The web hosting company "No Support Linux Hosting" (NSLH) announced on February 9 that it was shutting down after a hack in which a cybercriminal broke into its interior. systems and violated her entire business. According to a message posted on its official website, the company said it was violated on Monday, February 8th. THE hacker seems to have violated the entire company business, including the official website, the admin department and customers.
A representative of No Support Linux Hosting declined to disclose further information about the hack. Despite her reasons cyber attack remain unknown, it is estimated that it will have catastrophic consequences.
Specifically, the web hosting company reported the following: "We can no longer operate No Support Linux Hosting. All customers must immediately download backups of their sites and databases via cPanel before servers abolished permanently. "
So far it is not clear whether the hacker downloaded and "emptied" the company's databases and backups or whether it is a classic ransomware attack in which the attacker encrypted archives and asked the victim for ransom to provide decryption key.
The TorrentFreak, a site reporting on digital rights and hacking news, reported that two other UK-based web hosting companies providing IPTV services to pirates streaming sites, suffered similar hacks. In particular, the SapphireSecure.net and KS-Hosting.com posted a message on their homepage on February 8 from the alleged hacker.
In the message, the hacker mentioned the personal details of the person behind the two sites and threatened the two companies that they would share their customer databases with the police and copyright services if they refused to pay a ransom of 2 BTC (92.000 $).
According to ZDNet, the security incidents that occurred in these two companies may be related to the hack suffered by No Support Linux Hosting. This conclusion comes from the fact that the hackers who "hit" SapphireSecure.net and KS-Hosting.com also gave the companies the option to either "close for good", in order to avoid disclosing their data to the authorities, or to pay the required ransom.
Therefore, it is estimated that behind all the aforementioned attacks it is very likely that the same malicious factor is hiding.