A web hosting provider known as No Support Linux Hosting has announced it is closing down following a cybercriminal attack that saw a hacker breach the firm’s internal network. The result of the infiltration has compromised the web hosting company’s entire operation.
Forced to close by a malicious hack
In an advisory message that was posted on No Support Linux Hosting’s official site, the firm explained that its systems had been hit on February 8. Investigation indicated that the network intruder had effectively compromised the web hosting company’s dedicated infrastructure, including its admin section and customer database packed with personally identifiable information (PII), along with its official website.
Approached by business technology news site ZDNet.com, a spokesperson for No Support Linux Hosting (NSLH) declined to comment on the incident. However, while the exact details of the breach are as of yet unclear, the dedicated attack would seem to have been exceptionally destructive in design.
On account of the malicious attack, the web hosting company officially acknowledged it was no longer able to operate, and it urged its clients to take emergency action:
“We can no longer operate the No Support Linux Hosting business. All customers should immediately download backups of their websites and databases through cPanel.”
Whether the hacker wiped or downloaded the firm’s backups and database is unknown. There has been no indication that the attack involved encryption – using ransomware tactics to leverage funds from the firm in return for a decryption key.
Additional attacks reported by two other web hosting companies
Although it has not been confirmed if the events are related, hacks have been aimed at two more web hosting providers subsequently.
A blog that focuses on piracy and digital rights, TorrentFreak, issued a report that two web hosting companies based here in the United Kingdom, which deliver IPTV services to streaming sites operated by pirates, were also hit by hacks with many similarities. The attacks saw both KS-Hosting.com and SapphireSecure.net briefly show a message on the front page of their websites from a hacker.
In the hacker’s message displayed on the two sites, personal information was shared pertaining to the individuals behind both KS-Hosting.com and SapphireSecure.net. The message threatened the two web hosting enterprises, stating the hacker would provide both copyright protection regulators and the police with copies of their databases listing customers.
This attack, however, was clearly a ransomware assault, as the message made a formal request for a ransom of $92,000 in Bitcoin in return for not sharing the customer databases with the authorities.
A potential link between the ransomware hacks on KS-Hosting.com and SapphireSecure.net and the web hosting company No Support Linux Hosting could be that both firms were offered the option of closing down their operation completely to mitigate the release of their databases and the disclosure of their client’s details, as well as a chance to pay the ransom.
ZDNet commented that with all three attacks so close together on the timeline, there is at least the possibility that they were all made by the same hacker.
