whmcsmoduleshop .com hacked?

[bear]

58 minutes ago, Kian said:

There has never been a hack here.

That's certainly one possibility, but not the only one. 😉

[WPCycle]

1 hour ago, Kian said:

I'm saying that one should double-checking things before calling scams, hacks etc. Threads like this one will show up on Google, mostly on top, even if the "accusation" was false providing misleading information for years. But that's just my opinion. They changed their pricing model. Maybe they did it in a very bad way since they forgot to send emails but for sure it wasn't a hack.

There a a few issues. Not everyone knows the difference between a hack, an exploit, a *, or a website owner doing who knows what.  In such situations, the latter is rarely ever the issue.

Second, any such issues with WHMCS is serious. If someone hacked a WordPress server, or exploited a WordPress website...the main concern would be root access, email user names and passwords...unless they're running WooCommerce. Such issues can go from minor like a theme being exploited to severe if they had WooCommerce installed. Any type of exploits or hacks with WHMCS is already a red zone concern. This person now has access to all the personal information about your clients, possibly all their banking info, access to all of your servers, and so forth. They pretty much have access to your entire operation as oppose to access to one website.  It's very concerning.

Now if this is a fault of the website owner, an email should have gone out immediately after. I've changed prices numerous times over the years and never had this happen, but as humans, and I think one or twice during an upgrade, a mistake set of invoices went out either due to a cron or import, but 5 minutes after the issue was noticed, an email went out informing everyone that a mistake invoice went out, and to either ignore, delete it, or double check that it was already paid, and not to pay it again.  Issue cleared  up in 5 minutes, unlike here, the issue didn't "fix itself", and now everyone has to publicly complain about it.

It also shows the level of support, which looking at older responses, was and still is an issue. A client contacts the provider or developer, that's stage one. If there's no response, and they have to contact multiple times, that's a frustrated customer now in phase 2. Phase 3 is when a public complaint has to be made, which then the person or company responds. It's too late at that point.

[Ithiel]

Glad to see I'm not the only one who was suprised to get a random invoice from these guys.

In my case, it was for $800 USD!

#NotImpressed

[steven99]

On 11/11/2020 at 12:17 PM, ChrisTERiS said:

Is this company the old "half-pixel ......"? If yes, then it's almost 10 years that I've been registered there.

 

Yes, I believe you are correct.  Only remember as the logo is similar.  I used their CMS module at one point .  Have received other invoices similar to this in the past and ignored them.   Just cancelled all services with them and ensured paypal had no agreements . Received zero communication from them that this was happening . 

[Module Shop]

Hello Everyone,

 

Sorry for the confusion on this, we have seen a few people surprised by whats happened.

 

Back in Novemeber 2019 the module shop was relaunched, and obviously had a lot of existing customers (and people who had just registered on the site).

There was a change to how the module shop was providing modules (to a model where a monthly or yearly subscription gave you access to all the modules, which you could pick and choose at any time).

As part of this we provided access to every legacy module, open sourced and available to download for everyone registered on the site.

We then notified all registered users about the new module plans and noted some may not want to continue so suggested contacting us to close or remove accounts not wanted, either before or after the free trials we were migrating accounts to.

After this we gave every registered user a free trail for 1 year of the new module system. the tier provided was at least the starter plan (if you had previously purchased no modules) and went right up to the largest plan depending on your previous purchases with the module shop.

The renewal notices youve recieved are automated renewal notices from our whmcs platform as the free trial period has ended.

As with other free trials the renewal was optional and after the grace period the services will cancel. These will be setup as annual plans but can also be changed to monthly if requested.

 

There is no possible way you will be billed for anything unless you explictly make a renewal payment. As part of the migration last year we notified users and removed all payment details from the system and any existing subscriptions in stripe or paypal to ensure no unauthorized payments were ever taken.

 

We arent quite sure how the various emails sent out from last year werent delivered to some users, we can provide details of the emails sent to your account either directly or by logging in and viewing the emails tab under your account.

We additionally sent many emails about the free trials and optional renewals through our newsletter, if anyone belives they were on the newsletter but didnt receive the emails please let us know and we can look into this for you.

 

In short:

You will not be charged unless you choose to renew

The free trials will end automatically after the grace period

Please let us know if want any user account closed or removed will we sort this asap

 

And once again very sorry for any confusion here, on reflection while we feel we sent alot of information when the changes were made we could of sent a notification about any upcoming renewals after the free trials that may have avoided or reduced any confusion happening now.

 

Regards