MBuilder - Premium Email Builder Extension For Mailwizz

Extension is working fine for me, i already got a new client satisfied,
I need a better performance and another details that occurs when editing,

but its pretty very good for me!
 
Today, when I tried to get into the administrative part MailWizz, I saw this! Thanks to the developers mbuilder for the security hole !!!!! ((((
 

Attachments

  • 2017-08-31_09-49-51.png
    2017-08-31_09-49-51.png
    16.5 KB · Views: 19
I got a weird behaviour from another member of this group with the email :

roldan.thalia13@gmail.com

This guy supposed from italy asked for an account in my website, i didnt give him anything but what i figure out then is that person from that email is in this group And also got this extension ...
 
Today, when I tried to get into the administrative part MailWizz, I saw this! Thanks to the developers mbuilder for the security hole !!!!! ((((
Same thing here, if you find any further info before me please let us know in this thread.
Thank you in advance.
 
Ok for me this seems to be like a Revenge from someone who knows very well mailwizz And also knows who of us use mailwizz And what are our websites...
 
You guys got hacked from someone that is in yours unknown clients that you gave access lately,

Please share that info!! You guys most have suspicious request access to mailwizz that you guys provide lately , this is very important to everyone
 
This only proves that we have a hacker in this community, and he's for sure reading this...

This is very unrespecfull to everyone here, ruins everyones works including twisted and everyone around!!

What a Genius!!
 
This is disgusting, obviously this is a hacker that stays on the developer side of this community !!

:mad:
Please stop spamming this thread mate, I know you're trying to help but please. It keeps sending notifications.
Already created a ticket in mBuilders site as well, I'll post here in case there is something new to share.

And since we do not have access to our admin panel, it's not possible and actually not legal to share random emails in a public thread.
 
Please stop spamming this thread mate, I know you're trying to help but please. It keeps sending notifications.
Already created a ticket in mBuilders site as well, I'll post here in case there is something new to share.

And since we do not have access to our admin panel, it's not possible and actually not legal to share random emails in a public thread.

the problem here is bigger than your ticket!!
 
With MailWizz general quality, I am sure @twisted1919 is doing regular security audits (e.g. also via CodeCanyon), so it is pretty safe, however, total security at all times is impossible to guarantee, since new vulnerabilities could be found in future.

The question is if any software that works together with mwz (e.g. custom made one) is also audited to make sure it does not add holes where there were none to begin with.

To be safer, you can put a long pssaword (18 chars) on the whole site (before anyone can access it, but keep the deep links working e.g. for unsubscribe/tracking, so test carefully).
After that, only your registered users (or those who got their site pwds) could be the actors (see IPs). Hence, some regular pwd change might be good, just as many other sites do encourage.
 
Last edited:
Today, when I tried to get into the administrative part MailWizz, I saw this! Thanks to the developers mbuilder for the security hole !!!!! ((((
@Jatin Sahani - should know about this since it was a security issue in mbuilder where the files were not checked at uploads.
I also provided guidance in how to fix the given security error, which is very serious.
He should have fixed it by now and notify all customers, since again, that's a serious thing.
 
I got a weird behaviour from another member of this group with the email :

roldan.thalia13@gmail.com

This guy supposed from italy asked for an account in my website, i didnt give him anything but what i figure out then is that person from that email is in this group And also got this extension ...

Yes same email. I gave access. He uploaded a php filemanager via the image upload and that was the end of the story. Hacked.
 
@Jatin Sahani Apparently the support section of mBuilder gives away too much info. The hacker is obviously an mBuilder user if not even the developer. A large portion of the mBuilder code is obfuscated, a technique similar to malware. I get a notification every time someone creates a support ticket. I can view the profile of the user. In the profile I can see website where mBuilder is installed as well as license key. All attacker needs is a customer account to access mbuilder and upload the payload. He already has a list of all mailwizz installations running mBuilder from the support section.
 
@Jatin Sahani Apparently the support section of mBuilder gives away too much info. The hacker is obviously an mBuilder user if not even the developer. A large portion of the mBuilder code is obfuscated, a technique similar to malware. I get a notification every time someone creates a support ticket. I can view the profile of the user. In the profile I can see website where mBuilder is installed as well as license key. All attacker needs is a customer account to access mbuilder and upload the payload. He already has a list of all mailwizz installations running mBuilder from the support section.

Exactly Thank you!!
 
@Jatin Sahani Apparently the support section of mBuilder gives away too much info. The hacker is obviously an mBuilder user if not even the developer. A large portion of the mBuilder code is obfuscated, a technique similar to malware. I get a notification every time someone creates a support ticket. I can view the profile of the user. In the profile I can see website where mBuilder is installed as well as license key. All attacker needs is a customer account to access mbuilder and upload the payload. He already has a list of all mailwizz installations running mBuilder from the support section.
Exactly Thank you !!

Yes tthis is the guy who hacked the filesystem ! We need to confirm this.. with more cases..
 
Back
Top