Almost all data belonging to VFemail was reportedly destroyed in the hands of the hacker on Monday this week. The anonymous email services provider says that the attack was launched by a hacker active on darknet and identified as Aktv at the rate 184.108.40.206.
Cybersecurity Insiders has learned that the hacker destroyed the data of most users from the United States and this includes 18- year old info stored on primary and backed up systems.
Authorities of the email services are trying hard to recover the data. However, the news is out that the available sources might help fetch only 20% of the destroyed data, as most of the data has gone beyond the stage of recoverability in any way.
Note- VFemail is a 2001 started email services provider that provides free and paid services. For premium users, the service provider is known to scan each email for spam and viruses before the messages get into their inbox. Any threat detected will be blocked outside the servers via SpamAssassin software that has the ability to use private & public blacklists and greylisting characteristics.
The email hosting provider has grimly provided further details in red on its website’s homepage on Tuesday and said that its staff is trying their best to bring back the services to normalcy.
The alert posted on the official homepage said that the firm caught the hacker apparently intercepting & formatting their VFemail backup server based in the Netherlands. But by the time the intruder was caught, he/she managed to format all disks on every other VFEmail server.
So, technically speaking, all Virtual Machine (VM) Hosts were lost in the attack and so the recoverability quotient appears to be almost zero.
Those aware with the developments of the attack investigation say that the hacker might have done so just to disrupt the hosting assets of VFEmail as no ransom note or email contact was made by the hacker with the firm’s staff after the incident.
Holger Schulze, the Founder of Cybersecurity Insiders said that incidents such as these stress out more on the fact that organizations need to impose proper authorization controls for access to critical data.