On December 24th, we became aware of issues with our supported exchange Altilly, users had reported wallets had been taken offline around the same time as another known exchange hack on livecoin.net and after some time Altilly Exchange put up a notice on their website disclosing a server side attack.
Altilly Exchange put out his statement regarding the ongoing investigation:
Update: 26th of December 2020 – 01:25 CET
Dear Altilly users,
Earlier this week on the 23rd. We noticed suspicious activities on our Altilly servers.
There were 3 servers that suspiciously rebooted around the same time. After checking the servers, we noticed unusual activity and a new system user had been created on our servers. It appears that these systems were hacked above OS level using recue mode during the reboot. Since we were unsure exactly what happened, we decided to start working on movings things over to a new hosting provider.
Late night on the 25th or early morning on the 26th, we were again alerted to another system reboot. While we were checking into that, we lost access to our servers at our current hosting provider. This includes the production webservers, the databases, and wallets. It appears that a request came in via the hosting client portal to delete all servers on the account.
We are unsure of what the outcome will be until the hosting company has done their audit and checks to see if data is recoverable. We will post additional information here when we have more info.
Which was followed up this morning with this statement:
Update: 26th of December 2020 – 10:41 CET
It appears that our offsite storage account was also compromised using the API keys from the backup program on the affected servers. All backup files at that location were removed. It should be assumed that the hacker(s) have access to these backups, as there was download activity from that account prior to deletion. We do have a ticket in with this provider to see if anything can be recovered.
At this time there is not much that we as a community can do to recover the funds such is the glaring problem with centralized exchanges, however we will be keeping in contact with Altilly staff and other coin developers who were also affected in working out methods to help mitigate any affected funds. This includes potentially blocking or blacklisting affected addresses from the network to prevent the dispersion of affected funds to other exchanges or services.
We ask for your patience while we do what we can to make the best of a bad situation.
If you have any questions or concerns, please fell free to reach out to us on our Discord server for the fastest response time.
Canada eCoin Staff