It seems that the Hexonet retaiI website at Hexonet.net was hacked. Were domains stolen or not?
I noticed a tweet by Hexonet registrar (1API) saying: “Security monitor uncovered a security issue with our public website. All fixed and fully secure again. Read here.”
The Hexonet blog post says:
Security Notice – Action Required – HEXONET Account Username and Password
HEXONET’s regular security monitoring systems today uncovered a security issue with our website home page at https://www.hexonet.net. And after extensive investigation and analysis, the security issue has now been fixed and the HEXONET website is again fully secure. All affected HEXONET accounts holders from our analysis have already been contacted and we are working with them to rectify any remaining issues.
Precautionary Action Required – Change Account Password.
HEXONET’s underlying domain systems or main domain platforms were unaffected and remained secure and fully operational. As an additional measure of security for you, we request all account holders immediately change their account and roleID passwords.
During this weekend HEXONET support staff will be working to handle any inquires or questions you may have. Please feel free to email us at email@example.com
The blog post mentions nothing about a hacking incident but it does talks about affected customers so I assume that the security hole was discovered after the hackers entered the Hexonet website and did some damage. Are we talking about stolen domains, changed whois details or nameservers or something else? No details were given by Hexonet.
I know that Hexonet does not offer support during the weekends but this weekend the support staff will be working so this MUST be serious.
The post and tweet also implies that the API users that is the bulk of Hexonet’s business was not affected.
I just received a support ticket with the same details from the blog post and asking me to change my password. No more details were offered. I asked support and I am waiting for more news. I will keep this post updated.
Now please change your password at Hexonet.net.