A web hosting company named No Support Linux Hosting announced today it was shutting down after a hacker breached its internal systems and compromised its entire operation.
According to a message posted on its official site [archived], the company said it was breached on Monday, February 8. The hacker appears to have “compromised” the company’s entire operation, including its official website, admin section, and customer database.
A No Support Linux Hosting (NSLH) spokesperson did not return a request for comment seeking details about the attack. But while details about the intrusion are unclear, the attack appears to have been destructive in its nature.
“We can no longer operate the No Support Linux Hosting business,” the company flatly acknowledged today.
“All customers should immediately download backups of their websites and databases through cPanel,” NSLH said, urging clients to do so before servers go down for good.
At the time of writing, the nature of the NSLH attack is unclear, and we don’t know if the hacker downloaded & wiped the company’s database and backups or if we’re talking about a classic ransomware attack where the intruder encrypted files and demanded a ransom for the decryption key.
Two other hosting providers reported hacks as well
But even if NSLH did not respond to a request for comment, there looks to be a lot more to this attack.
Earlier today, TorrentFreak, a blog dedicated to digital rights and piracy news, reported that two UK-based hosting companies that provide IPTV services to pirate streaming sites also suffered similar hacks.
For a short while on Monday, SapphireSecure.net and KS-Hosting.com both showed a message on their front page from the alleged hacker.
In the message, the hacker shared the personal details of the person behind the two sites and threatened the two companies to share their customer databases with police and copyright protection agencies unless a ransom of 2 BTC (~$92,000) was paid.
But what could connect this attack with the NSLH incident is the fact that the SapphireSecure.net and KS-Hosting.com hacker also gave companies the option to shut down for good as a way to avoid having their data shared with authorities or paying the ransom.
With the two hacks so close in proximity and with overlapping details, it may be possible that NSLH was breached by the same threat actor.