New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
[Warning]A2 Hosting infected by Ransomware
Although a bit late and if you are with A2 Hosting you probably have already noticed but it seems like their services have been (partly) infected with ransomware since a couple of days.
If you were looking to host with them or are already there client and not (yet) affected you may consider moving or atleast backing up your data asap.
Sources:
Comments
A2 #METOO
inside job?
"A2 Hosting is the host you can depend on with ultra-reliable servers!" - except when they're buggered with ransomeware...
Owned by EIG of course.I guess this is why you should only go with A1 providers.
https://www.a2hosting.com/kb/does-a2-hosting-support/are-you-owned-by-endurance-international-group
?_?
Francisco
Welp can't read it :S No VPN/Proxy. Just Vodafone.
Here you go:
Francisco
Here's what it says:
They are apparently not owned by EIG:
https://researchasahobby.com/full-list-eig-hosting-companies-brands/
In case someone still can't read it, here's what it says:
In case someone still, still, can't read it, here's what it says:
Thanks for posting what it says Dunno why they wouldn't allow residential Vodafone IP.
They don't like your kind 'round these parts.
windows, always.
Well it's not like I wanted to order anything from them anyway. Still odd.
Odd? You want really odd??
Vodafone commercials...
Nigh, the end.
Exactly what I was looking for when I opened this thread
ALL YOUr base... ah fuck it, i'm tired.
But the real question is, they seems to be able to "restore" the servers, did they pay for the keys or anything?
They've been restoring their own backups.
Some users have reported large rollbacks (multiple days/weeks/months in some cases).
What a disaster. Shout out to the staff having to work through this.
Francisco
Damn, backup is really important. RIP for the staff and engineers that have to work day and night to overcome this absolute disaster and pressure over the week. Btw, from my understanding, the ransomware was be able to spread by using RDP Protocol, their servers have RDP port opened to the public internet? I personally dont think that they will make mistakes like this by putting RDP listening on public ips, they should have some VPN/Proxy connection before they can rdpied into the machines. I really doubt that it would be an inside job for spreading the virus on the machines via internal IPs.
Wait seriously? Where was that discussed? I must've missed something somewhere.
Francisco
https://www.zdnet.com/article/windows-server-hosting-provider-still-down-a-week-after-ransomware-attack/
The two articles I read from a day or two ago just say that RDP was brute forced and the ransomware installed from there, where it infected the rest, then they disabled RDP.
Not surprising if so.
Brute force? I don't think they would put their password as easy as abc for it to be able to brute forced in a short time.
Well, it's the most common way. If the RDP/Windows server is managed by the client, and A2 doesn't manage them all, you'd be surprised how many people use a basic combo of letters and numbers. Plus many less experienced just disable the firewall because it's an inconvenience.
True on both. A user recently posted on LET about his account being hack and he was absolutely confident that his password was strong because it was a combination of four words.
The foundation of a strong password is gibberish.
That sounds logical. But how about their own Windows Server for hosting their client website as shared hosting? They should've and should be separated their own windows machine from the customer's VMs network, that doesn't sound right if one customer's windows VMs get infected and infect the whole data center that is running on different subnets and machines.
"Should have" translates to "Too much work".
Therefore, forget it.
Try password generators...... dont use proper WORDS for passwords maybe, try your pet dog name with a few other combination of your favourite numbers and something that come up in your dreams, that would be enough for a "strong password". And a few symbols too, placing different symbols between each "words" that you can come up with, that would be hard enough.....
Well, yeah, that probably sums it all up. Your signature quote might also explain it abit.....