, I've done the following:

-Changed Sborg login password + removed all Filehost details
-Changed all Filehost passwords
-Changed VPS password
-Changed Wordpress Site password
-Changed Sborg Forum password

Luckily with my Sborg forum account I used "testingtest" for my password which is NOT a password for anything else I have on the internet. But I changed that to something new again not used by any other accounts.

Does that cover all the bases? Anything else I should look into? Thanks.