WikiWirral Online with you since 2003, fantastic.
Forum Stats
12137 Members
65 Forums
72391 Topics
976101 Posts
33 posts in the last 24hrs
Max Online: 7831 @ 8th Apr 2013 4:18pm
Who's Online - Click Me
14 registered (4 invisible), 207 Guests and 108 Spiders online.
Key: Admin, Global Mod, Mod
Social Media : Follow Us


(Views 7days)This Weeks Most Read
Wirral Globe 603
HMT Lancastria 443
Another Big Waste Fire in Liverpool. 406
Name help 390
Vet help 315
Vet help 300
Another tree down on Arrowe park Road? 200
54 plate renault clio 3rd brake light 200
That was kept a bit quiet? 154
Mobile mechanic needed to fit a wishbone 141
New General Forums
Lib/dems rule the day
by JimmyG
2nd Dec 2016 10:59pm
Daft funny joke
by venice
2nd Dec 2016 5:54pm
We dont learn much.
by venice
1st Dec 2016 9:22pm
Freegle
by venice
1st Dec 2016 6:36pm
New Wirral History
Name help
by Paternoster21
3rd Dec 2016 8:03am
HMT Lancastria
by granny
2nd Dec 2016 11:38pm
Cubitts Holland and Hannen
by fish5133
27th Nov 2016 5:38pm
Fire station
by chris7777
22nd Nov 2016 12:24pm
Buy a house in Greasby for 12s a week - in 1935
by yoller
6th Oct 2016 6:56pm
Forum Tips
Photo Gallery Forums
fireworks on the Mersey last night
Hadlow train station
Topic Replies
Blank Page : Offline
by Mark
Vet help
by diggingdeeper
10:50 PM
RIP Peter Vaughan
by Mark
10:00 PM
Talk Talk Security Breach
by Mark
09:59 PM
Iphone 5s, Grey, near mint condition, 50
by anniebo28
09:39 PM
Mobile mechanic needed to fit a wishbone
by anniebo28
07:30 PM
That was kept a bit quiet?
by diggingdeeper
06:19 PM
Another tree down on Arrowe park Road?
by fish5133
02:13 PM
MIG welder
by vw_kyle
01:49 PM
December
M Tu W Th F Sa Su
1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31
Recent Posts : What's On ?
Wirral TUC Meeting re Update on Wallasey CLP Suspe
by RUDEBOX
30th Nov 2016 9:16pm
World Aids Day Event 2016. Liverpool
by RUDEBOX
30th Nov 2016 9:05pm
Topic Options
Rate This Topic
#326822 - 8th Jun 2009 10:39pm 100,000 Websites Wiped Out By ZeroDay Exploit
MattLFC Offline
Wiki Master

Registered: 14th Aug 2004
Posts: 22315
Loc: Moreton/Beirut/Mobile
Originally Posted By: The Register, and my good friend Russell :-)
A large internet service provider said data for as many as 100,000 websites was destroyed by attackers who targeted a zero-day vulnerability in a widely-used virtualization application.

Technicians at UK-based Vaserv.com were still scrambling to recover data on Monday evening UK time, more than 24 hours after unknown hackers were able to gain root access to the company's system, Rus Foster, the company's director told The Register. He said the attackers were able to penetrate his servers by exploiting a critical vulnerability in HyperVM, a virtualization application made by a company called LXLabs.

"We were hit by a zero-day exploit" in version 2.0.7992 of the application, he said. "I've heard from other people they've been hit by the same thing." Foster said he's been unable to reach anyone at LXLabs to discuss the suspected vulnerability. The Register has also received no response to inquiries sent to the company, which according to its website is located in Bangalore.

According to Foster, data for about half of the websites hosted on Vaserv was destroyed all at once sometime Sunday evening, shortly after administrators noticed "strangeness" on the system. The attackers had the ability to execute sensitive Unix commands on the system, including "rm -rf," which forces a recursive delete of all files.

All a can say is, it wasnt me! bananalama

The Register

Top
National News : Advertising
Click me for more Information......


