This is a sad tale about me and my UT servers which I had up since 2003 under the the name Unrealmayhem. I had a rented a server machine in Germany, and everything was good until last week. I used a program called HFS to transfer files, and a ransomware called HMALLOX found a loophole in HFS and destroyed the entire machine, website and 18 diff UT-servers. The ransomware was relatively new, so there was no way to solve it, and after some googling, it was suggested not to pay. HFS released a new version of the program hours later, but the damage was already done.But now, with assistance from norbert79, we work together diligently, late nights and with donations from players, we now start to get it more secure and got 14 servers back up so far and soon a website to.
---LONG LIVE UT99---
Brought down on the knees but not dead
-
- Adept
- Posts: 313
- Joined: Mon Aug 16, 2010 11:01 am
- Location: Sweden
-
- Posts: 1
- Joined: Wed Jan 27, 2021 10:45 am
-
- Godlike
- Posts: 10212
- Joined: Thu Jun 30, 2011 8:12 pm
- Personal rank: God of Fudge
- Location: Palo Alto, CA
Re: Brought down on the knees but not dead
Thanks for the update:
EvilGrins wrote: ↑Sat Jun 15, 2024 6:46 pm http://unrealmayhem.com/modules.php?name=Forums may be gone before too long, as on their Facebook group announced today their servers have been hit with RansomWare and they don't think they can fix it.
· http://unreal-games.livejournal.com/
· https://unrealarchive.org/authors/evilgrins.html
· https://www.facebook.com/groups/UTcorps
· https://unrealarchive.org/authors/evilgrins.html
· https://www.facebook.com/groups/UTcorps
Smilies · https://ut99.org/viewtopic.php?f=8&t=13758medor wrote:Replace Skaarj with EvilGrins
-
- Experienced
- Posts: 143
- Joined: Sun Mar 29, 2020 3:37 am
-
- Godlike
- Posts: 1042
- Joined: Mon Aug 31, 2015 12:58 pm
- Personal rank: Dialed in.
Re: Brought down on the knees but not dead
Thanks for sharing and goodluck on rebuilding!
Another serious reminder to always have recent and offsite backups.
Did the dev confirm it was a hfs client vulnerability, or did you host your files on port 8080 perhaps?
I've dealt with ransomware once on a VDS, it was the infamous WannaCry(pt) which was mainstream news in 2017 somewhere.
Luckily i had recent backups and a fresh install was easy to rebuild.
*edit found my answer;
Another serious reminder to always have recent and offsite backups.
Did the dev confirm it was a hfs client vulnerability, or did you host your files on port 8080 perhaps?
I've dealt with ransomware once on a VDS, it was the infamous WannaCry(pt) which was mainstream news in 2017 somewhere.
Luckily i had recent backups and a fresh install was easy to rebuild.
*edit found my answer;