 |  |  |  |  |  |  |  |
VAServ hacker damages 100,000 websites
Hackers managed to get root access to a large Internet Service Provider, reportedly via a zero day vulnerability over the weekend, and destroy data from 100,000 websites as a result. The UK-based ISP, VAServ, has stated that the attackers apparently exploited a vulnerability in virtualisation software called HyperTM in order to gain access to the servers.
It would appear that around 100,000 of the websites hosted at Vaserv had data destroyed in one hit on Sunday, possibly courtesy of a recursive delete 'rm -rf' Unix command. Unfortunately, many VAServ customers have an unmanaged account with no data backup. It is estimated that half the sites hosted at VAServ are still offline as a result.
The compromise has all the hallmarks of being a highly targeted SQL injection attack on the ISP's central management software, a deliberate infrastructure breach rather than kiddies doing random scanning according to a spokesman for VAServ.
A VAServ statement admits "We have worked tirelessly through the night and over the last 48 hours to recover as many VPS as possible. However, we have now reached the end of all of our servers, and as such, if your server is not currently up, or not partly up (i.e. it is up but not working due to a configuration issue) then it is unfortunate that you will have lost your data due to this third party attack."
It would appear that around 100,000 of the websites hosted at Vaserv had data destroyed in one hit on Sunday, possibly courtesy of a recursive delete 'rm -rf' Unix command. Unfortunately, many VAServ customers have an unmanaged account with no data backup. It is estimated that half the sites hosted at VAServ are still offline as a result.
The compromise has all the hallmarks of being a highly targeted SQL injection attack on the ISP's central management software, a deliberate infrastructure breach rather than kiddies doing random scanning according to a spokesman for VAServ.
A VAServ statement admits "We have worked tirelessly through the night and over the last 48 hours to recover as many VPS as possible. However, we have now reached the end of all of our servers, and as such, if your server is not currently up, or not partly up (i.e. it is up but not working due to a configuration issue) then it is unfortunate that you will have lost your data due to this third party attack."
0
•
•
•
•
Oh boy, this one just gets worse and worse: looks like the boss of the company that developed HyperVM has killed himself. He was found hanged in his Bangalore house.
Similar Threads
- News Story: The $52,000 hacker phone bill (Network Security)
- 100,000 uniques/285,000 impressions - $5 Trial - Niche Target Banner System Available (Ad Space for Sale)
- News Story: Virtual Nightclub - $100,000 (Upcoming News Stories)
- 100,000 forum posts! (Upcoming News Stories)
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Network Security Posts
- Today's Posts
- Unanswered Threads
advertising age amd apple avatar bluegene botnet broadband browser business cellphone censorship china chips copyright crime data database design development dos downloads economy email encryption energy enterprise europe facebook firefox gadget games gaming google government hack hacker hacking hardware ibm ibm.news intel intelibm internet iphone ipod itunes law legal linux mac malware marketing medicine memory microsoft mobile mozilla music news openoffice opensource os pc piracy porn privacy ps3 recession redhat report research russia search security sex socialnetworking software spam sun supercomputer supercomputing survey technology trends trojan twitter ubuntu uk video virus vista web windows windows7 working x86 xbox yahoo youtube