Hacker exterminates Code Spaces

A hacker has killed off Code Spaces, which is a Subversion and Git hosting provider, used by organisations for project management and development.

The company was doing rather well in the IaaS (Infrastructure as a Service) / DEVOPS community but says there’s just no way for them to resume operations.

It all started on June 17 when the site was hit by a well-orchestrated DDOS attack. Nothing Open Spaces could not deal with, but this was just the start.

The hacker gained access to the outfit’s Amazon EC2 control panel and had left a number of messages for us to contact them using a hotmail address. When they spoke to him the conversation involved the hacker trying to extort a large fee in order to resolve the DDOS.

Open Spaces tried to take control back of its panel by changing passwords, but the intruder had prepared for this and had already created a number of backup logins to the panel and upon seeing the admin make the attempted recovery of the account he proceeded to randomly delete artefacts from the panel.

After the outfit got back panel access the hacker had removed all EBS snapshots, S3 buckets, all AMI’s, some EBS instances and several machine instances.

In other words most of its data, backups, machine configurations and offsite backups were either partially or completely deleted.

All this means that Code Spaces will not be able to operate as the cost of resolving the problem and the expected cost of refunding customers who have been left without the service they paid for will put Code Spaces in an irreversible position both financially and in terms of credibility.

“As such at this point in time we have no alternative but to cease trading and concentrate on supporting our affected customers in exporting any remaining data they have left with us,” the site said.