[SOLVED] Hantek tech support board is hacked?

[MasterT]

I can't logging to hantek tech support forum at https://www.eediscuss.com.
First, there is warning message :

This server could not prove that it is www.eediscuss.com; its security certificate is not trusted by your computer's operating system. This may be caused by a misconfiguration or an attacker intercepting your connection.

Than, trying to log in via unsafe path, I'm getting 503 http error.
For some unknown reason, logging session is re-routed throw lemontreex.com web-site , that by itself looks suspicious.

https://account.lemontreex.com/account/login?returnUrl=https://www.eediscuss.com

Does everyone has the same issue, or it's just me?

[amyk]

Code: [Select]

---- Certificate Errors ----
SSL Verify: [0:18] self signed certificate
Certificate's host name (CN) doesn't match the site's
---- Certificate Info ----
C=US
ST=Someprovince
L=Sometown
O=none
OU=none
CN=localhost/emailAddress=webmaster@localhost

Begins: 2015-01-20 07:00 GMT
Expires: 2042-06-06 07:00 GMTThat doesn't look right to me either.

[tsman]

It is just a mess. The Hantek site say to use hantek.org on their contact page but eediscuss.com on the toolbar at the top. eediscuss.com has recently had the whois details changed but the details match up with what what used to be visible on hantek.com. lemontreex.com looks to be Hantek running an online store with a weird name though.

There are commented out links to it on the main Hantek site so if somebody did hack eediscuss.com then they also did hantek.com which is hosted on a completely different server. There are old posts on eediscuss.com that link to files stored on lemontreex.com as well.

The certificate error looks to be a configuration issue. Most Linux distributions will generate a local certificate at installation.

I don't think it is hacked but I wouldn't trust it.

[MasterT]

I received an e-mail from support@hantek.com saying that issue was solved.
Indeed, I could log-in to eediscuss over https, and was able to post my question over-there.

 Still, I don't fill confident, as I can't reach hantek.com primary web-site using https. Firmware updates  downloaded
over common http, w/o md5 or any other means to verify integrity of the software package makes me suspicious. I see significant performance degradation after last update FW, and can't roll back to old version.