Time4VPS (UAB "Interneto vizija") Hacked
Looks like someone went after Time4VPS in attempt to breach a crypto swap/exchange service FixedFloat(ff.io). Same attacker managed to steal $26.1M before, and gained access to Time4VPS backend servers in attempt to steal more.
Time4VPS acted poorly, they had critical vulnerabilities in their systems and didn't really care about it. It isn't clear at the moment if more was compromised, Time4VPS is quiet, all they posted since it occurred(but wasn't public at the time) was a blog article about 2FA.
Comments
If everything they say is true, that's an extremely bad look for T4V... What a shitty situation.
ExtraVM
For the entire Miss Group.
Amadex • Hosting Forums • Wie ist meine IP-Adresse? • AS215325
Forum for System Administrators: sysadminforum.com
So they used virtual machine and not dedicated server for their project? I am genuinely surprised.
Shame on Time4VPS but in this case I believe ff could've prevent this from happening
Check our KVM VPS (flags are clickable): 🇵🇱 🇸🇪 | Looking glass: 🇵🇱 🇸🇪
T4V uses stuff way after the EOL date, I remember some discussion in this thread: https://lowendspirit.com/discussion/comment/43955#Comment_43946
their looking glass is still running Debian 9 lmao
Their storage VPS are still on OVZ6.
Good to have a kind of confirmation that company is running on 'autopilot' for quite some time now.
There is so many things there that makes you fucking wonder.
Why would $26.1 million be using LET provider.
Why would they be using VPS.
Why wouldn't you nuke everything after first signs.
Why the fuck would you be contacting provider if you know theirs system is "hacked" - don't you think the "hacker" is controling it too? :-D
Haven't bought a single service in VirMach Great Ryzen 2022 - 2023 Flash Sale.
https://lowendspirit.com/uploads/editor/gi/ippw0lcmqowk.png
It seems this client of Time4VPS truly did lose millions.
Stop the planet! I want to get off!
SlowMist(Crypto Security Firm) founder made a comment on FF and T4V situation, and advised against choosing "small" hosting providers.
https://www.binance.com/en/square/post/2024-06-30-cryptocurrency-industry-advised-against-choosing-small-service-providers-10165669960433 (archive)