On the 11th February secure email provider VFEmail, alerted users via its website, that a catastrophic outage had occurred to its email service, after a hacker had gained unauthorised access and launched a destructive attack against their systems.This malicious attack has resulted in the complete wiping of the VFEmail primary servers and their associated backup systems. The owner of the service posted to his twitter feed that this may be the end of VFEmail.The website alert reads:
“!!!ALERT!!!! Update Feb 11 2019www.vfemail.net and mail.vfemail.net are currently unavailable in their prior form. We have suffered catastrophic destruction at the hands of a hacker, last seen as aktv@94.155.49.9. This person has destroyed all data in the US, both primary and backup systems. We are working to recover what data we can.”
VFEmail have been around since 2001, providing a secure privacy-oriented email service for business and personal use. It included both free and paid for services of differing levels, that scanned each email for spam and virus’s prior to delivering to the mailbox.During the investigation several tweets appeared on the company feed, giving evidence that the attacker was caught in the act of wiping data from the servers, but unfortunately it was too late to prevent further damage.https://twitter.com/VFEmail/status/1095021927972909056https://twitter.com/VFEmail/status/1095038701665746945Customers in the Netherlands appear to have not been impacted as this was a separate set of data and the backups of the systems were still intact. Partial service has now been restored, in the form of incoming email and webmail, but unfortunately for users in the US, all of their data now appears to be lost.https://twitter.com/VFEmail/status/1095040044316925953The destroyed virtual servers did not all share the same credentials for authentication, and although details are not known, we assume that this is either a sophisticated attack, or possibly an insider threat. Time will tell.This attack has left the VFEmail business in an horrific state that it may never recover from, and could see the sad end of a service that has spanned nearly 20 years.In this case a robust backup solution that included both online and offline backups would have provided a more reliable recovery path for VFEmail.This devastating act should be a lesson to all businesses, delivering a solid cyber security plan is critical to your continued operation, as well as protecting your brand and reputation.Updates on the incident are being provided on the VFEmail website at the following link: https://www.vfemail.net/incident.php
After a turbulent week or so, VFEmail are fighting their way back to full health. Last week we covered the destructive hack that left the company in turmoil and fighting for its survival.Hackers had infiltrated the systems at VFEmail and wiped all their servers and backup systems leaving the service inoperable, and users without their email data.This week they have continued to update their customers via the website and twitter feed, with promising news for their customers that they are close to successfully restoring service.
!!!ALERT!!!! Update Feb 17 2019We're not at full power yet, but we're getting there. Please see the Incident page for a timeline (last updated 2/17/19 9pCST)
Although this will be good news for some it might not be for all. Status updates on their twitter feed confirmed that they have abandoned their US offering, and the restored service will now be run from the Netherlands.https://twitter.com/VFEmail/status/1098404538346811393With the new hope that some data between 2016 and 2019 may be recovered, and hopefully a greater focus on system wide security, this is a great news from a company that looked dead and buried this time last week.
To keep up to date with our news and posts why not join our mailing list by using the link to subscribe: http://bit.ly/IronMailListYou can also follow us using the social media links provided.
Ironshare – Security Simplified
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
