We here at SatelliteGuys take security seriously and work hard to protect your info.
Last week we were notified that we were using a lot of bandwidth. I mostly ignored this message as its normal to get these... until yesterday I got another notice from our ISP and.noticed we were at the beginning of our month... we shouldn't be running out of bandwidth.
So I contacted our System Admin AnthonyG to take a look and it took him awhile but he found the issue... There was an exploit in "Elasticsearch" which is the search engine we use here at SatelliteGuys. And through this exploit hackers were able to launch DDOS attacks against other servers.
NO SATELLITEGUYS INFO WAS TOUCHED OR TAKEN. THIS WAS STRICTLY AN ATTACK BOT.
Anthony was able to clean up most of it however the both touched other files changing the date on them, so it is impossible tell tell if it was cleaned 100%.
As you might have noticed search has not been working today and this is the reason why. The Eleasticsearch program has been patched and additional security software has been installed on the server...
However with that said because the dates of many of the unix operation files were changed we are not 100% sure all files were cleaned. This trojan is known to sit dormant and reinstall itself later when it is activated again. Without knowing if we got everything we will need to play on the side of caution and the entire server SatelliteGuys resides on will need to be wiped clean and reinstalled. Because I am going away for my first vacation in over two years I am hoping this can wait until we get back.
It is unknown what the cost of this moving and temporary server may cost. But I feel this is something I feel we must do.
When we do this security wipe, SatelliteGuys will be moved to a temporary server. I would expect the site to be down for at least a few hours as we move things and restore them. But we will worry about that issue when we come to it.
Again we are keeping an eye on things and hopefully this can wait until I return from vacation.
I wanted to let you know what was going on in the interest of doing our best to keep your information secure.
Last week we were notified that we were using a lot of bandwidth. I mostly ignored this message as its normal to get these... until yesterday I got another notice from our ISP and.noticed we were at the beginning of our month... we shouldn't be running out of bandwidth.
So I contacted our System Admin AnthonyG to take a look and it took him awhile but he found the issue... There was an exploit in "Elasticsearch" which is the search engine we use here at SatelliteGuys. And through this exploit hackers were able to launch DDOS attacks against other servers.
NO SATELLITEGUYS INFO WAS TOUCHED OR TAKEN. THIS WAS STRICTLY AN ATTACK BOT.
Anthony was able to clean up most of it however the both touched other files changing the date on them, so it is impossible tell tell if it was cleaned 100%.
As you might have noticed search has not been working today and this is the reason why. The Eleasticsearch program has been patched and additional security software has been installed on the server...
However with that said because the dates of many of the unix operation files were changed we are not 100% sure all files were cleaned. This trojan is known to sit dormant and reinstall itself later when it is activated again. Without knowing if we got everything we will need to play on the side of caution and the entire server SatelliteGuys resides on will need to be wiped clean and reinstalled. Because I am going away for my first vacation in over two years I am hoping this can wait until we get back.
It is unknown what the cost of this moving and temporary server may cost. But I feel this is something I feel we must do.
When we do this security wipe, SatelliteGuys will be moved to a temporary server. I would expect the site to be down for at least a few hours as we move things and restore them. But we will worry about that issue when we come to it.
Again we are keeping an eye on things and hopefully this can wait until I return from vacation.
I wanted to let you know what was going on in the interest of doing our best to keep your information secure.
