this post was submitted on 05 Aug 2023
366 points (98.4% liked)

Technology

59428 readers
3547 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 
top 20 comments
sorted by: hot top controversial new old
[–] nightwatch_admin@feddit.nl 76 points 1 year ago (1 children)

Nice, another bunch of assholes out of business. Just one question: why the fk did they not have backups? They weren’t just wee little hateful bastards but stoopid on top too?

[–] Unforseen@lemmy.world 42 points 1 year ago* (last edited 1 year ago) (3 children)

As someone who deals with this sort of thing, for ransomware and other destructive intrusions, the first thing they go for is the backups themselves.

Companies that have an second backup copy that is seperate somehow so non-lateral movement isn't possible are the ones that survive this level of breach.

Or they could just be stupid (cheap) and didn't have any lol

[–] 50gp@kbin.social 13 points 1 year ago (1 children)

well they dealt in malware, perhaps they wanted the evidence to be easy to delete in case law enforcement decided to visit

[–] kautau@lemmy.world 5 points 1 year ago

oh_shit_burn_it_all.sh

[–] 1984@lemmy.today 4 points 1 year ago* (last edited 1 year ago) (1 children)

Often the server needs access to make backups, so when you get in and get root, you sometimes also have access to delete the backups.

It depends on how it's set up. If the server pushes the backups somewhere else and has write access, then the hacker can delete them. But if another account logs in to the server and makes a backup and downloads it, it's impossible for the hacker to access the backup.

Depends on if you planned for the scenario or not.

[–] evatronic@lemm.ee 8 points 1 year ago (1 children)

Part of a good backup solution involves ensuring that it's literally impossible for the "root" / "administrator" whatever user on the production system to delete the backups. For instance, were this AWS, it would be done by creating a separate AWS account and use IAM roles to provide access to a S3 bucket with the "DeleteObject" permission explicitly denied. Perhaps, even deny everything except something like PutObject, and ensure the target S3 bucket is versioned, so even overwriting the contents with garbage is recovered by restoring a previous version.

But most businesses don't think like that.

[–] 1984@lemmy.today 3 points 1 year ago

Yup. I work as a devops guy with aws and that's what I do. But I've seen a lot of enterprises having no clue about these things.

[–] nightwatch_admin@feddit.nl 3 points 1 year ago

I go for stupid &cheap, most people think backups is when onedrive and Microsoft reinforces that insane idea with popups).

[–] spacedancer@lemmy.world 64 points 1 year ago (2 children)

How are these companies able to operate in broad daylight in the EU of all places? I mean the name itself is saying out loud what they do.

[–] AndrewZabar@lemmy.world 30 points 1 year ago (1 children)

All law enforcement and regulatory bodies have their plates full non-stop in this Wild West world we live in now. At any moment for every criminal that’s caught a hundred get away with something.

[–] DeanFogg@lemm.ee 18 points 1 year ago* (last edited 1 year ago) (1 children)

Yeah, are they a malware company?

[–] Slowy@lemmy.world 19 points 1 year ago* (last edited 1 year ago)

No its more for secretly spying on a partner you suspect of cheating or child’s phone activity. I think you need to get ahold of the device in question and have it unlocked to install this. Still very unethical obviously

[–] formContainer@feddit.ch 51 points 1 year ago

The more I read this the bigger my smile gets. Fuck these guys and good riddance

[–] autotldr@lemmings.world 41 points 1 year ago (1 children)

This is the best summary I could come up with:


Poland-based spyware LetMeSpy is no longer operational and said it will shut down after a June data breach wiped out its servers, including its huge trove of data stolen from thousands of victims’ phones.

In a notice on its website in both English and Polish, LetMeSpy confirmed the “permanent shutdown” of the spyware service and that it would cease operations by the end of August.

A separate notice on LetMeSpy’s former login page, which no longer functions, confirmed earlier reports that the hacker who breached the spyware operation also deleted the data on its servers.

A copy of the database was obtained by nonprofit transparency collective DDoSecrets, which indexes leaked datasets in the public interest, and shared with TechCrunch for analysis.

The database also contained information that shows the spyware was developed by a Krakow-based tech company called Radeal, whose chief executive Rafal Lidwin did not respond to a request for comment.

Spytrac, a spyware with more than a million user records in its database, was confirmed to be operated by Support King, a tech company banned from the surveillance industry by federal regulators in 2021 for previously failing to secure stolen data from its then-flagship spyware app, SpyFone.


I'm a bot and I'm open source!

[–] jopepa@lemmy.world 12 points 1 year ago
[–] rynzcycle@kbin.social 38 points 1 year ago

Live by the spy, die by the sudo rm -rf/

[–] tanja@lemmy.blahaj.zone 13 points 1 year ago

Based. Good riddance 🏌️‍♀️

[–] johnlobo@lemmy.world 7 points 1 year ago

did they try to make triforce?

[–] finkrat@lemmy.world 4 points 1 year ago

Internet vigilantes FTW