We have completed our own investigation on the hack. Please read below to learn more.
The hack was caused by a breach in the system of our hosting provider (Cherry Servers).
This breach potentially allowed the hacker to obtain login credentials to our hosting panel.
We had 2FA enabled on our account. Cherry Servers decided to "upgrade" their admin.
In addition, they added a second user to an existing account.
This second user is either the emailaddress or the accountname of the user.
They silently added this "feature", which left the second user unprotected (no 2FA).
The hacker used the second user without 2FA to login on the hosting panel.
Having access to the main controlpanel of the ship, the hacker had access to all our data,
including backups to our 3rd-party backup provider.
We had backups at the same hosting provider and at a 3rd party backup provider (Backblaze).
The hacker had access to both services once logged in on the hosting panel. These backups
have been deleted.
We decided never to backup wallet keys and user credentials offline, since this could cause
many other security issues.
Our backup system was designed to help in case of corrupt data. Not in case of hack where
the hacker has direct access to literally everything.
Simply explained: You can have the most advanced security system at your home with camera's
and alarms. But if the intruder has the alarmcodes and the keys to your house, then none of
it makes sense.
Below you will see the logs between us and Cherry Servers.
1st Email (CTO to Cherry)
2nd Email (Still no proper reply after 1 month)
Reaction from Cherry
Replying to Cherry
Official Statement released by Cherry
It simply says that they acknowledged the hack. The evidence is there..
But their terms and conditions states that they are not responsible in case of a hack.
We will continue to refund the loss of our users. This will take some time, but we will get
In the meantime, we will be focusing also on other ventures to gain funds in order to repay
all Altilly users.
We would like to thank everyone else for their contious patience and support.
After releasing this update, we had many people coming in and asking if they could help with
getting the funds back or performing actions against Cherry Servers.
We've created a special telegram for this, where you can join and release your idea's.
Any help would be really appreciated.