[chrisandchris]

Fun?

Just last week our shared hosting provider was attacked and the attacker tried to brute-force it‘s way into a management API. I cannot image another reason as „fun“ and „just because we can“ because there‘s nothing to get [besides money after encrypting all data].

So I think the attacker just attacks LE because it‘s in the internet and he can.

[breakingcups]

They could be aiming for credentials to use in credential stuffing attack, a place to put malware, a place to distribute malware, servers to add to their botnet, a proxy to use for shady stuff, the list goes on. I see plenty of reasons to attack a hosting provider and its infrastructure?

Or am I missing something?

[stjohnswarts]

It as a practice run before they try it on a bigger entity