siforek
New member
As you can see: http://vaserv.com/ got hacked.
Vaserv Got Hacked..
- Thread starter siforek
- Start date
romes
David
So http://vaserv.com/ is a vps host?
That is tragic - I wonder what motivates these criminals to destroy others livelihoods. Hackers are the scum of the Internet.
webfreak08
New member
I've never heard of this company, either. Anyone care to enlighten?
Interesting info on vaserv.com
ldcdc
New member
They're a rather popular provider at WHT. They have other possibly better known brands, like fsckvps and a2b2.
There's a huge thread about this incident over at WHT: http://www.webhostingtalk.com/showthread.php?t=867100
There's a huge thread about this incident over at WHT: http://www.webhostingtalk.com/showthread.php?t=867100
webfreak08
New member
How'd they get so popular?
JPC-MichelleH
New member
It was a known HyperVM exploit...
Right now they're sitting at 67 pages of posts on this thread, so this is very significant.
siforek
New member
This took me down and although I have backups(Friday was my last) it's still quite overwhelming. I've lost about 70% of shared customers and 50% of VPS customers(I was a partner)
Everyone seems to say this is LX's fault, but I'm not so sure. How do you know Vaserv didn't just say "we updated" to keep the pitchforks at bay? Regardless of who's to blame, I'm now looking for a new provider and the strength to go through the hundreds of Paypal disputes I've got from my customers.
I take 1 %*&ing day off for my birthdays and look what happens!
Everyone seems to say this is LX's fault, but I'm not so sure. How do you know Vaserv didn't just say "we updated" to keep the pitchforks at bay? Regardless of who's to blame, I'm now looking for a new provider and the strength to go through the hundreds of Paypal disputes I've got from my customers.
I take 1 %*&ing day off for my birthdays and look what happens!
For sure, it's created a mess. I wish you the best siforek.
handsonhosting
New member
I'd never heard of them either. Pretty crazy stuff. Fingers crossed for you to get things back up and running. Too bad your customers are bailing so quickly and jumping ship 
Is the host going to issue a refund (or at least a partial refund) that you may be able to pass along to your customers and hopefully be able to keep them as clients?
Is the host going to issue a refund (or at least a partial refund) that you may be able to pass along to your customers and hopefully be able to keep them as clients?
siforek
New member
The latest news..
The hacker showed up over at WHT for a minute. He posted a pretty long description of what he had done and also indicated that not only were the admin password(s) excessively used, but also very easy to crack. He also had/has full access to their billing/support system and indicated he had CCs and intended to sell all customer emails to spammers.
This does not negate the fact that there was/is a vulnerability in HyperVM that allows any valid VM user to use the exploit. So to all with HyperVM, secure your stuff ASAP!
This is a HUGE mess. A developer is dead and thousands of sites offline. In the aftermath I think the way things are handled from now on will indicate pass or fail for many businesses.
The hacker showed up over at WHT for a minute. He posted a pretty long description of what he had done and also indicated that not only were the admin password(s) excessively used, but also very easy to crack. He also had/has full access to their billing/support system and indicated he had CCs and intended to sell all customer emails to spammers.
This does not negate the fact that there was/is a vulnerability in HyperVM that allows any valid VM user to use the exploit. So to all with HyperVM, secure your stuff ASAP!
This is a HUGE mess. A developer is dead and thousands of sites offline. In the aftermath I think the way things are handled from now on will indicate pass or fail for many businesses.
ServerMojo
New member
That hacker has a lot to answer for..
handsonhosting
New member
They're up to 113 pages now at WHT. Pretty amazing!
siforek
New member
They are a larger provider than most think.. As you can see by the obvious record of posts(1700+) in 2 days!
handsonhosting
New member
Since WHT has been deleting the post over and over again (not sure why they're wanting to cover it up), I did get a link to what was going on;
http://pastebay.com/21028
NOTE: Admins remove if you believe this link to be a compromise of systems etc
Basically according to the hacker (who provides pretty detailed stuff on what they did), they did not exploit HyperVM or any ZeroDay Exploit - it was malpractice on the part of the company. They excessively used the same passwords on multiple machines. The hackers then hacked their billing system, pulled all client information (emails, credit cards etc) and went to town. They claim to have been monitoring things for almost 2 months.
The latest numbers I've seen is that 1800 VPS accounts were hacked, and a large portion of them were deleted. Sadly limited backups were done, and many people are stuck reloading backups from weeks and/or months ago if they're lucky.
Crazy stuff going on, and the company is going to lose their shirt in this (1 month free hosting to all customers, and 2 months for anyone who lost data). Still lots of people mad about this whole thing, and for that matter many people moving to other hosts. We've had a couple of people come to us already for VPS because of this.
http://pastebay.com/21028
NOTE: Admins remove if you believe this link to be a compromise of systems etc
Basically according to the hacker (who provides pretty detailed stuff on what they did), they did not exploit HyperVM or any ZeroDay Exploit - it was malpractice on the part of the company. They excessively used the same passwords on multiple machines. The hackers then hacked their billing system, pulled all client information (emails, credit cards etc) and went to town. They claim to have been monitoring things for almost 2 months.
The latest numbers I've seen is that 1800 VPS accounts were hacked, and a large portion of them were deleted. Sadly limited backups were done, and many people are stuck reloading backups from weeks and/or months ago if they're lucky.
Crazy stuff going on, and the company is going to lose their shirt in this (1 month free hosting to all customers, and 2 months for anyone who lost data). Still lots of people mad about this whole thing, and for that matter many people moving to other hosts. We've had a couple of people come to us already for VPS because of this.
Forum supporters
Save 37% Off Plesk License
Official Plesk Partner, Instant License Delivery, No Contract Commitment. Grab Your Savings NOW!
cplicense.net
Official Plesk Partner, Instant License Delivery, No Contract Commitment. Grab Your Savings NOW!
cplicense.net
Up to 30% Off on KVM VPS
Significant discounts on KVM VPS SSD. Worldwide Locations. Full Root Access. Instant Deployment.
greenwebpage.com
Significant discounts on KVM VPS SSD. Worldwide Locations. Full Root Access. Instant Deployment.
greenwebpage.com