- This topic is empty.
-
Posts
-
Fact 1 : I signed up for Star Partner in June 2008. While signing up I supplied a unique email address that has only ever been given to Star Partner.
Fact 2 : Yesterday I received a spam email through that unique email address. The sender used a Russian email address, the subject was “And how would you ordered $2700?” (one of the dumbest Subject lines ever!) and the email message is related to winning $5000 at an online casino, it includes a casino name and a link (the link doesn’t match the casino name) but I won’t include them here since I don’t want to give them any extra promotion.
So, there is no doubt that this person has access to Star Partner’s affiliate details. The question is, how did they get those details.
Option 1 : Star Partner sold our details. I consider this very unlikely.
Option 2 : Star Partner sent the spam hoping to make a few $$ on the side. I consider this highly unlikely. Although recently I was reading a thread on this forum about spam that was sent from a single rogue ‘affiliate manager trainee’ (at BCP) who was sending unauthorized emails. But since the email I received seems to have links to Russia, I believe option 3 is more likely…
Option 3 : Someone has either hacked the Star Partner database, or has figured out a way of accessing the database without actually hacking, using methods such as cookie manipulation, sql injection, cross-site-scripting, etc… Personally I consider this the most likely option.
Unfortunately I found the same thing last year with Revenue Giants (see the thread http://www.casinoaffiliateprograms.com/bb/spam-problem-database-leak.27159.html?), in that case I eventually confirmed that it was a hacker since I found a link between the spam and a Russian hacker that was selling casino-related email lists… and Revenue Giants apparently searched their logs and found the exploit and fixed it…
Hopefully Star Partner will now do the same, find the exploit and make sure this doesn’t happen again… In the case of Revenue Giants they said the hacker only got the affiliate’s contact details and couldn’t actually access our accounts, but who knows if this is really the case, or if our payment details have also been compromised… I really don’t want hackers to know my Neteller details, or bank account details, etc… I am already having major problems due to hacker’s using my contact details to sign up for other programs. Security issues need to be taken seriously and fixed immediately!!!
edit : This is probably the same as the King Dice Casino spam from another thread : http://www.casinoaffiliateprograms.com/bb/king-dice-casino-spam.32867.html
Regards,
JamThank you for your email.
We have picked up that there was a security breach; we are still analysing the
extent of the breach and our developers are working around the clock to have
the exploit identified and to close the door.
As of now we are on a security lock down and have closed all ports that connect
from outside our domain. I have forwarded a copy of the TXT file to our tech team,
thank you for that information. I am certain that it will be of use to them.
Payments have been halted although the majority of the Ecash payments were sent
off yesterday already. I am currently reviewing the log files for all of the changes
that were made by affiliates over the past month and the remaining payments
will be released once this has been completed. I shouldn’t take more than a few hours.
At present we have indentified only 1 account of which details were changed and
I contacted the affiliate, we are confident that this is was the only account whose
details were changed but we will notify everyone if we detect anymore.
Thanks Conrad, please keep us updated, and let us know as much as possible when all the facts are known. Transparency goes a long way towards trust…
Well done Conrad on jumping on this as fast as you have. How long will this affect our affiliate payments? I know with the holidays there was a small delay but payments should have all been sent out now and I know I’m still waiting to recieve mine.
Oh, When you talk to your developers say this..
FOR GODS SAKE STORE MD5 PASSWORD HASHES NOT THE PASSWORD!
sorry but stupid security holes such as this are terrible.
graniteman;193094 wrote:Well done Conrad on jumping on this as fast as you have. How long will this affect our affiliate payments? I know with the holidays there was a small delay but payments should have all been sent out now and I know I’m still waiting to recieve mine.The balance of the payments should go out today, I will release each payment
after evey account is reviewed to confirm that any of the details loaded were
not a result from the breach.
