Vastspace Security Breach Alert: Brute Force Attack

Recently, we are observing a spike of brute-force attack towards SMTP/IMAP connections from different IP addresses with the same machine name – “ylmf-pc“. It could be many malware affected machines involved or an extended IP spoofing.
At Vastspace, we take security very seriously and we will do our level best to drop these connections through our firewall at the earliest possible means. However, the most effective way to counter these attacks is to enusre all your email accounts are using strong passwords.

Strong Password consist of using numbers, symbols and mix of upper and lower case letters and at least 8 characters and above

Your computers especially those installed with Microsoft Windows Operating system should be protected by the latest and update Anti-virus software. 

The following is a sample of the logs transaction of a server under attack.

2014-12-08 09:21:54 dovecot_login authenticator failed for (ylmf-pc) [46.183.221.90]:57041: 535 Incorrect authentication data 2014-12-08 09:22:06 dovecot_login authenticator failed for (ylmf-pc) [46.183.221.90]:57536: 535 Incorrect authentication data 2014-12-08 09:22:17 dovecot_login authenticator failed for (ylmf-pc) [46.183.221.90]:58041: 535 Incorrect authentication data 2014-12-08 09:22:29 dovecot_login authenticator failed for (ylmf-pc) [46.183.221.90]:58529: 535 Incorrect authentication data 2014-12-08 09:22:41 dovecot_login authenticator failed for (ylmf-pc) [46.183.221.90]:59031: 535 Incorrect authentication data 2014-12-08 09:22:52 dovecot_login authenticator failed for (ylmf-pc) [46.183.221.90]:59500: 535 Incorrect authentication data

Feel free to write in to support@vastspace.net if you have questions.