My hosting partner is still recovering more than a week after malware attack
Hosting company Mijnhostingpartner is still working to restore its servers a week and a half after a major ddos and ransomware attack. Technical employees of the company are repairing the servers one by one.
The problems for Myhostingpartner started a week and a half ago. The company’s engineers thought on Sunday evening, January 6, the recovery would take “all night,” according to the list of updates the company maintains on Facebook. A day later, the company had to admit that it was an attack on a scale it had not yet encountered and that the repairs would take longer than expected.
In the following days, Mijnhostingpartner received many comments from affected customers that they wanted clarity about the circumstances of the malfunctions. “The answer to this is that we suffered an incredibly severe attack last Sunday, in which an attacker saw the opportunity to break into the core of our network and our servers,” the company said on Facebook to customers who inquired. what is known and how the problems could arise.
Among other things, the malicious people managed to inject ransomware into mysql and mssql servers, including the backup servers. They also managed to paralyze Exchange databases. It took a few days before the first servers were operational again, but because the recovery turned out to be very time-consuming, Mijnhostingpartner engaged two external companies on Saturday that specialize in decrypting ransomware. The mssql 8 server in particular appeared to be severely affected.
On Wednesday, at least five of the company’s servers are still completely or partially unreachable. The hoster advises victims to restore local backups of databases, while waiting for the servers to come back online, by referring to, for example, Facebook, to publish a temporary page or to build a new site and post it.
Mijnhostingpartner received a lot of criticism from customers, especially because of the lack of communication. For example, there is nothing to be found on its own status update page. The company apologizes and says it will answer as many questions as possible via tickets, mail and chat, but also states that it must focus on the recovery of the systems at the same time. It is unknown how many customers have been affected by the problems and when they will be finally fixed.