Gearbest.com account hacked?

[Chris G]

Hi guys,

 

I can’t login to my account on Gearbest.com. Anyone else have this issue?

And just after I see I got this email:

Dear Customer,

Thank you so much for visiting GearBest.com! As you requested, we have changed the e-mail address associated with your account.

The old email address was: chris@XXXXXXXX
The new email address is: [email protected]

If you did not update your email address, please contact us at our Support Centerimmediately.

Kind Regards,
GearBest Team

 

What the hell? Was I hacked or GearBest.com hacked? Better not be I have credit in my GB wallet there…. Not cool if I lost my account. Let’s see how their support handles this.

Chris | Admin
Please support us and help keep TechTablets online. Affiliate revenue is used to pay for the server, studio apartment (Techtablets HQ) and buy new tech to review. Without it, this site would be dead.
Next up for review:
Ordered and waiting for my: BMAX S15 & Teclast F6 Plus
Currently testing: LG G8X & Redmi K30

[Chris G]

Gearbest got my account back. Some Russian guy hacked my account and order things with my wallet balance!

Thing is how did he know I had a wallet balance and how did he change my email address without accessing my email? Bit worrying.

Chris | Admin
Please support us and help keep TechTablets online. Affiliate revenue is used to pay for the server, studio apartment (Techtablets HQ) and buy new tech to review. Without it, this site would be dead.
Next up for review:
Ordered and waiting for my: BMAX S15 & Teclast F6 Plus
Currently testing: LG G8X & Redmi K30

[ReTechNL]

Probably becaus he hacked your password. If you use the same password for gearbest and for you email account then this is the first anser.

Also, if he hacked your email adres and requested a password reminder to change the password. of your gearbest account. Then changed the email adres so you cant do a request password anymore.

Then delete all traces like the request emails from your email adres.

This is the most common one. Can you please check your server logs of chris@XXXXXXXX? and dont forget to check deleted items.

[Chris G]

Yes, I realized it must have been my email address. Both passwords were different so, still not sure how it was done. I’ve since changed my email address and other passwords. No trojans on my computer or keyloggers. Not idea really how it was done.

I have the hackers postage address, name and email of at least where the order they place would be delivered. Something for the police if anything else happens. I still wonder if Gearbest was hacked as they could only use accounts that had Wallet balance (Credit) to buy goods these hackers.

Chris | Admin
Please support us and help keep TechTablets online. Affiliate revenue is used to pay for the server, studio apartment (Techtablets HQ) and buy new tech to review. Without it, this site would be dead.
Next up for review:
Ordered and waiting for my: BMAX S15 & Teclast F6 Plus
Currently testing: LG G8X & Redmi K30

[ReTechNL]

Chris G wrote:

Yes, I realized it must have been my email address. Both passwords were different so, still not sure how it was done. I’ve since changed my email address and other passwords. No trojans on my computer or keyloggers. Not idea really how it was done. I have the hackers postage address, name and email of at least where the order they place would be delivered. Something for the police if anything else happens. I still wonder if Gearbest was hacked as they could only use accounts that had Wallet balance (Credit) to buy goods these hackers.

Can you get the server logs of your webhosting for your email?

Then you can see if someone unauthorized accessed your webmail.

Mostly those will exist withing the httpd apache logs. Also i would suggest asking your hosting provider to check it’s server logs for that ip.

 

Have you looked at your deleted items from you mail?

[Liam]

Chris,

 

I noticed your site doesn’t use HTTPS only HTTP and you are using wordpress…

Basically if you accessed your account here on any public wifi then someone could have easily sniffed your traffic. If your password is the same here for your email or GearBest then there’s your answer.

I know paying for SSL certificates suck and they can be a PITA to setup sometimes but they are necessary.

My password for this site is one I don’t use anywhere else, especially considering logging in is not secure here.

 

Also,

If you’re using a default wordpress setup and your provider is an idiot, or doesn’t know what they are doing, then your MySQL DB is probably easily accessible using the default MySQL DB login.

[Chris G]

Hi,

Thanks for the info. I did have the site moved to https, but it was a massive PITA, kept getting warning of unsafe content even moving over to SSL in the end after 3 days of being on https I pulled the plug on it and reverted back to http.

I used different passwords for GB and here. My email must have been hacked and they used it to then change my GB email to that temp on and place an order to Russia.

Chris | Admin
Please support us and help keep TechTablets online. Affiliate revenue is used to pay for the server, studio apartment (Techtablets HQ) and buy new tech to review. Without it, this site would be dead.
Next up for review:
Ordered and waiting for my: BMAX S15 & Teclast F6 Plus
Currently testing: LG G8X & Redmi K30

[Author]

Posts