Looking for a Service / Tradesman? Look in our Local Business Directory. Click Me
#326826 - 8th Jun 2009 11:03pm Re: 100,000 Websites Wiped Out By ZeroDay Exploit [Re: MattLFC]
diggingdeeper Offline

Wiki Guardian

Registered: 9th Jul 2008
Posts: 9559
Loc: Birkenhead
I think this is the same company - News article

"High Availability, Virtualisation and Disaster Recovery Solutions Now Available From VAServ"
_________________________
In a time of universal deceit - telling the truth is a revolutionary act. George Orwell

When the debate is lost, slander becomes the tool of the loser. Socrates

Top
#326827 - 8th Jun 2009 11:07pm Re: 100,000 Websites Wiped Out By ZeroDay Exploit [Re: diggingdeeper]
MattLFC Offline
Wiki Master

Registered: 14th Aug 2004
Posts: 22315
Loc: Moreton/Beirut/Mobile
The scary thing is, there is still hundreds of hosts still using HyperVM... I mean, come on!!!!

hammer

Top
#326829 - 8th Jun 2009 11:34pm Re: 100,000 Websites Wiped Out By ZeroDay Exploit [Re: MattLFC]
Tony_1985 Offline

Forum Master

Registered: 19th Aug 2006
Posts: 2421
Loc: Ellesmere Port
The server my sites and my mates sites are all hosted on are unaffected as yet

We use LXadmin, but i think after this he might change over

Top
#326832 - 8th Jun 2009 11:53pm Re: 100,000 Websites Wiped Out By ZeroDay Exploit [Re: Tony_1985]
MattLFC Offline
Wiki Master

Registered: 14th Aug 2004
Posts: 22315
Loc: Moreton/Beirut/Mobile
Dont touch LX Labs with a bargpole man, all their software appears to be ridiculed with security issues and they dont seem to give a damn. If its running HyperVM, tell him (or his providers) to shut it down at once. If in doubt just take a look at WHT right now, its in absolute disarray with the fallout...

This issue was believed to have been reported to them on the 24th May, yet the zero day strike was Sunday 7th June, they had claimed to have fixed all the flaws with a the issuing of a security patch on Saturday, obviously they were lying.

The pathetic thing is, if they had announced the issues to their partners, it would have simply been a case of shut down HyperVM until the issues were resolved, now though, they have caused an obscene amount of damage and will hopefully go bankrupt as a result of it.

Top
#326852 - 9th Jun 2009 10:13am Re: 100,000 Websites Wiped Out By ZeroDay Exploit [Re: MattLFC]
MattLFC Offline
Wiki Master

Registered: 14th Aug 2004
Posts: 22315
Loc: Moreton/Beirut/Mobile
OMFG, serious shit...

LX Labs Boss Commits Suicide After Exploit Wipes Out 100,000 Websites

Originally Posted By: The Register
The boss of Indian software firm LxLabs was found dead in a suspected suicide on Monday.

Reports of the death of K T Ligesh, 32, come in the wake of the exploitation of a critical vulnerability in HyperVM, a virtualization application made by LXLabs, to wipe out data on 100,000 sites hosted by the UK web hosting firm VAserv.

The effect of his death on the development of updated software by LxLabs is unknown at time of writing.

Ligesh was found hanged in his Bangalore house on Monday morning, after a late night drinking session. The Times of India reports that he was upset with the loss of a recent contract. Ligesh was also still coming to terms with the suicides by hanging of his sister and mother five years ago.

Security researchers at Milw0rm warn that the Kloxo (formerly Lxadmin) web hosting platform from LxLabs contains 24 security vulnerabilities and exploits. The flaws include SQL injection vulnerabilities and flaws that create a way for hackers to gain file access to files hosted on a vulnerable system.

The vulnerabilities are confirmed to affect Klaxo version 5.75, though other versions may also be affected. Milw0rm went public with an alert on the vulnerability last Thursday after failing to hear back from LxLabs in what it considered to be a timely manner.

