zlacker

[parent] [thread] 3 comments
1. OsrsNe+(OP)[view] [source] 2026-02-02 02:21:25
So the hosting provider was hacked? Who was their hosting provider?

This is also why update signatures should be validated against a different server; it would require hackers to control bother servers to go undetected

replies(3): >>gruez+21 >>dontdo+od >>techni+bi
2. gruez+21[view] [source] 2026-02-02 02:32:10
>>OsrsNe+(OP)
>This is also why update signatures should be validated against a different server; it would require hackers to control bother servers to go undetected

No, it should be a hardcoded key held by the developer, preferably using a HSM, and maybe with some sort of notification capability in case the key was lost. Adding a second server adds marginal security. For instance if the developer's mail was hacked, an attacker would likely be able to reset passwords for both hosting providers.

3. dontdo+od[view] [source] 2026-02-02 04:46:55
>>OsrsNe+(OP)
Previous NS records were pointing at dns-parking.com, which is Hostinger. Although hard to be certain without more details whether a reseller or other supplier is involved.
4. techni+bi[view] [source] 2026-02-02 05:39:15
>>OsrsNe+(OP)
You can see this in their DNS history:

notepad-plus-plus.org currently has an A record of 95.128.42.184, owned by "Aqua Ray SAS".

It switched up from 191.101.104.10 and 212.1.212.49 on 17/1, which is are Hostinger IP addresses.

[go to top]