So, did anyone else hear or know anything about @MDaemon_Technologies ​’s ransomware attack? I just went to their website to look for some info on an issue we were having and was met with this:

How is it that we were not notified about this? It’s apparently been almost a week? I went back through our emails and nothing from them whatsoever. I am very concerned about the fact that malicious actors have had access to their systems, and possibly our protected information.

Anyone else here about this? Also surprised not to see this on the Snap!..

(I searched Spiceworks to find anything I could but nothing came up. If this is a cross-post, point me in the right direction!)

@sean-spiceworks @rhummel

8 Spice ups

Hadn’t heard this. Maybe a little surprised at that.

It sounds as if they’re concentrating on restoring service to their customers first and then restoring files. Honestly, I’d rather have them do that than put out puff-piece PR stuff.

This is one reason I in-source all my computer services.

2 Spice ups

I’m with you there, @rhummel ​. But I am not looking for any puff-pieces. Just some real information so their customers can make informed decisions.

If their systems are down to the point that they don’t even have a customer database, okay I get why I didn’t get any type of email. But for as active as guys like @brad-mdaemon-technologies ​ are on Spiceworks, I would think they would at least post something here for us to see. I am sure they are in the trenches over there (rooting for you guys!), but don’t leave your customers to wonder what is going on - be proactive. It doesn’t take that much effort to give us some real information.

As far as I can tell, this has been going on for 10 days now. Reading through the comments on Facebook, there are a lot of customers experiencing a major interruption to their services.

I don’t disagree with anything you’ve said.

My install is showing active and no issues as far as user count, etc. I wonder if this is affecting hosted and those trying to make changes to their license terms.

Yes, it would be helpful to have an up-to-date status.

If they stole the user database, I’ll be on the lookout for phony Mdaemon emails… Click here to upgrade…

1 Spice up

Hello Jonah and fellow Spiceheads,

We understand your concern at learning of this attack. Our intent is to be as transparent as possible, which is why we immediately published the customer alert and FAQs on our website. We have also been emailing our channel and customers but recognize not everyone has been contacted due to some temporary system limitations. After the final forensic analysis is completed and we can make a definitive statement, we will be sharing more details with customers and the public on this incident.

Like many companies, we successfully block many attempted attacks on our network. We do know this was a targeted attack against our company and according to the cybersecurity experts and authorities we are working with, this was a new hybrid attack variant coordinated by multiple groups.

Our focus has been on isolation, eradication, and full restoration of our network environment. As Robert mentioned, we were immediately working on safely restoring some core systems to ensure minimal impact on software users.

All known issues communicated on the social media channels we identified in our customer alert have been fixed and we continue to work quickly with affected customers as issues are reported.

We will continue to provide daily updates on the customer alert page and appreciate your patience and understanding.