[009] Technical Report | 20/09/2019 | Spicy & Teriyaki Downtime

Started by Callum603, September 20, 2019, 12:49:53 AM

Previous topic - Next topic

Callum603


Technical Report - 20/09/2019

SERVER2 was infected by a crypto currency mining malware causing Spicy & Teriyaki to go offline

Due to a malware attack on our SERVER2, Spicy & Teriyaki were knocked offline as theh attack was attempting to use ~2800% of our CPU resources.

As good practice, the server OS was wiped and reinstalled along with redeploying our services from clean backups.

I have also taken the liberty to severely harden our server security, this has been increased to a much harsher and higher degree than after the previous attack on the EE server affecting the London RPG-X server.

I would like to take this opportunity to reassure everyone that no personal data was accessed as the attack was isolated to our SERVER2.

This has also given me the chance to get Spicy & London running exactly the same, fixing a couple of issues with Spicy and making managing both servers a whole lot easier.

A full security review of the TLO servers will be performed in the coming days and I intend to roll out some security changes in an attempt to make us much more secure.

Thank you for bearing with us during this downtime.

Head of Technical Reporting: Callum603