Datalek(ken)

[Cospamedia]

Onlangs dit bericht via een van mijn sites ontvangen. Zijn er meer wm'ers die een dergelijk bericht hebben ontvangen? Het IP adres van de afzender is 84.19.165.213 en zit ergens in Duitsland of Polen. Heb inmiddels een melding neergelegd bij APG (Autoriteit Persoons Gegevens) ivm meldplicht volgens de sinds 01-01-2016 geldende wet 'Meldplicht Datalekken'

Dear sir/madam

I am Martin a specialist on websecurity from the wwwanalysis.com team,
we provide professional web scanning, and security, the reason that i am writing this email to you,
is because we have found a vulnerability in your website, that allows someone with malicious intent
to take data from the database like usernames,passwords this kind of vulnerability allows the attacker to take
whole control over the website, if you need a Proof of Concept feel free to contact us at team@wwwanalysis.com
or if you prefer skype : faneq123
if you dont need our service, you dont have to do anything since our intentions were good
we didnt damage anything, or changed any data, as this is not our intention
we just hope you get this fixed as possible, to protect any user data.


PROVE:
version()=5.5.31-log
db_name: cospa_koets

if u want i can send u the admin password with your permission, if your will prove that you are the admin owner of the site.


Regards Martin from http://www.wwwanalysis.com team

[Nelly]

Onlangs dit bericht via een van mijn sites ontvangen. Zijn er meer wm'ers die een dergelijk bericht hebben ontvangen? Het IP adres van de afzender is 84.19.165.213 en zit ergens in Duitsland of Polen. Heb inmiddels een melding neergelegd bij APG (Autoriteit Persoons Gegevens) ivm meldplicht volgens de sinds 01-01-2016 geldende wet 'Meldplicht Datalekken'

Dear sir/madam

I am Martin a specialist on websecurity from the wwwanalysis.com team,
we provide professional web scanning, and security, the reason that i am writing this email to you,
is because we have found a vulnerability in your website, that allows someone with malicious intent
to take data from the database like usernames,passwords this kind of vulnerability allows the attacker to take
whole control over the website, if you need a Proof of Concept feel free to contact us at team@wwwanalysis.com
or if you prefer skype : faneq123
if you dont need our service, you dont have to do anything since our intentions were good
we didnt damage anything, or changed any data, as this is not our intention
we just hope you get this fixed as possible, to protect any user data.


PROVE:
version()=5.5.31-log
db_name: cospa_koets

if u want i can send u the admin password with your permission, if your will prove that you are the admin owner of the site.


Regards Martin from http://www.wwwanalysis.com team

Ik heb ook zo'n mail ontvangen op 16 januari

name: WWWAnalysis.com

username:

bquestion_type: IMPORTANT hole in klikduviveltje.nl

message_type: Hi,

I am Martin the specialist web vulnerable analyst from wwwanalysis.com team,
We provide professional web scaning, and security, i am writting to you,
as we have found a hole in your website that allow the 3rd person to take data from
database like usernames,passwords..., that kind of vulnerability allow attacker to take control of whole website.
If you need proofs just contact with us at team@wwwanalysis.com or skype: faneq123.
If you dont need our service we will just walk away and leave it like it is.
We wont damage anything, or change the data, as its not our point. We want just
help your service to improve it and protect user data.



PROVE:
version()=back-end DBMS: MySQL 5.1.62
db_name: klikduivel_gpt
@@hostname: kwhs023.emailmarketinggroep.nl

I just took info about db there is way to get all users/passwords/tables/cofnigs etc.. but i dont want to check that without administrator permission,
if you want more info contact me as soon as posible, that kind of vulnerability is really dangerous

Regards Martin from http://www.wwwanalysis.com team



-------------------------------
Sender Info:

COMPUTER ID:
USERNAME:
IP/PROXY: 217.114.213.133/"';forw - o;"'via;

Frappant is wel dat er vanmiddag iemand heb proberen in te breken op duiveltje
DATE TIME: 01/20/2016 17:35
FAILED PASSWD: vastelaovend
REQUEST: /scripts/admin/index.php
COMPUTER ID:
USERNAME:
SESSION SECURITY: N/A
IP/PROXY: 185.93.181.125/"';oXf - o;"'via;


Groetjes
Nelly

[extra]

Ik krijg zo veel van dit soort mailtjes.
Helaas is mijn Engels vrij. k..... en gooi alles in het buitenlands meteen weg.. Snap het toch nie

[Amadee]

Onlangs dit bericht via een van mijn sites ontvangen. Zijn er meer wm'ers die een dergelijk bericht hebben ontvangen? Het IP adres van de afzender is 84.19.165.213 en zit ergens in Duitsland of Polen. Heb inmiddels een melding neergelegd bij APG (Autoriteit Persoons Gegevens) ivm meldplicht volgens de sinds 01-01-2016 geldende wet 'Meldplicht Datalekken'

Dear sir/madam

I am Martin a specialist on websecurity from the wwwanalysis.com team,
we provide professional web scanning, and security, the reason that i am writing this email to you,
is because we have found a vulnerability in your website, that allows someone with malicious intent
to take data from the database like usernames,passwords this kind of vulnerability allows the attacker to take
whole control over the website, if you need a Proof of Concept feel free to contact us at team@wwwanalysis.com
or if you prefer skype : faneq123
if you dont need our service, you dont have to do anything since our intentions were good
we didnt damage anything, or changed any data, as this is not our intention
we just hope you get this fixed as possible, to protect any user data.


PROVE:
version()=5.5.31-log
db_name: cospa_koets

if u want i can send u the admin password with your permission, if your will prove that you are the admin owner of the site.


Regards Martin from http://www.wwwanalysis.com team

Hier ontvangen i.v.m Meergeldmails maar was bluf, meteen de vuilnisbak in dit soort mailtjes.