Brought down on the knees but not dead

Discussions about Servers
User avatar
Hitman
Adept
Posts: 313
Joined: Mon Aug 16, 2010 11:01 am
Location: Sweden

Brought down on the knees but not dead

Post by Hitman »

This is a sad tale about me and my UT servers which I had up since 2003 under the the name Unrealmayhem. I had a rented a server machine in Germany, and everything was good until last week. I used a program called HFS to transfer files, and a ransomware called HMALLOX found a loophole in HFS and destroyed the entire machine, website and 18 diff UT-servers. The ransomware was relatively new, so there was no way to solve it, and after some googling, it was suggested not to pay. HFS released a new version of the program hours later, but the damage was already done.But now, with assistance from norbert79, we work together diligently, late nights and with donations from players, we now start to get it more secure and got 14 servers back up so far and soon a website to.
---LONG LIVE UT99---
UMExtreme
Posts: 1
Joined: Wed Jan 27, 2021 10:45 am

Re: Brought down on the knees but not dead

Post by UMExtreme »

Very good job -=]UM[=- Keeps UT99 alive... :gj: :tu:
User avatar
EvilGrins
Godlike
Posts: 10212
Joined: Thu Jun 30, 2011 8:12 pm
Personal rank: God of Fudge
Location: Palo Alto, CA

Re: Brought down on the knees but not dead

Post by EvilGrins »

Thanks for the update:
EvilGrins wrote: Sat Jun 15, 2024 6:46 pm http://unrealmayhem.com/modules.php?name=Forums may be gone before too long, as on their Facebook group announced today their servers have been hit with RansomWare and they don't think they can fix it.
sXs-sketchpad
Experienced
Posts: 143
Joined: Sun Mar 29, 2020 3:37 am

Re: Brought down on the knees but not dead

Post by sXs-sketchpad »

Happy you guys have it sorted now keeping ut99 alive
Image
User avatar
esnesi
Godlike
Posts: 1042
Joined: Mon Aug 31, 2015 12:58 pm
Personal rank: Dialed in.

Re: Brought down on the knees but not dead

Post by esnesi »

Thanks for sharing and goodluck on rebuilding!
Another serious reminder to always have recent and offsite backups.

Did the dev confirm it was a hfs client vulnerability, or did you host your files on port 8080 perhaps?
I've dealt with ransomware once on a VDS, it was the infamous WannaCry(pt) which was mainstream news in 2017 somewhere.
Luckily i had recent backups and a fresh install was easy to rebuild.

*edit found my answer;
Image