Security incident Nov 23rd, 2017
Nov 25, 2017 | 31 comments
Incident time: Nov 23rd, 2017 8:49:11 AM EST
Resolution time: Nov 24th, 2017 7:15 AM EST
Number of affected websites: 1,340
Number of affected users: 5,000-10,000
Type of attack: malware
Sites using live chat button, embedded widget or NO-JS type installation were not affected.
Only a very small number of visitors were affected since only one of 68 servers we use for content delivery was compromised.
Q & A
* Any possible exposure of personal details or information?
NONE. This was a crypto currency miner script(JS). Its purpose is to mine crypto currency and not to target theft of personal information.
* What symptoms would a customer experience if they were impacted by the malware? Or how can they tell if they were directly impacted?
High CPU utilization while the web page with the script was open.
* Is there anything the customer needs to do to remove the malware from their system if they were affected?
Refresh or close the web page serving the script.
* Was the issue completely resolved?
Our team has completely resolved the active issue. While no client websites are still experiencing an issue, we are taking additional steps to help prevent this from occurring again and will continue to monitor all activity.
This incident was very unfortunate, especially considering the timing of the event falling on the Thanksgiving Holiday. The attackers’ intent of making a few dollars ended up causing havoc for a lot of innocent customers, businesses and employees.
We thank our loyal clients for their understanding and patience given and our employees for dropping everything (including the turkey leg) to have all hands on deck during the holiday.
For additional questions or concerns please contact help (at) livehelpnow.com or start chat at livehelpnow.net.