Disastrous cyberattack on email provider wipes out US servers and backups

Some cyber attacks are so catastrophic that there is no return from them. Email provider VFEmail feared this was the case when it said a hacker had caused “catastrophic destruction”Monday by destroying all the data on the American servers, as well as the backup systems.

On Monday morning, after the downtime of VFEmail’s site, servers and webmail client, VFEmail tweeted:

Hours later, VFEmail said it caught a hacker trying to format a backup server:

VFEmail then tweeted, “I’m concerned that all US-based data is lost.” The unknown attacker had erased all disks on each server:

The hacker was looking for blood – “just attack and destroy”.

Suddenly, an attacker had destroyed “the entire infrastructure” of VFEmail. As for the “scary part,” Romero tweeted:

On Monday, free users were informed to “do not attempt to send e-mails” because “there is currently no delivery for free accounts”. The incident page warned, “At this time, I’m not sure about the status of the existing mail for US users. If you have your own email client, DO NOT ATTEMPT TO MAKE IT WORK. If you reconnect your client to your new mailbox, all of your local mail will be lost.

The VFEmail service has since been restored, and the new mail is delivered. Today, users were told, “If you can’t sign in, send yourself an email from another location. Receiving an email creates your new mailbox. The email provider discusses possible data recovery options with an anonymous provider.

As indicated by Krebs on Security, this is far from the first time that VFEmail has been the victim of a targeted attack. He was disrupted by DDoS attacks in 2015, 2017 and 2018 when Romero tweeted, “After 17 years, if I was going to shut it down, I’d be the one shutting it down – not the script kiddies.”

More cybersecurity news

Researchers Develop Method To Hide Malware In Intel Systems So Antivirus Cannot Access It

As we get down to the topic of scary things, security researchers have come up with a new technique to hide malicious code from security software on systems with Intel processors by burying the malware in the secure memory of Intel SGX enclaves. In addition to writing a research article (pdf), the researchers also published proof of concept code this can bypass “ASLR, stack canaries and address aseptizer, the overall operating process took only 20.8 seconds.”

Hacked websites and businesses

Sixteen sites were hacked, then the resulting 617 million account details were stolen and sold on the dark web; the data sells for less than $ 20,000 in bitcoin. According to the register, the hacked sites included 500px, MyFitnessPal, Dubsmash, MyHeritage, Whitepages, Fotolog, ShareThis, HauteLook, 8fit, EyeEm, Artsy, Animoto, BookMate, Armor Games, CoffeeMeetsBagel, and DataCamp.

Speaking of hacking, Dunkin Donuts admitted (pdf) to suffer another credential stuffing attack – this is the second time in three months.

Also, Truluck’s Seafood, Steak & Crab House announcement compromise of payment card information after being notified by the FBI of potential unauthorized access. Affected Customers will have made purchases between November 21, 2018 and December 8, 2018, at the following locations: Houston (Downtown), Houston (The Woodlands), Dallas, Austin (Downtown), Austin (Arboretum), Naples, Southlake, and Chicago.

Apophis Squad hacker faces federal indictment on 11 counts

Remember in December when hundreds of schools and businesses received bogus bomb threat emails? The Justice Department announced that the FBI had stopped a 20-year-old man from North Carolina who is part of the Apophis Squad hacking group. Timothy Vaughn faces an 11-count federal indictment that could earn him a maximum sentence of 80 years in prison. The second defendant, and alleged leader of the group, 19, was arrested in the UK last year and sentenced to three years in prison for making a false threat against an airliner.

You may remember the days when the Apophis team boasted:

Funny tweets of the week

  • “Beg bounty” – new term for the day
  • A true but funny comment from security expert Jeremiah Grossman in response to the question, “Without using your job title, tell me what you’re doing.”

Copyright © 2019 IDG Communications, Inc.

Source link

June J. Lopez