• Experienced supporting personnel
  • 24x7x365 access to tier 3
  • 100% controlled decisions for SuperMicro servers
  • Monitoring of all servers 24/7
  • Several basic providers
  • 99.9% uptime

Hacker attacks on Democratic Party services

King Servers (https://www.king-servers.com), which owns servers from which the hacker allegedly performed attacks on the United States Democratic Party, states the absence of any «Russian trace» in this cybercrime nor its own involvement. The company also reported that the attackers still owe the company $US290 for rental services and King Servers send an invoice for the payment to Donald Trump & Vladimir Putin, as well as the company reserves the right to send it to any other person who will be accused by mass media of this attack.

King Servers, owned indeed by Russian nationals, provides VPS and VDS rental services of the equipment, physically located in the Netherlands. Earlier, after the FBI alert (https://s.yimg.com/dh/ap/politics/images/boe_flash_aug_2016_final.pdf) and analysis from Threat Connect (https://threatconnect.com/blog/state-board -election-rabbit-hole /), the world’s leading media were spreading information about the discovery of the so-called «Russian trace» in the attacks on the United States democratic party in Illinois. The «Russian trace» was mostly presented as the use of King Servers services, stating that the company belongs to russian citizens.

As of September 15 neither King Servers receieved any complaints or appeals for any server misuse or abuse, nor any public authority did any attempts for servers withdrawal. Due to that King Servers found out about the issue related to that attack only on September 15, at 7 am Moscow time, and immediately shut down identified servers.

The analysis of the internal data allows King Services confidently refute any conclusions about the involvement of the Russian special services in this attack. Attackers rented two servers using probably fabricated personal and identification data. After the attack servers were wiped out. However, King Servers maintains logs of accessing administrative control panel. After log analysis, King Servers obtained a list of about 60 of all possible IP addresses of «hackers», none of which belongs to any russian ip range. Attackers were logging into administrative control panel mainly from Scandinavian countries (Norway, Sweden) and from the European Union (Italy). In case if the company would collaborate with the special services of the Russian Federation, such a conspiracy would be clearly excessive.

King Servers technical support in Russia also received some tickets, written in very poor broken English, which the company finds to be very unlikely for Russian intelligence agencies seeking help from the Russian company. Payment for servers were done through semi-anonymous Russian payment system, albeit very well-known in Russia for virtually open collaboration with US security agencies at least since 2011, when American security experts close to the state intelligence and counterintelligence agencies in the United States were easily publishing personal private data from that payment system, referring to its own «sources» within the system staff. With high probability, attacker’s servers were controlled by one person, since there are lots of IP matches between two accounts. The alleged hacker is likely to be a very poor English speaker, as one of the e-mail addresses used for registration, contains the following verbatim name — Robin Good (through G).

King Servers retained all the investigation materials, copies of server log files and correspondence and is ready to provide them to any interested party, law enforcement agencies or media, in accordance with the law.

King Servers Company emphasizes that it is the company’s duty to bring this information to the public and individually thanks the press-service of ChronoPay.com, a company who kindly agreed to assist in this matter.