Mail provider’s servers wiped out in “catastrophic” hack
An email provider called VFEmail suffered a “catastrophic” hack that may have erased all stored email from its US customers.
“We have suffered catastrophic destruction at the hands of a hacker,” reads a notice posted on the VFEmail site. website. “This person has destroyed all the data in the United States, both the main and backup systems. We are working to recover all the data we can.”
The Wisconsin-based company has served businesses and consumers since 2001. But its various data centers were mysteriously taken offline this week. An unknown attacker was then discovered in VFEmail systems. But the emails were not stolen and no ransom demands were made. Instead, the hacker seemed to want to destroy company data by reformatting each server.
“Every VM (virtual machine) is lost. Every file server is lost, every backup server is lost “, the company reported on Twitter, later adding: “Tthere was no ransom. You just have to attack and destroy. “
VFEmail recovered a backup drive hosted in the Netherlands, owner Rick Romero Recount security reporter Brian Krebs. However, data from U.S. customers may disappear for good, Romero said.
“Yes, @VFEmail is indeed gone. He probably won’t come back, “Romero tweeted Tuesday.
Who was behind the attack and how it unfolded is not fully known. But VFEmail traced the hack to a Bulgaria-based server with the IP address 220.127.116.11 and the username “aktv”. The attacker had access not to a single server, but to the entire IT infrastructure of VFEmail.
Recommended by our editors
Romero told PCMag he suspected the hacker was exploiting a software vulnerability to break into. This is because the company’s servers used different login credentials and passwords weren’t saved on board.
For now, the company is warning some customers to stop using their VFEmail accounts until service can be restored. “At this time, I’m not sure what the status of the existing mail is for US users. If you have your own mail client, DO NOT TRY TO MAKE IT WORK,” the company said in its notice. “If you reconnect your client to your new mailbox, all of your local mail will be lost.”
The company has restored its ability to deliver and send inbound emails to paying users. However, the ability to deliver emails from the free VFEmail accounts remains down.
Do you like what you read ?
Sign up for Security watch newsletter for our best privacy and security stories delivered straight to your inbox.