Sign up for our newsletter
Technology / Data

“Catastrophic Destruction”: Hacker Takes a Match to Email Provider

VFEmail.net, a US-based email provider, has effectively been destroyed by a single cyberattack on Monday night, with the company – which was founded in 2001 – suffering what it described as “catastrophic destruction”.

The company issued warnings to their customers that “data in the US, both primary and backup systems,” has been completely wiped from servers after a hacker formatted all the disks on every server. That’s 18 years of emails gone.

VFEmail caught the hacker as they were in the process of formatting the backup server, but couldn’t respond fast enough with the company informing its users via Twitter that: “Every VM is lost. Every file server is lost, every backup server is lost.”

White papers from our partners

— VFEmail.net (@VFEmail) February 11, 2019

The data wipe was so bad that users who had both paid and free accounts no longer have existing mailboxes, as these were destroyed in the wipe and new mailboxes are only created once they receive a new email. The delivery mechanism that enabled free account holders to send mail no longer exist so that entire functionality is gone.

The hacker was “last seen as aktv@94.155.49.9” they said. No demands were made prior to the attack, the company said. VFEmail has previously faced extortion attempts from “script kiddies” the Armada Collective and was kicked off its data centre after declining to pay a ransom to stop DDoS attacks in 2015. (Founder Rick Romero blogged about the incident here).

VFEMail Hack:  Service “Effectively Gone”

“Strangely, not all VMs shared the same authentication, but all were destroyed. This was more than a multi-password via ssh exploit, and there was no ransom. Just attack and destroy,” VFEmail wrote.

VFEmail founder Rick Romero has taken to Twitter to confirm users worst fears that VFEmail is ‘effectively gone’. The founder is understandably dismayed at the turn of events stating that: “I never thought anyone would care about my labor of love so much that they’d want to completely and thoroughly destroy it.”

Dan Sloshberg cyber resilience expert at Mimecast commented to Computer Business Review: “This disastrous attack on VFEmail is a clear reminder to all organisations about the importance of third-party backups and email archives. They are a valuable, compliance-sensitive asset and a primary record of business communication.”

“Many IT teams are unaware of the data recovery gaps with cloud providers and assume they are covered for all types of data loss or corruption. Outsourcing a critical business service like email requires businesses to plan for the near-inevitable security breach, hardware failure or human error.”

See Also: RATs and Business Email Compromise Attacks on the Rise


This article is from the CBROnline archive: some formatting and images may not be present.

CBR Staff Writer

CBR Online legacy content.