‘MskHost’ Taken Down by Hacktivists Who Will Now Pass Stolen Clientele to the Police

  • Bulletproof Russian hosting provider was eventually taken down by hacktivists who had enough.
  • The clientele of the platform has been exposed on public Telegram channels and will be shared with the police.
  • The firm has stated that this incident marks the end of the road for them, so they will soon wrap up.

After ignoring hundreds of takedown requests and reports about phishing, malware, carding, and botnet campaigns that operated from its service, MskHost was taken down in the weekend by hacktivists who also stole client data and will now give it to the police. Right now, the service’s website, “msk.host,” returns Error 522, which means that the servers have been taken offline by the hacktivists.

In fact, the “well-meaning” intruders hacked the entire hosting infrastructure, the user servers – and exfiltrated all data. Then, they permanently deleted everything they could access, hoping to prevent a quick return to ‘business as usual’ for MskHost. The hacktivists state that they’ve found over 100 unread emails in the “abuse” mailbox of the provider at the time of the attack, indicative of the systematic ignorance the firm opted to follow on that front.

Image: TechNadu

The hackers have shared a link to their Telegram channel where they decided to post the “top” clients ranked according to the expenses they made on the platform, revealing their sometimes obviously fake usernames and their email accounts. At the top of the list, the amounts spent to run phishing campaigns are dizzying. In total, the hacktivists found and exfiltrated details about 5,000 clients.

Image: TechNadu

Obviously, with the law enforcement authorities now holding these details, a wide-scope investigation can begin, and some malware distributors will hopefully find trouble. At worse, the malicious operations of the bigger players will be severely disrupted. As the hackers further detail on their Telegram posts, MskHost was making special deals with the malicious actors, offering them bulletproof servers for five times the price indicated on the site for regular clients.

As for how MskHost responded to the incident, they characterized the hack as very efficiently organized, confirming that half of all their servers were removed in mere minutes. They stated that their top-end clients had been restored by Sunday and promised that everything would return online by Monday. Also, they advised people not to click on the links posted by the hackers, which allegedly lead to client virtual machine images, as these are unsafe and created to drop viruses on the visitors’ machines, log IP addresses, etc.

Finally, MskHost stated that they do not plan to continue their operations for much longer now, thanked their supporters, and stated that if they ever return, it will be through a project on a completely different level.



Banking Trojan Targets 100 Organizations in Brazil

A banking trojan from Latin America was found targeting almost 100 Brazilian organizations and individuals.The malware was first noticed in late August...

The Number of Phishing Emails Impersonating Craigslist Is Growing

Craigslist Gsuite & Microsoft users are being targeted with phishing emails that present a fake user login page.These emails rely on brand...

Best Buy, Home Depot, and Lowes Drop Surveillance Companies Linked With Uyghur Oppression

Best Buy, Home Depot, and Lowes have decided to pull off the shelves all the security cameras from Lorex and Ezviz.The US...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari