Together, towards a better future

VFEmail Service Data and Backups Deleted Permanently

2 min read
VFEmail Service Data and Backups Deleted Permanently, a US-based email provider lost all of its data and backup files after hackers destroyed its entire infrastructure, wiping out two decades’ worth of data in a matter of few hours for no reason.

The privacy-focused email service provider revealed that the attack took place on February 11th and “all data” on their servers including the backup systems has been completely wiped out.

“Yes, @VFEmail is effectively gone,” Romero wrote on Twitter Tuesday morning. “It will likely not return. I never thought anyone would care about my labor of love so much that they’d want to completely and thoroughly destroy it.”

The VFEmail security team detected the attack on February 11th after they noticed that all the servers went offline without for no apparent reason.

vfemail hack

Two hours later, the company reported that the attackers had been caught “in the middle of formatting its backup server,” saying that it “fear all US-based data may be lost.”

Shortly after this, they confirmed that “all the disks on every server” had been wiped out entirely, including mail hosts, virtual machine hosts, and a SQL server cluster. “Strangely, not all VMs shared the same authentication, but all were destroyed,” VFEmail explained. “This was more than a multi-password via ssh exploit, and there was no ransom. Just attack and destroy,”—a rare example of a purely destructive attack.

It is unclear who was behind this attack and how it happened, but a statement posted on the company’s website pointed to an IP address 94[.]155[.]49[.]9 and the username “aktv,” which appears to be registered in Bulgaria.

The official website has now been restored but all secondary domains are still unavailable. If you are an existing user, you will find find your inbox empty.

Get all the latest posts delivered straight to your inbox!
🎉 You've successfully subscribed to Hack Hex!