ZDNet reports that web hosting firm No Support Linux Hosting is terminating its services after its internal systems and entire operation -- which includes its admin section, official website and client database -- have been compromised, and it is urging all customers to secure backups of their websites and databases via cPanel right away before their servers shut down permanently. The breach reportedly took place on Feb. 8, but no further detail was given as to the nature of the attack. A similar hacking incident was reported by digital rights and piracy website TorrentFreak regarding two other web hosting firms based in the United Kingdom, which had been threatened to have their clients' databases exposed online unless they paid ransom. There was no obvious indication that the three attacks were connected save for the fact that all targets were given the option to shut down their operations instead of paying the ransom.
Jill Aitoro leads editorial for SC Media, and content strategy for parent company CyberRisk Alliance. She 20 years of experience editing and reporting on technology, business and policy.
As part of its latest attacks discovered in June, Tropic Tropper exploited several known Microsoft Exchange Server and Adobe ColdFusion vulnerabilities to distribute an updated China Chopper web shell on a server hosting the Umbraco open-source content management system.
More than 50 Alibaba-hosted command-and-control servers have been leveraged to facilitate the distribution of the backdoor, which impersonates the Java, bash, sshd, SQLite, and edr-agent utilities.
Angola and the Democratic Republic of Congo, which is a new Intellexa client, may have leveraged new Predator infrastructure to enable spyware staging and exploitation, according to an analysis from Recorded Future's Insikt Group.