A hacker who uses the online moniker “b0x,” an administrator of the MadLeets forum, claims to have breached the website of client management, billing and support solutions provider WHMCS.
E Hacking News informs that the hacker has uploaded an HTML file to the documentation section of the WHMCS site (docs.whmcs.com/images/b0x.html).
At the time of writing, the page uploaded by the hacker is still online. A mirror of the file is available on zone-h.org. It’s worth noting that the file appears to have been on the WHMCS site since January 12.
I’ve sent an email to WHMCS to see if they can provide any clarifications, but so far, I haven’t received a response.
In May 2012, WHMCS was targeted by members of the notorious UGNazi group. At the time, the hackers claimed to have attacked the organization because it provided services to scammers and cybercriminals.
Update. WHMCS representatives have provided the following statement:
“Our system admin team just evaluated the server and b0x.html had a timestamp dating back to 2012. At the current time it is our belief that this was the result of a previous vulnerability related to mediawiki and no defacement has taken place.
The MediaWiki software houses our documentation for WHMCS and does not have any hooks or sensitive data beyond public documentation for the WHMCS product.”