Public Press Release

2025-03-29

Understandably we are posting this on WHT because we have been a long time member of WHT and feel that all WHT members should hear it from Web hosting Network

As you may have already heard and discussed regarding HostRocket's unauthorized access to their billing information, Web Hosting Network has been also affected by this exploit.

So without re-divulging what HostRocket already discussed, I will try my best to give you some background behind the exploit.

About 2 weeks ago a host that was utilizing the program WHNBilling was hacked by a unknown person and this person gained full root access to all his servers, from what I understand by a password sniffer that was installed onto his system.

This host, not knowing what to do, allowed this person full root access to his server for as long as 2 weeks. Scared, he tired to meet the hackers demands, instead of contacting the authorities and Web Hosting Network. This host finally contacted us regarding the situation and we helped the host regain control of his servers by doing a total wipe of his hard drive and reinstalling his OS programs.

Unknowingly to Web Hosting Network, this hacker was able to gain full access to a early version of WHNBilling which showed the full source code, he was able to find a unknown exploit. At this time, we do not know if it was an actual exploit of WHNBilling or of PHP itself, none the less without pointing fingers, this person was then able to access our billing backend just as he had full billing privileges.

Many hosts running WHNBilling had later versions of WHNBilling which were encoded with Zend and also had a .htaccess file under the appropriate folders. We have already contacted all hosts actively running the software and patched their systems.

We would like to ask all members of WHT and SitePointForums for your understanding and our sincere apologies regarding this difficult situation for all involved..
Just for futher clarification, so no one points fingers the host that was hacked was neither HostRocket or Web Hosting Network

If you have any questions regarding this, please contact me at garyp@www-hosting.net or open a trouble ticket in our helpdesk at http://helpdesk.whnsupport.com