Last week, popular billing platform WHMCS found itself the victim of a breach that it labeled a “social engineering attack.” Now it appears that someone partly responsible could be in custody. According to a report from Softpedia, hacker Cosmo of the group UGNazi was apprehended by the FBI.
The same report also indicated that authorities took control of the website and Twitter account of Cosmo’s hacking group.
Data leaked through last week’s WHMCS attack pertained to 500 users accounts and amounted to 1.7 gigabytes. The hackers went so far as to breach the company’s Twitter feed to publicize the attack. Meanwhile, WHMCS.com was left inaccessible due to DDoS traffic.
Previously explaining the attacker’s methods, WHMCS developer Matt stated, “The person was able to impersonate myself with our web hosting company, and provide correct answers to their verification questions.”
“And thereby gain access to our client account with the host, and ultimately change the email and then request a mailing of the access details,” continued the statement. The company quickly alerted the FBI which actively joined the investigation.
A hacker speaking to Softpedia stated, “Well I’m sure he’ll be out soon and back to work. He’s been arrested before so it’s nothing new to him. Basically WHMCS called in the feds and now it’s been 9 days into the investigation and they got one of us. But we left no tracks which is why I’m sure he will be out soon.”
WHMCS is notable for being especially popular within the web hosting community. Features of the software include tax support, multiple currencies, multiple payment gateways, credit systems, automated reminders and more.