NATS hacker?

[SheepGuy]

Just got this email, can't remember ever making a sale with these guys, but thought I'd pass it on. I don't visit a lot of boards so I hadn't heard of it

Hi Dan,

Dave from SterlingCash.com here - you may have already heard about the situation regarding a compromise of data from sponsors who use NATS. If not, it's all over the webmaster boards so if you want a very long read, I'm sure you know where to go.

At this point it isn't clear if our data has been compromised or not, but we are going to assume it has and react accordingly.

As far as we see it, the worst case scenario is that our affiliate and member databases have been accessed by a hacker using a NATS admin account which is reserved for use by the NATS tech team. We disabled this account as soon as this issue was brought to our attention, and we have changed passwords on our other admin accounts.

The affiliate data we hold is the information you may have entered when you signed up with us: your name, address, email address, and your ePassporte account name (but NOT your ePass account password). The password for your Sterlingcash.com account is not available via the NATS admin interface, but it is encrypted on our server. It is therefore unlikely (but not impossible) that your Sterlingcash.com password has been decrypted, so we suggest that you change your password as soon as possible. It would also be wise to change the passwords you may have on any other online accounts if you are using the same username / password combination. Please note that we use an email validation system for any affiliate account changes - we ask that anyone who has received any unexpected account change verification emails contact us immediately.

We will be working closely with the NATS techs on this issue and will be in touch again if there are any new developments or useful information we can pass on to you. Don't hesitate to contact me if you have any questions.

Please accept my apologies for any inconvenience caused, and enjoy the holidays!

Regards,

[T Pat]

I got one last night from another sponsor:
RagingBucks Affiliate:

Due to the recent NATS exploit that has been brought to our attention, we would like to advise all of our affiliates to change the password they use for our affiliate program. If you use the same password for any other sites, such as epassporte, please change your password on all of those sites as well.

This is a wide spread problem that affected many sponsors that use NATS. If you are an affiliate of any other sponsors that use NATS we would advise you to change the password you use for those sites as well. We are working with NATS to make sure a problem of this nature does not happen again in the future. Your privacy is of the most importances to us and we wanted to bring this matter to your attention.

If you would like to read more about what has happened and NATS' public statement go to:

http://www.gfy.com/showthread.php?t=793881
http://www.gfy.com/showthread.php?t=794219

If you have any questions please feel free to contact me.

[DangerDave]

Fucking Nats!

[tigermom]

Thanks for the heads up! Does that mean all nats sponsors have been compromised?

[Bobc01]

Fuck sake, nothing is ever safe.

Thanks for the info.

[Toby]

Quote:

Originally Posted by tigermom

Thanks for the heads up! Does that mean all nats sponsors have been compromised?

I doubt that ALL nats sponsors have been compromised, but any that had not already disabled the admin password that TMM used for updating and maintaining nats installs is/was vulnerable.

It appears that TMM's internal database of these admin logins was compromised. The fact that this information was even web accessible is appalling. A serious fuck-up by TMM, compounded by the fact that they knew there was some kind of 'hacker' problem many months ago and failed to inform ALL of their clients.

I spent a fair amount of time yesterday checking my account info for all sponsors I've signed up with that use nats. Not exactly how I'd planned to spend several hours yesterday.

"Fucking Nats!" is right. I think CCBill's new cascading solution may have a few additional clients after this fiasco.

[JustRobert]

I received one from Island Dollars as well.
I already hate NATS and this is just adding to it. I probably now need to go thru all fucking accounts and change passwords just to be safe. Hours of fucking joy joy. This may be the time I need to look at the poor converting NATS (nearly all) sponsors and remove them even if they owe me money.

[Toby]

Quote:

Originally Posted by JustRobert

...I probably now need to go thru all fucking accounts and change passwords just to be safe...

and a couple more things just to add a little extra cheer to your pre-holiday Sunday...

Changing your pass is a waste of time until the individual programs have taken the necessary steps to lock down their NATS admin. Being a long holiday weekend, I'm guessing that it will take some programs until the middle of the week to get this done. The ones that you've not heard from regarding this issue are the ones to be concerned about.

If you use the same user/pass combos elsewhere, you'd best be changing all those passes too.

Have a nice holiday

[Cleo]

One of the thing that I do in case something like this happens is use a different user ID and password on each program.

[JustRobert]

Toby, did not think about the ones I have not heard from yet. Thanks for mentioning that. Either way, probably should check them all out and then will have to go back later when they lock their system down. Yep, a little extra cheer.

