A popular UK ISP has reportedly fallen victim to a large-scale cyber attack that led to data loss from as many as 100,000 websites through a virtualisation manager solution called HyperVM.
Back on Sunday, hackers broke into the security of Vaserv.com by exploiting a zero-day vulnerability in its virtualisation software, the prominently used HyperVM from LXLabs, thereby allowing hackers to gain system access with root permissions.
The Register quoted Vaserv’s director Rus Foster claiming that around data of half of the websites hosted on the ISP’s server was damaged all at once on Sunday evening, soon after administrators observed something peculiar in the system.
He further went on to say that the hackers had the capability to execute the critical Unix commands o the system, including ‘rm –rf’ that paves way for the recursive delete of files.
The ISP listed more than 20 FSCK servers that reportedly suffered complete data loss and asserted that it will be inspecting the servers later on.
It further notified that “some of the nodes have been restored while others are being checked and once done full list will be issued”. No hacker has claimed the responsibility of the attack yet; however, Foster asserted that it was an SQL attack and that it was intentional.
The engineers at Vaserv.com are pouring huge amount of efforts to restore the lost data as soon as possible.
You can follow ITProPortal.com on Twitter@itproportal.
Sadly, the lead developer of HyperVM, KT Ligesh, hanged himself in his Bangalore flat shortly afterwards. The hack has apparently been the last straw of an otherwise stressful life. He lost his sister and mother a short while ago. Obviously, customers who use HyperVM will need to update their applications as soon as possible.
(SC Magazine UK)