NYJimbo
Well-Known Member
- Reaction score
- 2,010
- Location
- Long Island
I posted this in the general chat area because it does not relate to computer repair but I know many of you do web hosting and might find this interesting.
This past weekend there was a massive hacker attack against a hosting environment known as HyperVM which is a virtual management system that is controlling well over 30,000 virtual private servers. It was done by some hacker who most likely got the info from a "press release" from millw0rm.com who will list exploits known on servers if the owners/authors make no attempt to fix or respond to them. Some of the people affected are saying this is a "zero day" exploit but nobody seems to have any details to prove it is the case and not the list of exploits in the HyperVM/KLoxo software.
If you go to webhostingtalk.com you can find a thread over 100 pages long describing the pain of trying to recover thousands of vps systems and unknown number of hosting accounts:
http://www.webhostingtalk.com/showthread.php?t=867100
They have been working for more than 40 hours on this non stop in the USA and UK and just as they were getting control of the situation they found out that the author of the software committed suicide on Monday:
http://www.theregister.co.uk/2009/06/09/lxlabs_funder_death/
Once this was found out this morning it appears that some of the largest vps providers will not be getting any patches or fixes for their software as its believed the owner/author was the only person who was doing these updates and nobody is responding to any tech support emails or calls.
VAServ.com in the Uk has thrown in the towel and all clients will now be taking over hosting by BlueSquare Data Group, it is unknown what will happen in the USA but there must be thousands of dead vps accounts and at this time any HyperVM based system (30,000+) is still riddled with bugs as per milw0rm:
http://www.milw0rm.com/exploits/8880
This is a real tragedy. An enormous number of hosting accounts are now down and it is unknown how long they will be, because many servers have no backups. A leader in the VM software world is dead from suicide, probably because of this hacking event. It is likely that every single HyperVM server will have to switch to another VM or control panel if no one can find a way to get the software from the decedants next of kin and fix it. Many small hosting companies will go under because they have no way to get to their servers or backups on remote servers.
I have been following this since Sunday morning and its just getting worse every minute. I am not affected by this (we host about 1,100 websites on our own servers) but I know people who are losing tons of money due to this and some may go out of business.
This past weekend there was a massive hacker attack against a hosting environment known as HyperVM which is a virtual management system that is controlling well over 30,000 virtual private servers. It was done by some hacker who most likely got the info from a "press release" from millw0rm.com who will list exploits known on servers if the owners/authors make no attempt to fix or respond to them. Some of the people affected are saying this is a "zero day" exploit but nobody seems to have any details to prove it is the case and not the list of exploits in the HyperVM/KLoxo software.
If you go to webhostingtalk.com you can find a thread over 100 pages long describing the pain of trying to recover thousands of vps systems and unknown number of hosting accounts:
http://www.webhostingtalk.com/showthread.php?t=867100
They have been working for more than 40 hours on this non stop in the USA and UK and just as they were getting control of the situation they found out that the author of the software committed suicide on Monday:
http://www.theregister.co.uk/2009/06/09/lxlabs_funder_death/
Once this was found out this morning it appears that some of the largest vps providers will not be getting any patches or fixes for their software as its believed the owner/author was the only person who was doing these updates and nobody is responding to any tech support emails or calls.
VAServ.com in the Uk has thrown in the towel and all clients will now be taking over hosting by BlueSquare Data Group, it is unknown what will happen in the USA but there must be thousands of dead vps accounts and at this time any HyperVM based system (30,000+) is still riddled with bugs as per milw0rm:
http://www.milw0rm.com/exploits/8880
This is a real tragedy. An enormous number of hosting accounts are now down and it is unknown how long they will be, because many servers have no backups. A leader in the VM software world is dead from suicide, probably because of this hacking event. It is likely that every single HyperVM server will have to switch to another VM or control panel if no one can find a way to get the software from the decedants next of kin and fix it. Many small hosting companies will go under because they have no way to get to their servers or backups on remote servers.
I have been following this since Sunday morning and its just getting worse every minute. I am not affected by this (we host about 1,100 websites on our own servers) but I know people who are losing tons of money due to this and some may go out of business.
Last edited:
