[tor-relays] Re: Tor Node infected with ransomware

[forest-relay-contact--- via tor-relays <tor-relays@xxxxxxxxxxxxxxxxxxxx>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hello.

I was wondering when the Tor mailing list would catch wind of this.

skankhunt42 wrote:
> I really want to understand what I did wrong.
> Maybe someone with more experience may take a look at it?

You did nothing wrong. Several cheap providers have been attacked by a
script kiddie recently. They merely encrypted the first 512 MiB of the
block device. Note that they do not restore your data even if you pay.

Please see:
https://lowendtalk.com/discussion/214073/what-happened-to-cloudcone-was-it-hacked/p1
https://lowendtalk.com/discussion/214080/ransomware-via-virtualizor-exploit/p1

Regards,
forest
-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQQtr8ZXhq/o01Qf/pow+TRLM+X4xgUCaYBbsQAKCRAw+TRLM+X4
xrmiAQCHZKCpqZWQkyLYcDKsDeMBwub4xuDElqaWnc2xm5V6dgEA/Pf73cveCFMK
KwnexFLghfNqTPTNz8rdGNU2W+6v1gg=
=Op9n
-----END PGP SIGNATURE-----
_______________________________________________
tor-relays mailing list -- tor-relays@xxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to tor-relays-leave@xxxxxxxxxxxxxxxxxxxx