UK Web host falls victim to attack
The UK based web host VAServ has fallen victim to an attack and numerous customer sites have been damaged or deleted. A report on The Register suggests that data for over 100,000 sites may have been lost. The attack appears to have occurred on Sunday.
According to the company, attackers were able to infiltrate the system by exploiting a previously unknown critical vulnerability in the HyperVM hosting software from Lxlabs, which allowed access to the system with root permissions. Where possible, VAserv is currently working on restoring the sites.
In a separate development, The Times of India reports that the founder of Lxlabs, K T Ligesh, was found dead at his home after hanging himself. It is not known whether Ligesh's death is in any way related to the attacks on HyperVM and Kloxo, or what the future for Lxlabs may be.
Since late last week, there were reports of critical holes in Kloxo, the web hosting platform from Lxlabs, and reports of hijacked web sites which have been running Kloxo or HyperVM based systems. Further investigations are needed to determine which hole, or holes, are involved in the collapse of these sites. Users of Kloxo or HyperVM should monitor their servers and apply appropriate precautionary measures.
- Several critical vulnerabilities in Kloxo hosting platform, a report from The H.