Thankfully I do not use the same user/pass combos.

[koolkat]

Quote:

Originally Posted by Toby

The ones that you've not heard from regarding this issue are the ones to be concerned about.

And I haven't got a notice from a single fucking one! Just wonderful!

[stuveltje]

i just got an email from jaymancsh about that nats issue.

[Toby]

Quote:

Originally Posted by stuveltje

i just got an email from jaymancsh about that nats issue.

Yup, and kudos to them for already having their shit locked down months ago.

[stuveltje]

Quote:

Originally Posted by Toby

Yup, and kudos to them for already having their shit locked down months ago.

yep thats what their email said, because of their email i checked the gg board about the nats thing, because i didnt heard shit about it before and most of my sponsors are nats users........i hate those issuesmore clusterfucks in my world now.

[T Pat]

Dear Webmasters,

It has just come to our attention that the NATS user admin login (software provider) that is stored may have been compromised.

Your personal data is important to us and as a precaution, we suggest you change your fetishassets password.

If you have any questions, or need any help doing this. Please email me at: mick@fetishassets.com and I will be happy to help.

Kind regards,

Mick Derbyshire.
www.FetishAssets.com

[JackDaniel's]

Damn I hate this .... most of my sponsors use nats too

[bluebrit]

I need to check my stats for nats sponsors now. I don't think i ever did any good with them and now may be the time to call it quits. As for user names and pw's i have to go check them all out because i haven't had a single email about this.

[SheepGuy]

I'm one of those dumbasses who used variations of the same user/password combo so I switched all of my non-NATS passwords today, as well as those few NATS sites that I actually see checks from. I never liked their pain-in-the-ass interfaces anyways, and since they basically suck as far as earners go, I won't bother with them for any new ventures.

[Porn Junkie]

i'll second the notice from jaymancash, thank god i don't use many others.

killing my entire night checking sponsors

[tigermom]

What exactly is it that they can retrieve about me? There's nothing I give out to a nats sponsor that's too secret, I think. It's not fun, for sure, and a breach of my privacy, but I'm not sure how it can hurt me exactly.

I never use the same login/password for anything, so they can't access my epass or paypal accounts or my servers or anything.

[T Pat]

Dear Patrick,

As I am sure you are all aware by now either from monitoring webmaster communities or from multiple sponsor program e-mails there is a potential security breach issue involving all programs who use NATS software to manage their affiliate programs. We are not going to BS you and tell you that we are not affected by any of what is going on because the simple truth of the matter is that at this time we are unsure as to the effect this "breach" has had on our system.

We can tell you that we do monitor our affiliate program very closely and have not noticed anything out of the ordinary at this point; however, it is not improbable that an issue could have occurred and has not been revealed to us at this point. We are working around the clock with NATS and our server company to review activity through our admin access and will notify you of any changes that come to light.

We do, however, highly recommend that all affiliates take this opportunity to log in and change their login password to safeguard the security of your account. We recommend affiliates do this on a regular basis anyway but this situation gives us all a reminder to stay on top of password changes.

As for our responsibility please be assured that we are working through the holidays to keeps tabs on this situation, we have already put IP blocks up and limited access to our admin area and continue to take all other safeguard measures recommended to maintain security of our affiliates and our program.

Sincerely,
Vegas & Angel

MadMoolah.Com
ICQ: 243-499-827

[JustRobert]

Quote:

Originally Posted by tigermom

What exactly is it that they can retrieve about me? There's nothing I give out to a nats sponsor that's too secret, I think.

I thought the same as I was going thru my sponsors last night. I came across a couple that show your social security number (US webmasters) on the same page as your address, name and epassporte info (if you use them). That is enough info to make someones life miserable in the wrong hands. Sorry, but I do not remember which ones.

[T Pat]

I can only change three or four passwords before I feel like breaking something and go on to something else, at this rate it will be New Years by the time I'm done.
Fucking NATS is right

[Useless]

Quote:

Originally Posted by T Pat

I can only change three or four passwords before I feel like breaking something and go on to something else, at this rate it will be New Years by the time I'm done.
Fucking NATS is right

I did two this morning, so I've had my fill. I wish they could globally change everyones' password instead of having us login and do it ourselves. I'll never see a cent from most of those programs, so I'm not overly concerned if some devious fucker logs in and changes my payout info. |shocking|

[stuveltje]

i think i just drop all nats sponsors, i dont like to change things and with all the info i have readed about nats now and before i think its no good to use them.