This is some bull shit, somehow somebody was able to zero wipe my VM disks ..... everything gone again.....and is now trying to ddos me with 5Gbps of traffic
Login to reply
Replies (27)
Well that’s lame as fuck…
siiigghhhh
Damn 😬 that sucks
Insider threat from your vps provider? Or haxor targeted your VMs & escaped hyper visor ?
Via LNVPS for sure, same time somebody was spamming from a VM idk how they done it because the disks are all zeros
What did you use for virtual machine provision?
Proxmox
Courage man
is this why zap stream isn't working? so sad. I wanted to stream. I think someone is jealous of zap stream cuz it's innovative and trying to attack it.
Tried to zap you son courage.
What do you use
VirtFusion, but basically both Proxmox and VirtFusion are just a libvirt frontends
Yea was going to ditch proxmox at some point, there is binding libs for libvirt in rust, was going to run it directly inside the lnvps backend
“stress testing”? Sucks but it’s better to know now… what setup are you running - local proxmox?
I noticed the ZapStream node go down last night 😓 that sucks so bad bro
Did you have a backup??
😱
What are we xitter trying to cut federal costs?
nostr:nevent1qqs0l3sjhktgm7ytxtmkyhwrepcgzzajjyhx80w09q4rxlvckwdagfsppemhxue69uhkummn9ekx7mp0qgsx8lnrrrw9skpulctgzruxm5y7rzlaw64tcf9qpqww9pt0xvzsfmgrqsqqqqqpnyv7z5
Vulnerability of proxmox?
Wiping disks before a ddos is pretty weird. Usually, a ddos is just someone being a dick or someone trying to extort you. You are either dealing with two attackers or someone who's motivation is to put you out of business. Two attackers is unlikely. That just leaves putting you out of business. Suspects would be competitors, governments and NGOs. It will take serious infrastructure and expertise to deal with a threat like that. Hopefully I'm wrong, and it's just some asshole kid who will get bored with you in a few days.
Yea I think you might be right, unfortunately there is no logs on the VM anymore its all zeros, not even a partition table
Im not sure tbh, I wasnt too far out of date so its possible, but if they were able to access the disks why not drain the lightning node or something its really strange... although it possible that they did...
You should have offsite logging that attacker cannot wipe in case of compromise of this machine
Hang in there Kieran 🍺
….what….
sigh
.