Somebody once said..

"If you convince people that the wheel isn't right, they will allow you to re-invent it"

Friday, June 12, 2009

100,000 websites wiped off !

In what appears to be a zero-day exploit on HyperVM virtualization software, the attacker managed to wipe off data of 100,000 websites hosted by company called Vaserv. This software was developed by a company called LxLabs which is based out of Bangalore. HyperVM is a very popular software and used by many companies.

Vaserv suspects that the attacker was able to gain "root" access by exploiting the 0-day vulnerability and then deleted files from the system. On the contrary a anonymous post somewhere suggests it was something else. The post contains all the gory details of how the attackers went about screwing up the systems. I can't believe that there are sadistic people in this world today that enjoy giving commands like "rm -rf *". The extent of the damage is still not completely know and it seems the billing systems were also 0wned ! Apparently, details of the vulnerability were known to LxLabs 2 weeks before this incident took place.

Worst part is that 50% of the customers who were hosted on the compromised ISP didn't have backups (since they had subscribed to un-managed service) so god knows if they will ever get the data back ! A lesson to be learned here for everyone - "If it’s your data, back it up!" Can't rely on others to do it for you. This is like the worst kind of attack that anyone can get and just shows how critical it is to secure the infrastructure especially for big ISP's.

As if this was not enough, the founder of LxLabs committed suicide on the next day of Vaserv reporting this incident. Now people all over seem to be linking these two things together, but I doubt that's the case. Anyways, may his soul rest in peace!


No comments:

Post a Comment