Jeeze, I have spent upwards of the last 40 hours, with no sleep and little to eat since Saturday night (too busy and lost appetite lol) sorting out all the crap thanks to this, but no way in hell would I have ever wished this. His software may have caused millions of pounds worth of damage to companies, organisations etc, but at the end of the day its just money and time, shit happens and were used to it in this industry, I really feel for the guys family and friends and am so sorry these has caused such a tragic event.

It all seemed very exciteable, something to talk about within the inustry and lots of mess to clear up, which is what we admins do best (and in all honesty, its our job at the end of the day), but this just puts it into perspective, and suddenly its not so much fun now, and very muted.

And to top things off, BlueSquare Data have now announced they will be taking over the operations of VAServ, very sad for me as I have worked with VAServ for 5 years now and treated well throughout by Rus and the team, I have a feeling the service won't be so friendly or personal with BlueSquare - the boss Matthew Munson is a likeable chap, I know from dealing with Poundhost on occasion, but the company is just far too big. It makes sense as VAServ colocate in BlueSqaure III and have their UK offices there, and also BlueSquare have their own in-house developed alternative to HyperVM, but still... Rus has cited since the announcement, a major factor in the decision is relating to him feeling part-responsibility for the guys death, which of course is silly, but I can understand where he coming from, he must be so emotionally and physically drained right now, I really feel for him and fully understand his decision.

A very sad day for the industry. frown

Top

Moderator:  Mod 
Random Wirral Images

Click to View Topic.
Newest Topics
Talk Talk Security Breach
by fish5133
06:19 PM
Mobile mechanic needed to fit a wishbone
by anniebo28
6th Dec 2016 7:13pm
Vet help
by colin86
6th Dec 2016 6:25pm
Another tree down on Arrowe park Road?
by Davefabo
6th Dec 2016 11:08am
Game shocking prices!!!
by eddtheduck
5th Dec 2016 4:55pm
For Sale & Free
Iphone 5s, Grey, near mint condition, 50
by anniebo28
Yesterday at 07:40 PM
Roberts Concerto 2 CD Player For Visually Impaired
by Tranquil
6th Dec 2016 10:05pm
Gaming chair
by monsterz4
6th Dec 2016 8:27pm
MIG welder
by anniebo28
6th Dec 2016 1:34am
IPhone 4s 16gb 35
by anniebo28
4th Dec 2016 12:45pm
Featured Member
Registered: 9th Nov 2003
Posts: 20962
Newest Members
lucyw, BarbaraL, SherryLover, missyb, DavidSharpe
12137 Registered Users
Today's Birthdays
No Birthdays
New Wirral Info
Gymnastics coaches needed.
by margy
3rd Dec 2016 9:28pm
Wirral Globe
by locomotive
1st Dec 2016 6:25pm
Wirral TUC Meeting re Update on Wallasey CLP Suspe
by RUDEBOX
30th Nov 2016 9:16pm
World Aids Day Event 2016. Liverpool
by RUDEBOX
30th Nov 2016 9:05pm
A job. Company not named.
by venice
30th Nov 2016 6:30pm
News : New Topics
RIP Peter Vaughan
by diggingdeeper
Yesterday at 04:22 AM
That was kept a bit quiet?
by venice
6th Dec 2016 11:25am
Another tree down on Arrowe park Road?
by Davefabo
6th Dec 2016 11:08am
Bunchems Xmas present warning
by venice
6th Dec 2016 9:28am
Another Big Waste Fire in Liverpool.
by Wally1
4th Dec 2016 10:24am
New Enthusiast Forums
Talk Talk Security Breach
by fish5133
Yesterday at 06:19 PM
Mobile mechanic needed to fit a wishbone
by anniebo28
6th Dec 2016 7:13pm
Vet help
by colin86
6th Dec 2016 6:25pm
Game shocking prices!!!
by eddtheduck
5th Dec 2016 4:55pm
54 plate renault clio 3rd brake light
by Mike72
1st Dec 2016 12:52pm
(Views 24hrs)Trending Newest Topics
Vet help 300
Talk Talk Security Breach 109
Wirral Sunrise Sunset
Sunrise Thu 8:15am
Sunset Thu 3:53pm
Local Time Thu 9:43am
WikiWirral Can . . . .