Some of you may have heard by now that there is a serious computer exploit that affects servers running the cPanel software management systems. We here at the Mothership have a lot of them. Late Wednesday night, several of our download content storage servers got hacked via this exploit. I was able to head off the attack and restore most of the machines. The attack utilised a ransomware attack, which damaged 3 of our servers beyond immediate restoration. A lot of the Vidown store sites have remained online and functioning and I am slowing building new machines so I can restore the sites that are down from backups. This involves hundreds of sites though, so it's going to be several more days before all/most of them are back up.
Let me make it perfectly clear that ONLY the content machines were affected. Our main server, which generates the storefronts and handles the purchases was not affected in any way. No producer or client info was accessed by the hackers. We do not, in fact, store much of anything in our databases anyway. Card data and personal info is discarded immediately after the sale is approved. We only store names and email addresses to make customer service issues faster and easier.
Because the catalog and sales machine never stopped working and is not connected to the content machines, it's entirely possible to complete a transaction but be unable to complete the download because the site that stores the video is currently down. When making Vidown purchases, pay attention to the thumbnail images. If they aren't loading correctly, the content site may be offline. Either way, we will reauthorize and honor any and all sales that happen during this crisis for as long as it takes to make everyone happy.
It goes without saying that if you have any websites or servers anywhere that use cPanel, make damned sure you have current tested and working backups.
soundguy said: Some of you may have heard by now that there is a serious computer exploit that affects servers running the cPanel software management systems. We here at the Mothership have a lot of them. Late Wednesday night, several of our download content storage servers got hacked via this exploit. I was able to head off the attack and restore most of the machines. The attack utilised a ransomware attack, which damaged 3 of our servers beyond immediate restoration. A lot of the Vidown store sites have remained online and functioning and I am slowing building new machines so I can restore the sites that are down from backups. This involves hundreds of sites though, so it's going to be several more days before all/most of them are back up.
Let me make it perfectly clear that ONLY the content machines were affected. Our main server, which generates the storefronts and handles the purchases was not affected in any way. No producer or client info was accessed by the hackers. We do not, in fact, store much of anything in our databases anyway. Card data and personal info is discarded immediately after the sale is approved. We only store names and email addresses to make customer service issues faster and easier.
Because the catalog and sales machine never stopped working and is not connected to the content machines, it's entirely possible to complete a transaction but be unable to complete the download because the site that stores the video is currently down. When making Vidown purchases, pay attention to the thumbnail images. If they aren't loading correctly, the content site may be offline. Either way, we will reauthorize and honor any and all sales that happen during this crisis for as long as it takes to make everyone happy.
It goes without saying that if you have any websites or servers anywhere that use cPanel, make damned sure you have current tested and working backups.
I think I understood half of that but thank you Soundguy for protecting us and our data.
Was it a Zero Day exploit? Or just a patching issue? Do you use a FireWall? I use a Netgate pfSense, kinda simple but works really well, you can even install IDS.
Love you, too
