New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
ColoCrossing Database Breach
beanman109
Member, Megathread Squad
Just got this email to my registered ColoCrossing email
Full Email Text:
Dear representatives of ColoCrossing administration and users of hosting services,
We hereby inform you of documented facts that testify to gross violations in the operation of your infrastructure:
1. Illegal content and lack of moderation
- Numerous instances of:
* Deepfake content using images of public figures and private citizens
* Content that violates legislation on the protection of minors
* Extremist and violent content.
2. Critical security vulnerabilities
- Multiple attack vectors have been identified that allow:
* Gain unauthorized root access to client servers
* Bypass authentication and authorization systems
3. Misuse of infrastructure for illegal purposes
- There are cases of exploitation of your resources for:
* Organizing botnets and distributing malware
* Providing anonymization of illegal activities via Tor-nodes, as well as XRay/WireGuard/X-UI/OpenVPN protocols.
Requirements for the administration of ColoCrossing, as well as users who have stored such content:
- Contact us
- Pay us for our silence so that we don't hand over logs/emails/ip addresses and other information proving violations.
- Resolve problems with similar content, we can help with this for an additional fee.
User Recommendations:
Until confirmation that the above violations have been remedied, we strongly recommend that you refrain from:
- Storing sensitive data on the platform
- Conducting financial transactions through ColoCrossing as well as HostPapa Inc. services.
- Using hosting services for mission-critical projects
To confirm remediation of breaches and for more information:
Telegram: https://t.me/ransombotbot
Telegram: https://t.me/ransombotbot
Telegram: https://t.me/ransombotbot
Please note that in the absence of an adequate response within the established timeframe, a full whistleblowing procedure will be initiated to inform all stakeholders of the identified violations, including:
- Regulators of relevant jurisdictions
- Media
- Professional community
Edit: email headers: https://pastebin.com/VjvE706L
Comments
Same. Sender is @colocrossing.com tho.
not hot
in shambles 🥀🥀🥀
Sorry for obvious question but you didn't specify, email address unique to your colocrossing account?
Just sent them 2000$ on telegram to keep them silent and they promised not to expose my sisters and you’re telling me it’s a scam????
I've received same email.
The end is nigh
No I use my personal email for pretty much most things like an idiot
Headers with (hopefully) my personal details revoked
https://pastebin.com/VjvE706L
I don't have a server and have received this email, and those who have CCS around me have also received emails, and there are many of them. There is no violation in the VPS
straight from sendgrid ip
end is rreally nigh
Ffs 🤣🤣
I got sent one too. Luckily I use an alias email.
@angstrom @Arkas @DP @jbiloh
Shouldn't the title be changed? After all, an email supposedly coming from [whoever]@colocrossing.com with wild allegations but no proof whatsoever, and even worse, in a blackmailing context, is NOT indicative of a breach of colocrossing infrastructure.
@ColoCrossing
Be sure to hand any and all evidence to LEA so as to get those blackmailing assholes behind bars!
This is the ultimate beanman109 birthday gift
Change it to whatever they want idc, I just wanted to be the first to post it to farm those thanks
Call it a ColoCrossing megathread for all I care
Once they make them spendable we heading straight to the ferrari dealership 🤝
Yea I'm not sure I see proof of an actual tie to Colocrossing, we might be jumping the gun a bit.
KEEP CLAM!
FOR IMMEDIATE RELEASES
end is nigh
happily have 0 service from them
got the same. Was more confused than worried, but looks their main site is down now too. Kinda fun, their last FB post was about advanced DDOS protection. Guess they were ready with the wrong type of protection.
sendgrid IP with a passed SPF isn't a great look
Well this was unexpected for my birthday...
got the email as well
comparing the headers or older & legitimate emails, looks like someone got access to cc email system
Pictures of my sisters are going to be leaked without the hour this can’t go on @ColoCrossing
Interesting. I didn't get an email and I have a dedi. Either they are not sending to everyone, list they have is old, it's a scam, or just email was hacked maybe?
I received it too. I feel my personal privacy has been leaked, and the hacker has read all my server data.
can confirm they got the whole database and virtualizor
local sisters crying
i don't get any emails from colocrossing, at all, so i'm fine