Latest Update

May 2021


We have completed our own investigation on the hack. Please read below to learn more.

The hack was caused by a breach in the system of our hosting provider (Cherry Servers). This breach potentially allowed the hacker to obtain login credentials to our hosting panel. We had 2FA enabled on our account. Cherry Servers decided to "upgrade" their admin. In addition, they added a second user to an existing account. This second user is either the emailaddress or the accountname of the user. They silently added this "feature", which left the second user unprotected (no 2FA). The hacker used the second user without 2FA to login on the hosting panel. Having access to the main controlpanel of the ship, the hacker had access to all our data, including backups to our 3rd-party backup provider.
We had backups at the same hosting provider and at a 3rd party backup provider (Backblaze). The hacker had access to both services once logged in on the hosting panel. These backups have been deleted. We decided never to backup wallet keys and user credentials offline, since this could cause many other security issues. Our backup system was designed to help in case of corrupt data. Not in case of hack where the hacker has direct access to literally everything.

Simply explained: You can have the most advanced security system at your home with camera's and alarms. But if the intruder has the alarmcodes and the keys to your house, then none of it makes sense.
Below you will see the logs between us and Cherry Servers.

1st Email (CTO to Cherry)
firstemail
2nd Email (Still no proper reply after 1 month)
2ndemail
Reaction from Cherry
3rdemail
Replying to Cherry
replytocherry
Official Statement released by Cherry
statement
It simply says that they acknowledged the hack. The evidence is there..
But their terms and conditions states that they are not responsible in case of a hack.
We will continue to refund the loss of our users. This will take some time, but we will get there.
In the meantime, we will be focusing also on other ventures to gain funds in order to repay all Altilly users.
We would like to thank everyone else for their contious patience and support.
After releasing this update, we had many people coming in and asking if they could help with getting the funds back or performing actions against Cherry Servers.
We've created a special telegram for this, where you can join and release your idea's.
Any help would be really appreciated.

Click here to join the Telegram Group

New email to Cherry Servers (May 2021)
storycontinues