Friday, 15 February 2019
Latest news
Main » Email Provider's Servers Wiped in 'Catastrophic' Hack

Email Provider's Servers Wiped in 'Catastrophic' Hack

13 February 2019

All US data from email provider VFEmail was destroyed by an unknown hacker, deleting almost two decades' worth of emails, VFEmail said Monday.

"Every VM (virtual machine) is lost.Every file server is lost, every backup server is lost", the company reported on Twitter, later adding, "There was no ransom". This was more than a multi-password via ssh exploit, and there was no ransom.

The largest ransom demand ever paid known to date is by Nayana, a South Korean web hosting company which dished out $1 million in Bitcoin after hackers breached its network and ran the Linux-based Erebus ransomware that encrypted data on thousands of customer' servers.

As further detailed in the alerts published on VFEmail's website, given that the United States mail was completely wiped out from all servers, "If you have your own email client, DO NOT TRY TO MAKE IT WORK".

"Attacks of this magnitude - where the goal is simply to attack and destroy - are rare, but well within the power of attackers who gain access to infrastructure", Parimi said. However, US customer data may be permanently gone, Romero said.

"We have suffered catastrophic destruction at the hands of a hacker, last seen as aktv@94.155.49.9", the posts reads.

UK Pitches 'Global Britain' by Flexing Military Muscle: Defense Minister
Speaking at the Royal United Services Institute , Mr Williamson said Britain must stand up to those who "flout worldwide law". He said the £3 billion aircraft carrier's first mission is part of "making Global Britain a reality".

While VFEmail is working to try and fix the damage left by the cyberattack, at the time of writing, only incoming mail is being delivered to new mailboxes. "If those controls were in place, an operation that deviates from trusted behavior would have raised the friction toward the attackers and provide immutable logs showing that the attack was in progress, allowing VFEmail to react quickly and potentially stop the breach before data was destroyed". "If you have your own email client, DO NOT TRY TO MAKE IT WORK", the company said in its notice. "If you reconnect your client to your new mailbox, all your local mail will be lost".

That was likely to be of little consolation to users of the service's infrastructure hosted in the U.S.; one business user told KrebsOnSecurity that 60,000 emails it had sent over the past decade were now missing.

And while VFEmail's primary website is back online, its secondary sites aren't and the email service it's now offering is in a partially-recovered state can't offer anything like spam filters or subfolders.

"I haven't done much digging yet on the actors", he said. Or, I really pissed someone off.

A VFEmail spokesperson was not available for comment at the time of publication.

"After 17 years if I was planning to shut it down, it'd be shut down by me - not script kiddies", Romero wrote on December 8.

Email Provider's Servers Wiped in 'Catastrophic' Hack