Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #76270
    Hispasec Sistemas
    Guest

    This is Jaime Torres from Hispasec Sistemas, an international IT security company.

    I’m contacting you because we have detected a phishing hosted on your servers.

    IP address: 151.139.128.10

    URLs:
    * hxxps://demo3[.]cloudwp[.]dev/trial-t76xyut8/wp-content/plugins/sa/

    The fraudulent page is trying to simulate an official banking website in order to steal passwords of online banking users.

    Proof of fraudulent activities:
    * https://www.virustotal.com/gui/url/58809f3ca18cee676de6492c358a41c01077d45b9d9390ea68324b3970cb4ae3

    The official site(s) is(are):
    * caixabank.es

    Please, remove the fraudulent content as soon as possible. Thank you in advance.

    #76336
    Brandon C
    Keymaster

    Hi Hispasec Sistemas,

    We’re sorry to hear you’re dealing with this issue for our Cloud-Wp Services. We have an abuse hotline that you can reach out to report this concern and have it eradicated.

    Please let us know if you have any trouble with the Abuse Hotline form.

    After completing the inquiry we will reach back out to you directly with any updates. I hope this helps, please let us know if you have any other questions for us.

    Thank you

    #77620
    Hispasec Sistemas
    Guest

    Hi Brandon.

    We’ve already tried to send a report through the form you provided but it won’t let us send it.

    Best regards,
    Nicolás.

    #77721
    Brandon C
    Keymaster

    Thanks Nicolás,

    I didn’t realize the issue with the form was still ongoing. I will submit this for you as well as your other recent inquires.

    Thank you!

Viewing 4 posts - 1 through 4 (of 4 total)
  • The topic ‘Phishing Incident on Cloud WP servers ( 151.139.128.10 – demo3.cloudwp.dev )’ is closed to new replies.