Author Topic: Dev Team went rogue ?  (Read 119 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Dev Team went rogue ?
« on: July 05, 2026, 09:10:52 PM »
Ok, after analizing the temp_hacker_check we discover this script is trying to prevent SOMEONE to get into the servers using cwpro.
It seems a Dev Team person went Rogue and this script is preventing and erasing posible ssh keys, db access and all that kind of stuff that a hacker will use to get into the servers using this soft.

So there is a person hacking all the CWPRO servers using a Gsocket Backdoor and the hacker key begins with IPCsi58x.... and using mysql users also, there is a bug operator=/root erasing all keys.

This is hapenning in ALL the servers using this panel. and you can see if you look closely there is in your hosts a 127.0.0.1 gsocket.io and cloudsyndication.org. Blocks by this scripts to keep hackers outside.

So i will love and explanation from someone from cwpro, to come clean about this... We love this panel and we dont gonna change, but we can help you.


Offline
*
Re: Dev Team went rogue ?
« Reply #1 on: July 05, 2026, 09:55:52 PM »
That could be a possibility; just like you, i believe CWP is one the most complete panel  available, but all of these issues did not happen with cwp7 + centos7.

i know these are tough time for us, but i will keep using CWP for me is easy and very flexible

Offline
*****
Re: Dev Team went rogue ?
« Reply #2 on: Today at 01:56:30 AM »
Quite the conspiracy theory... is there bona fide proof?
Juicy plot line -- I'm starting to hear a James Bond theme play... or maybe the Mission Impossible theme...

Offline
*
Re: Dev Team went rogue ?
« Reply #3 on: Today at 02:23:40 AM »
Quite the conspiracy theory... is there bona fide proof?
Juicy plot line -- I'm starting to hear a James Bond theme play... or maybe the Mission Impossible theme...

Dude, have you see whats inside the script?

Even it has a finger print of the attacker, they are blocking domains via hosts where the ex Dev Team member taht went rogue was using. And the cleanup of constantly deleting /root/.ssh is the only proof we need. Adev Team member went rogue.

Offline
*
Re: Dev Team went rogue ?
« Reply #4 on: Today at 06:32:16 AM »
I urgently passed the information on to José and shared this post with him; I think he will respond to this matter quickly—he has always stepped up, and he always will.

Offline
**
Re: Dev Team went rogue ?
« Reply #5 on: Today at 02:34:54 PM »
Does the rogue cwp team member drive an aston martin too ?