www-cloudnordic-com.translate.goog
Open in
urlscan Pro
2a00:1450:4001:831::2001
Public Scan
URL:
https://www-cloudnordic-com.translate.goog/?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Submission: On August 23 via manual from US — Scanned from DE
Submission: On August 23 via manual from US — Scanned from DE
Form analysis
1 forms found in the DOMPOST //translate.googleapis.com/translate_voting?client=wt_lib
<form id="goog-gt-votingForm" action="//translate.googleapis.com/translate_voting?client=wt_lib" method="post" target="votingFrame" class="VIpgJd-yAWNEb-hvhgNd-aXYTce"><input type="text" name="sl" id="goog-gt-votingInputSrcLang"><input type="text"
name="tl" id="goog-gt-votingInputTrgLang"><input type="text" name="query" id="goog-gt-votingInputSrcText"><input type="text" name="gtrans" id="goog-gt-votingInputTrgText"><input type="text" name="vote" id="goog-gt-votingInputVote"></form>
Text Content
FOR CUSTOMERS IN CLOUDNORDIC Unfortunately, during the night of Friday 18-8-2023 at 04 a.m., CloudNordic was exposed to a ransomware attack, where criminal hackers shut down all systems. Websites, e-mail systems, customer systems, our customers' websites, etc. Everything. A break-in that has paralyzed CloudNordic completely, and which also hits our customers hard. Since we cannot and do not want to meet the financial demands of the criminal hackers for ransom, CloudNordic's IT team and external experts have been working hard to get an overview of the damage and what was possible to recreate. Unfortunately, it has proved impossible to recreate more data, and the majority of our customers have thus lost all data with us. This applies to everyone we have not contacted at this time. The hacking attack has been reported to the police. STATUS We are deeply affected by the situation, and are aware that the attack is also very critical for many of our customers. In addition to data, we also lost all our systems and servers and have had difficulty communicating. We have now re-established blank systems, e.g. name servers (without data), web servers (without data) and mail servers (without data). GET HELP TO MOVE ON WITHOUT MOVING We are ready to restore customers on the same name servers with a DNS administration interface, as well as new web servers (without data) and mail servers (without data), so that customers have the opportunity to get mail and the web working again, without moving the domain. Write to support@azero.dk with the word RESTORE in the subject line. In the email, write your email and your phone number as well as the domain, and then you will get login to a new website and email solution, where you can upload the website yourself and create email addresses. DIY REGARDING DOMAINS WHERE YOU NEED TO HAVE DNS MANAGEMENT QUICKLY: This is the fastest method to get DNS working again for your domain. * We have re-established all name service servers, but do not have your DNS zone. Much of the zone can often be copied from https://securitytrails.com/list/keyword > your-domain.xx > Subdomains (very technical). * If you contact us at support@azero.dk and you are verified as the owner as described below (via email or phone), you can ask us to be created on our name service again, which the domains still point to. You will then get access to a self-service DNS tool (PowerDNS-Admin), where you can do one of the following: * Create the DNS zone as you know it should be. * Copy zone elements from Securitytrails (see above). REGARDING DOMAINS YOU WANT MOVED: Note that transferring a domain can take days, so if you want to use DNS again more quickly, you can use the option above first, and then possibly move the domain afterwards. * For .dk domains, you can order a new web hotel from another provider, and you yourself have access to approve the transfer of the domain to a new provider, via punktum.dk . * For .com domains, you must also order the domain from a new provider, and then use an authorization code from CloudNordic (auth code), here we ask you to contact us at support@cloudnordic.com . Please note that we are in a very difficult situation as we cannot keep up with all the requests, so please help us to do it as quickly and efficiently as possible. We must verify that we only send auth codes to the owner of the domain, and we can: * Send to the email linked to the registrant (owner) of the domain. * Call you on the phone number connected to the registrant (owner) of the domain and verbally tell them what the code is. We can NOT give you an auth code by calling us, only by calling the applicable number. You must therefore contact support@cloudnordic.com and ask us to call you. * If we cannot contact you by email or phone, the process will become even more time-consuming and will end up at the back of the queue of tasks. We will of course try to carry out the task, but at this stage we cannot say anything about when. We are very sorry for that. * Contact our supplier of .com domains directly. It's Ascio, and they can be contacted at help@ascio.com . * For all other domains, the rules are different. We have all domains other than .dk with the supplier Ascio, so follow the same procedure as for .com. Some will have to use an auth code, at others it is not necessary. SUGGESTIONS FOR BEING ABLE TO RECREATE YOUR OWN WEBSITES: * Own local backup * Copy from Wayback - https://web.archive.org/ SUGGESTED EMAIL: * When you have had mail restored by a provider, and you have all your old mail in a mail client (Outlook, Apple mail and the like) on your own computer, you should make sure to create a new mail account for the new mail account on your client. You can then transfer emails to the new email account in your client. * Hvis du i stedet kommer til at rette oplysninger i eksisterende konto på din mailklient, så vil din mailklient slette alle mails. Herefter kan du kun få mails tilbage, hvis du første laver restore på din mailklient fra før ændringen, og derefter opsætter en ny mailkonto, og så flytter mails over manuelt. På en Mac kan du bruge det indbyggede Time Machine program. HVAD SKETE DER? Det er vores bedste vurdering, at da servere skulle flyttes fra et datacenter til et andet og på trods af at maskinerne der blev flyttet var beskyttet af både firewall og antivirus, så var nogle af maskinerne inficeret inden flytningen, med en inficering der ikke havde været brugt aktivt i det tidligere datacenter, og vi havde ikke viden om at der var en inficering. Under arbejdet med at flytte servere fra det ene datacenter til det andet datacenter, blev servere der tidligere var på separate netværk, beklageligvis kablet sådan at de fik adgang til vores interne netværk, der bruges til administration af alle vores servere. Via det interne netværk, fik angriberne adgang til helt centrale administrationssystemer og backupsystemerne. Via backupsystemet, lykkedes det angriberne at få adgang til: * Al storage (data) * Replikations backupsystem * Sekundært backupsystem Det lykkedes angriberne at lave en kryptering af alle serveres diske, samt på primært og sekundært backupsystem, hvorved alle maskiner gik ned og vi mistede adgang til alt data. INGEN DATABRUD The attack occurred by encrypting all disks for all virtual machines, and we have seen no evidence of a data breach. We have not seen the attackers have had access to the data content of the machines themselves, but to administration systems from which they could encrypt entire disks. Very large amounts of data were encrypted, and we have seen no signs that large amounts of data have been attempted to be copied out. We deeply regret the situation and thank the many loyal customers who have been with us over the years. Sincerely CloudNordic Original text Rate this translation Your feedback will be used to help improve Google Translate