Jump to content

Recommended Posts

Hi,

We are a small Swedish SaaS-vendor with an email marketing solution called EditNews.

The past month our platform has been exploited for malicious use.

We offer a self-service upgrade process, as is common with SaaS-solutions.
A combination of honey traps and captcha has, until now, been effective at keeping bots and the like out.

During August a number of trial accounts were created, and then subsequently upgraded to a paid tier. These accounts have then started sending spam and phising emails.

The offending accounts have been terminated, and any links previously used in a phishing attack have been redirected from the malicious sites (which were hosted outside of our control, most being hacked WordPress-sites from what we could see) to our company homepage. 

Now we have completely turned off trial accounts and self-service upgrades, until we can get a reliable solution in place that guarantees that this won't happen again. 

I request that you delist app2 [dot] editnews [dot] com and any other URL you might have listed recently related to it.

Please let me know if you need anything else from us, or if you have any tips in dealing with this situation.

Link to post
Share on other sites
7 minutes ago, mn-osal said:

Hi,

We are a small Swedish SaaS-vendor with an email marketing solution called EditNews.

The past month our platform has been exploited for malicious use.

We offer a self-service upgrade process, as is common with SaaS-solutions.
A combination of honey traps and captcha has, until now, been effective at keeping bots and the like out.

During August a number of trial accounts were created, and then subsequently upgraded to a paid tier. These accounts have then started sending spam and phising emails.

The offending accounts have been terminated, and any links previously used in a phishing attack have been redirected from the malicious sites (which were hosted outside of our control, most being hacked WordPress-sites from what we could see) to our company homepage. 

Now we have completely turned off trial accounts and self-service upgrades, until we can get a reliable solution in place that guarantees that this won't happen again. 

I request that you delist app2 [dot] editnews [dot] com and any other URL you might have listed recently related to it.

Please let me know if you need anything else from us, or if you have any tips in dealing with this situation.

Hello, thanks for bringing this to our attention. We've reviewed the site again and have determined it no longer warrants being blocked so we've removed it from our database. 

Removal should be reflected in the next database update going out in a few hours or so.

Link to post
Share on other sites
  • TeMerc locked this topic
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.