|
||
|
26 August 2013 Cryptome Suspended for Service Violation (Then Restored)
From: nsiabuse <nsiabuse@web.com> Dear John, This is sent to inform you that we have reinstated your Network Solutions hosting service on 01938F7.NETSOLHOST.COM. We suggest that for security and to prevent future violations, you follow the following steps if you have not already done so: Update passwords for your account. This may include but not be limited to FTP, Database, Content Management System (WordPress, Joomla, Drupal etc) logins and so forth; Update any Open Source applications you use to the newest stable version; Keep your Open Source applications and any plugins/modules for them updated frequently; Look through the files on your hosting account and ensure there are no remaining malicious files (such as random named PHP, especially files with base64() or eval() encoding). If you have any questions regarding this specific Service Request, you can chat directly with our Technical Support team by clicking on the following link: http://ts.chatwithsupport.net If you have any other questions please visit our comprehensive support section at http://www.networksolutions.com/support/ or contact our Support Center and refer to Service Request 1-694036528 and a specialist will be happy to further assist you and ensure that we completely resolve your issue as quickly as possible. Thank You,
Technical Services Please do not reply to this email. Please call or use the "Help & Support" section in your Account Manager to open a new Support Request
From: "abuse@web.com" <abuse@web.com> Dear John, Network Solutions is committed to maintaining the highest possible security for your hosting service. As part of our ongoing monitoring, we have discovered that your usage of the hosting service is not in compliance with our Acceptable Use Policy. In order to protect other customers and the integrity of our hosting platforms, we have taken necessary steps to suspend your service until you have reviewed the information below and made the required updates that will allow us to reactivate your service: Your Network Solutions hosting service on 01938F7.NETSOLHOST.COM has been suspended due to hosting malicious content: http://cryptome.org/2013/08/jp-terrorist-files.zip [Mirror: http://cryptomeorg.siteprotect.net/jp-terrorist-files.zip ] This can be caused by code vulnerabilities in an existing content-management system (CMS) or other script that has been compromised. The most common cause is an outdated, hacked CMS such as Joomla, Drupal, or WordPress. To rectify this issue, you will need to secure your CMS. If your site is a CMS, you will need to update the code/script(s) via FTP. We will not enable web access for you to secure your compromised form(s) or site(s). If you can't update the site via FTP you will need to disable the site before we can lift any suspension, including removing ALL of the PHP content. We value you as our customer and we would like to be able to continue to provide services to you. Therefore, please review the steps below and proceed accordingly. You can then request to have your account re-activated by sending us an email that meets the following criteria after you have removed the files accordingly: The email must contain an explanation of why the violation occurred. If the violation occurred as a result of someone else's actions on your email or hosting platform, please provide the steps taken to secure your services to prevent future violations. If you are unable to take action due to the suspension, please indicate that you will resolve the issue as soon as possible once the suspension is lifted; The email must acknowledge that you are aware that such activity violates our service agreement; The email must contain a statement that you will refrain from future violations of our Service Agreement; You must refer to Service Request 1-694020630 in your email. Please email us at nsiabuse@web.com. Your letter must meet all of the above criteria. Due to the volume of requests, if your email does not meet the criteria referenced above, Network Solutions may reject your request without a response to you. If your account is re-activated, any further complaints that violate our service agreement may result in the immediate and permanent termination of your service. If you have any questions regarding this specific Service Request, you can chat directly with our Technical Support team. Please be aware that our chat team cannot and will not remove suspensions. You must follow the email process outlined above. This includes any requests to update a CMS (Joomla, WordPress, etc) site; you must remove the offending content via FTP and contact the abuse team accordingly. You can chat by clicking on the following link: http://ts.chatwithsupport.net If you have any other questions please visit our comprehensive support section at http://www.networksolutions.com/support/ or contact our Support Center and refer to Service Request 1-694020630 and a specialist will be happy to further assist you and ensure that we completely resolve your issue as quickly as possible. Thank You,
Tim Please do not reply to this email. Please call or use the "Help & Support" section in your Account Manager to open a new Support Request. From: sima jiro [mailto:]
Sent: Friday, August 23, 2013 4:03 AM Urgent Request of Removal Hello, Network Solutions' support team. I will make an abuse report to you. I found a ZIP file that contains lots of injurious contents (114 files) on a website named “Cryptome”, and I believe the administrator of “Cryptome” is your customer. The following URL is containing lots of personal information, such as names, DOBs, family structures, workplaces, phone numbers. And also containing lots of documents which are probably classified or confidential. http://cryptome.org/2013/08/jp-terrorist-files.zip This issue clearly violates Network Solutions' terms of use and I believe someone nasty or administrator of “Cryptome” intentionally uploaded this ZIP file on the website. The link to the above mentioned URL has been spreading to other internet bulletin boards, which made the information to be in the public eyes constantly. People whose private information has been exposed are now in very deep worry. Please investigate this issue and remove the ZIP file from your server as soon as you can. Due to the matter in concern contains extremely private information, I sincerely ask you to refrain from sending my request forward to your customer or administrator of “Cryptome” or the uploader of the ZIP file. Thank you for your kind consideration. Sima Jiro
|