TOPIC: Hacker Email Notifications

A couple of days ago, some DT extension users received the following email from a "hacker":

Hello, I’m the one who has hacked all of your sites, emails, accounts etc. that has been using dthdevelopment.com site/components. Scaring? Hell Yea I have hacked code for all dthdevelopment.com extensions, DT Register DT Donations DT Invoice Dt menu All using these extensions are now hacked. HA HA HA HA HA Yea Yea I know you all have scanners, firewalls, admin tools etc installed on your server/site but you what? F*ck em all. They’re just noob tools. Think about, I’ve injected my own shells into any Joomla sites and none of you or your magic tools have been awared of. WARNING: You have 5 days to clean up your sites then my bot will start putting your sites down. If your site was not so valuable for me, removing the components would be enough. If so, then I will most probably blackmail you soon Want an advice from a hacker? Don’t use any script from dthdevelopment.com developers, their code is so crappy This email was sent to all www.dthdevelopment.com users. We’ll meet again soon.

Here is our official response which is about to go out via email also:

By now some of you have received an email with the subject "dthdevelopment.com IS HACKED!!!!!!" and this email went out on November 29, 2014. The content of the email stated that all customers using extensions from DTH Development are at risk because this person has created a hack of DTH extensions and customers using DT extensions have 5 days to clean up your sites or they will start bringing your site down. The full email can be found here.

We take threats like this very seriously and we have been spending the last few days performing forensic analysis with our hosting provider. It appears that someone hacked into one of our demo DT Register installations and was able to retrieve a partial list of users and their emails. Users who received this email at some point had been using our demo environment to test and try our software and this email was not originated from our live DTH Development site. However, we still recommend that all customers should change their Super Admin accounts on their systems and if those credentials are used for other purposes such as FTP, change those too. We also suggest making a backup of your site. Finally, this is an email that has affected at least one other Joomla software vendor and was not specific to DTH Development only.

We will be working with our hosting provider to help us increase securing all of our installations on our website. Our extensions don't have an issue. Also, we don't store any payment information at all on any of our websites so no payment information has been exposed. We do recommend for any clients that are running a version of one of our extensions to update their installation regularly. If you have not done that for a while it would be good idea to do so. If you need to purchase a new license we are offering a promo code (CyberMonday2014) that will save you 35% on your purchase as a way to thank you and to provide some relief for any inconvenience this event has caused.

We thank you for being a loyal DTH Development customer.

Best Regards,
DTH Development