Large managed web hosting solution provider Managed (.) Com was hit by a ransomware attack earlier this week. The company was forced to shut down all of its servers, and even client sites were affected by the incident. According to media reports, the operators of the ransomware REvil are responsible for this attack.
According to the publication ZDNetThe attack took place on November 16, 2020, and on the same day, the company's specialists decided to disable all their systems, including those that support user sites, in order to protect the "integrity of customer data."
At first, it was reported that the ransomware managed to encrypt only some sites, which were immediately isolated and disabled, but later in the company warnedthat the attack affected the entire hosting infrastructure, including managed WordPress and DotNetNuke hosting solutions, mail servers, DNS servers, RDP endpoints, FTP servers, and databases. Currently, restoration work is underway, and the company is conducting an investigation of the incident, together with law enforcement agencies.
Journalists note that at first the company tried to pass off this attack as unscheduled technical work, but rather quickly the representatives of Managed (.) Com realized their mistake and reported the real state of affairs.
Now worried hoster clients write on the company's forums that their sites may be unavailable for days or even weeks. People cite a similar incident that affected A2 Hosting in May 2019. Back then, it took the company over a month to get back to normal, and many customers had to wait for their sites and site data to be restored.
According to the publication Bleeping Computer, which cites its own sources in the information security community, the responsibility for this attack lies with the operators of the ransomware REvil. According to a screenshot obtained by the publication, REvil is demanding a ransom of $ 500,000 from the affected company. However, it is still unclear whether the hackers managed to steal any data from the company before encrypting the files.