Ongoing DDoS Attack BB23

******************** IMPORTANT SECURITY NOTICE ********************

bb23.sonixcast.com is currently experiencing a DDoS attack mounted from China (source: http://www.digitalattackmap.com/) and is being moved into a different network in order to mitigate the attack. Relay’s and Redirects will be automatically updated and the effect will be immediate. However, customers are to be advised that some minimal service disruption concerning the main url’s is to be expected until DNS propagation in all regions has been achieved. Some issues may occur connecting for live broadcast or accessing the BoomBox control panel using the hostname and customers are encouraged to contact support for an ip-address they can use temporarily until DNS propagation in all regions has completed (usually within 24 hours).

******************** IMPORTANT SECURITY NOTICE ********************

FTP Security Alert

***** IMPORTANT SECURITY ALERT *****

***** FTP HAS BEEN GLOBALLY DISABLED *****

A handful of customers have reported that their music and log folders have suddenly disappeared and after inspecting the associated ftp log files, we were able to find a single common ip-address (95.173.136.168) associated with deletion of files.

Although we cannot prove that the aforementioned ip-address is the culprit, it is highly suspicious that a single ip-address would be associated with the deletion of files across multiple systems.

Needless to say we have temporarily banned the ip network (belonging to Russia) pending a security review and are evaluating other points of exploit.

The impact has been limited to a small portion (at current count about 8) of retail customers located primarily in the Netherlands and South America. At this time, we find that producers in other regions (North America, Asia and the rest of Europa) have not been affected.

Out of an abundance of caution, all customers are encouraged to login to the customer control area (www.sonixcast.com) and to change their passwords both on their account and individual services.

Because of the limited scope of the event, we have no reason to believe that any wide ranging exploit or brute force attack is occuring. FTP passwords are commonly shared by Producers for diverse reasons and we believe a bad actor with malicious intent might be the culprit. However, we highly recommend that all customers update their passwords just to be on the safe side.

***** UPDATE 2018/15/03 *****

We were contacted by facebook and DHS over a month ago that the SoniXCast Producers Group (https://goo.gl/xHzsbN) was being targeted by Trolls, Hackers and Propagandists. We are cooperating with both organizations in order to weed out culprits and were instructed to make no announcements.

However, now that we feel investigation has advanced far enough and innocent individuals are beginning to be affected, I feel it is my duty to inform all to tread cautiously (like elsewhere on facebook) with the information and individuals in the SoniXCast Producers Group. Especially if it concerns unofficial network or system announcements as the majority of the Trolls and Propagandists investigated so far are tied to SoniXCast competitors.

Hackers will try to make direct contact, so I recommend taking extreme caution sharing sensitive information (hostnames, ports, username, passwords and the like) with individuals in the SoniXCast Producers Group.

The only official channels for trusted corporate communications is our website (www.sonixcast.com) including the knowledgebase, announcements, emails from support and ticketing systems, our info blog (info.sonixcast.com) and the official SoniXCast Support Group (https://goo.gl/yquHLX). We are very transparent about our network and system availability which can be viewed in real-time at https://goo.gl/p3gzwf.

To demonstrate the gravity of the situation, last week a handful of customers had their streaming accounts hacked into and all data erased (no personal data was compromised as that sits in a separate highly secure area with no access to the internet). With the help of diverse government agencies, we were able locate the attackers and alert the local authorities. More info here: https://goo.gl/wrsvhA

We view the SoniXCast Producers Group as a discussion group where producers can help each other and exchange ideas. The support team will NOT monitor the SoniXCast Producers Group for support issues. For support use the aforementioned official channels of communication. However, Vincent Reilly will continue to administer the group and forward possible support issues onto the main support team.

IMPORTANT: Those who rant or make outrageous claims should be treated with extreme caution as the threat is ONGOING and there are many eager to make your life difficult. Let common sense prevail.

Comodo SSL – Creating Trust Online

The most recognized Security Certificate in the World.

A Comodo SSL Certificate is the quickest and most cost effective way for an online business to protect customer transactions. Apart from their low cost, each certificate also comes with a great value-added package, which makes them perfect for small to medium size businesses. Choosing Comodo SSL means your site will enjoy the highest security levels and you’ll also receive additional tools that will win customer trust and increase sales conversions. We use it. So should you. Continue reading “Comodo SSL – Creating Trust Online”