A large ISP has said that data for as many as 100,000 websites was totally destroyed by hackers who targeted a zero-day vulnerability in a popular virtualization application.
Technicians at the UK-based Vaserv.com are still attempting to recover data over 24 hours after the hackers were able to obtain root access to the company’s system, according to company director Rus Foster.
He said the attackers were able to compromise their web servers by using a critical vulnerability in HyperVM, a virtualization application made by Indian software firm LXLabs.
The head of LxLabs, K. T. Ligesh, was found dead in a suspected suicide on Monday. He was 32 years old.
Ligesh was found in his Bangalore home on Monday morning, after a late night drinking session. Reports indicate that he was still coming to terms with the suicides by hanging of his sister and mother five years ago.
As for Vaserv.com, Foster says, “We were hit by a zero-day exploit” in version 2.0.7992 of the application, he said. “I’ve heard from other people they’ve been hit by the same thing.”
Daniel Voyce is a web developer for Nu Order Webs who uses Vaserv to host customer sites.
“Since last night, I’ve had probably 40 phone calls from clients saying ‘Why is my website down,’” he said. “It’s making me look bad.”
Voyce said his customers are still safe because all sensitive information was encrypted.
Related articles by Zemanta
- LxLabs boss found hanged after vuln wipes websites (theregister.co.uk)
- Microsoft to patch ‘critical’ PowerPoint hole (theregister.co.uk)
- Be Careful Online: Big Brother is Watching (ariwriter.com)
Get Blippitt via RSS feed, Facebook, Twitter, Google+,
and be sure to get our Daily Email Broadcast.
