Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Cyber Crime

Hosting service Code Spaces goes out of business due a cyber attack

Hosting service Code Spaces goes out of business due to a cyber attack after an attempt of extortion by a gang of cyber criminals. Code Spaces, a code-hosting and software collaboration platform, has been brought down by a serious cyber attack which has caused its out of business, the attackers have deleted the data and […]

Hosting service Code Spaces goes out of business due a cyber attack

Hosting service Code Spaces goes out of business due to a cyber attack after an attempt of extortion by a gang of cyber criminals.

Code Spaces, a code-hosting and software collaboration platform, has been brought down by a serious cyber attack which has caused its out of business, the attackers have deleted the data and backups of the company in a cyber raid. The Code Spaces firm has published an official statement to explain the incident to its users, this is a sad story because the attackers succeeded to destroy company business, the message inform the users that it will spend its current resources helping customers recover whatever data may be left.

“Code Spaces will not be able to operate beyond this point, the cost of resolving this issue to date and the expected cost of refunding customers who have been left without the service they paid for will put Code Spaces in an irreversible position both financially and in terms of ongoing credibility,”  “As such at this point in time we have no alternative but to cease trading and concentrate on supporting our affected customers in exporting any remaining data they have left with us.”

“In summary, most of our data, backups, machine configurations and offsite backups were either partially or completely deleted.”  states the statement.

Code Spaces down

As explained in the statement the cyber criminals initially started with DDoS attack, at the same time they gained the access into Code Spaces’ Amazon EC2 control panel, leaving the extortion demands to the Code Spaces company. They left a series of messages requesting to be contacted to a Hotmail address

An unauthorised person who at this point who is still unknown (All we can say is that we have no reason to think its anyone who is or was employed with Code Spaces) had gained access to our Amazon EC2 control panel and had left a number of messages for us to contact them using a hotmail address

Code Spaces firm has immediately started the investigation but as explained by the company it became clear that so far no machine access had been achieved due to the attacker not having their private keys, as containment measure it has changed the EC2 passwords. The story is not ended, the company quickly discovered that the attacker had created backup logins, so once the criminals noticed the password change they began deleting artifacts from the panel.

“We finally managed to get our panel access back, but not before he had removed all EBS snapshots, S3 buckets, all AMI’s, some EBS instances and several machine instances,” “In summary, most of our data, backups, machine configurations and offsite backups were either partially or completely deleted.”Code Spaces said. 

“In summary, most of our data, backups, machine configurations and offsite backups were either partially or completely deleted.”

As remarked by Amazon, customers have the responsibility to preserve their credentials for Amazon Web Services, the company offers all the necessary solutions to protect them, including two-factor authentication. The AWS IAM enables control over user credentials, access role separation and least privilege.

The criminals have taken 12 hours to delete all the svn repositories, backups and snapshots, leaving untouched just a few old svn nodes and one git node.

“We finally managed to get our panel access back but not before he had removed all EBS snapshots, S3 buckets, all AMI’s, some EBS instances and several machine instances.” said the statement.

It is a drama for the company that has permanently suspended its activities, it probably will face serious legal problems for the damages caused to its users considering also that it has always declared to implement a a full redundancy for the code through its duplication among data centers on three continents.

“Backing up data is one thing, but it is meaningless without a recovery plan, not only that a recovery plan – and one that is well-practiced and proven to work time and time again,” “Code Spaces has a full recovery plan that has been proven to work and is, in fact, practiced.”Code Spaces said. 

I consider this attack a case study on the potential effect on business of the cyber criminals, to mitigate the cyber threat it is crucial to put in place all the proper mitigation actions.