VAServ hacker damages 100,000 websites


Hackers managed to get root access to a large Internet Service Provider, reportedly via a zero day vulnerability over the weekend, and destroy data from 100,000 websites as a result. The UK-based ISP, VAServ, has stated that the attackers apparently exploited a vulnerability in virtualisation software called HyperTM in order to gain access to the servers.

It would appear that around 100,000 of the websites hosted at Vaserv had data destroyed in one hit on Sunday, possibly courtesy of a recursive delete 'rm -rf' Unix command. Unfortunately, many VAServ customers have an unmanaged account with no data backup. It is estimated that half the sites hosted at VAServ are still offline as a result.

The compromise has all the hallmarks of being a highly targeted SQL injection attack on the ISP's central management software, a deliberate infrastructure breach rather than kiddies doing random scanning according to a spokesman for VAServ.

A VAServ statement admits "We have worked tirelessly through the night and over the last 48 hours to recover as many VPS as possible. However, we have now reached the end of all of our servers, and as such, if your server is not currently up, or not partly up (i.e. it is up but not working due to a configuration issue) then it is unfortunate that you will have lost your data due to this third party attack."

Member Avatar
Davey Winder

I've been a freelance word punk for more than two decades and for the last few years an Editorial Fellow at Dennis Publishing. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011. As well as working for DaniWeb I have been a Contributing Editor with PC Pro (the best selling IT magazine in the UK) for twenty years.


Oh boy, this one just gets worse and worse: looks like the boss of the company that developed HyperVM has killed himself. He was found hanged in his Bangalore house.

Isn't it about time forums rewarded their contributors?

Earn rewards points for helping others. Gain kudos. Cash out. Get better answers yourself.

It's as simple as contributing editorial or replying to discussions labeled or OP Kudos

This is an OP Kudos discussion and contributors may be rewarded
Start New Discussion
View similar articles that have also been tagged: