# Linode Hacked



## OSTKCabal (Jan 5, 2016)

After days of DDoS attacks on their infrastructure, Linode has just posted that their management console has been compromised.


Tweet: https://twitter.com/linode/status/684448030867734528


Quoted Post:


"Security Notification and Linode Manager Password Reset


January 5, 2016 1:53 pm
Effective immediately, Linode Manager passwords have been expired. You will be prompted to set a new password on your next login. We regret this inconvenience, however this is a necessary precaution.


A security investigation into the unauthorized login of three accounts has led us to the discovery of two Linode.com user credentials on an external machine. This implies user credentials could have been read from our database, either offline or on, at some point. The user table contains usernames, email addresses, securely hashed passwords and encrypted two-factor seeds. The resetting of your password will invalidate the old credentials.


This may have contributed to the unauthorized access of the three Linode customer accounts mentioned above, which were logged into via manager.linode.com. The affected customers were notified immediately. We have found no other evidence of access to Linode infrastructure, including host machines and virtual machine data.


The entire Linode team has been working around the clock to address both this issue and the ongoing DDoS attacks. We’ve retained a well-known third-party security firm to aid in our investigation. Multiple Federal law enforcement authorities are also investigating and have cases open for both issues. When the thorough investigation is complete, we will share an update on the findings.


You may be wondering if the same person or group is behind these malicious acts. We are wondering the same thing. At this point we have no information about who is behind either issue. We have not been contacted by anyone taking accountability or making demands. The acts may be related and they may not be.


The security of your data, the functionality of your servers, and your confidence in Linode are extremely important to all of us. While we feel victimized ourselves, we understand it is our responsibility, and our privilege as your host, to provide the best possible security and service. You can help further enhance the security of your account by always using strong passwords, enabling two-factor authentication, and never using the same password at multiple services.


We sincerely apologize for the recent disruptions in your Linode service. Thank you for your patience, understanding and ongoing trust in Linode.


Filed under: announcements by Linode Security Team"


----------



## drmike (Jan 5, 2016)

Oh boy 


Faith in Linode declining...


"... discovery of two Linode.com user credentials on an external machine..."


What does that even mean?  Could be user accounts seen the wild, which come on, hackers do that routinely... 


Looking forward to Linode's customer database...


----------



## wlanboy (Jan 5, 2016)

Wow - when sh** hits the fan.


At least I am not a customer of Linode.


----------



## ChrisM (Jan 5, 2016)

Linode's security team:


----------



## DomainBop (Jan 5, 2016)

drmike said:


> Faith in Linode declining...



My faith in them declined 3 years ago when they first tried to deny their database had been hacked...




> _Dear Linode customer,_
> 
> 
> 
> ...




http://blog.linode.com/2013/04/12/security-notice-linode-manager-password-reset/


...and then 4 days later they admitted they'd been hacked and that customers' credit card details and passwords may have been compromised.



> As a result of the vulnerability, this group gained access to a web server, parts of our source code, and ultimately, our database...
> 
> 
> ...Credit card numbers in our database are stored in encrypted format, using public and private key encryption. The private key is itself encrypted with passphrase encryption and the complex passphrase is not stored electronically. Along with the encrypted credit card, the last four digits are stored in clear text to assist in lookups and for display on things like your Account tab and payment receipt emails...



https://blog.linode.com/2013/04/16/security-incident-update/


TL;DR: Linode's security track record isn't much better than Fabozo's


edited to add: ...and then there was that Bitcoin heist hack in 2012 and the SWAT team raid in 2014...


----------



## drmike (Jan 5, 2016)

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ THIS ^^^^^^^^^^^^^^^^^^^ HAS ME LAUGHING ^^^^^^^^^^^^^^ ouch Linode.


----------



## HBAndrei (Jan 5, 2016)

I really liked their performance... oh well, I guess it's about that time to pack and move on.


----------



## HN-Matt (Jan 13, 2016)

I've never had a Linode account so have no real opinion of their service, but have found their tutorials to be useful in the past, at least. Is any other provider more thorough in that area?


----------



## drmike (Jan 13, 2016)

HN-Matt said:


> I've never had a Linode account so have no real opinion of their service, but have found their tutorials to be useful in the past, at least. Is any other provider more thorough in that area?



Digital Ocean has done wonders with their tutorials.  Definitely a viable competitor who has spent to amass what they have in that regard.


----------



## HBAndrei (Jan 13, 2016)

KnownHost-ChrisM said:


> Linode's security team:



I laughed so hard on this, thank you!


On a more serious note, we've moved everything off Linode and closed the account (since they refused to remove the credit card on file and allow us to keep the account *oh well*).


----------



## AtlanticServers (Jan 22, 2016)

Not the first time
Not the last time


----------

