I got an email from official QuickhostUK <[email protected]> email:
QuickhostUK hacked by WHMCS Killer
Email Title: Please note! QuickHost is Hacked!!!!!!!
QuickHost is Hacked By WHMCS Killer
For hosting customers, we have copied the complete data and need to restore the data. Please pay 100 USDT TRC20 to TF1MnFmmtkiTnab9h9rkYkwicDUw2FmELN
For VPS/physical server customers Please pay 300USDT TRC20 to TF1MnFmmtkiTnab9h9rkYkwicDUw2FmELN
Then please send information to [email protected]
We will send you a backup copy of your data within two hours of sending us an email after you pay.
Otherwise we will format the data within three days.
Then the home page of quickhostuk and the users dashboard both shows 404:
QuickhostUK vps homepage shows 404 after being hacked.
I contacted the support and also shared this in their discord channel, and the support says:
“We are aware of the email going around: Please note! QuickHost is Hacked!!!!!!! and had put our WHMCS client area into lockdown mode while we investigate.”
The hacker specifically asks for USDT at TRON (TRX), not BTC (bitcoin) or ETH (Etherum). That is a good ads for TRON. At the time of writing (2-3 hours after receiving the email), no transactions are received on the designated wallets owned by the hacker(s).
Anyway, this is an unfortunate event, but fortunately that i don’t have any vps running there any more (since 5 or 6 years ago).
I immidately logged in to QuickhostUK and removed the payment details (the credit card on file expired anyway, but I removed it just to be safe). I also turned on the 2-FA authentication.
Always a good advice: to backup your data in a separate place (distributed servers). The data is only yours if it has multiple copies, otherwise when it is gone, it is gone. Also, don’t put confidential information such as keys or passwords, as they might be leaked when someone hacks your server.
Quickhostuk Investigation
I hope QuickhostUK recovers soon this time.
AMP Version This post has 525 words.