[ISN] Webhost hack wipes out data for 100,000 sites

From: InfoSec News <alerts_at_private>
Date: Tue, 9 Jun 2009 04:04:57 -0500 (CDT)
http://www.theregister.co.uk/2009/06/08/webhost_attack/

By Dan Goodin in San Francisco
The Register
8th June 2009

A large internet service provider said data for as many as 100,000 
websites was destroyed by attackers who targeted a zero-day 
vulnerability in a widely-used virtualization application.

Technicians at UK-based Vaserv.com were still scrambling to recover data 
on Monday evening UK time, more than 24 hours after unknown hackers were 
able to gain root access to the company's system, Rus Foster, the 
company's director told The Register. He said the attackers were able to 
penetrate his servers by exploiting a critical vulnerability in HyperVM, 
a virtualization application made by a company called LXLabs.

"We were hit by a zero-day exploit" in version 2.0.7992 of the 
application, he said. "I've heard from other people they've been hit by 
the same thing."

Foster said he's been unable to reach anyone at LXLabs to discuss the 
suspected vulnerability. The Register has also received no response to 
inquiries sent to the company, which according to its website is located 
in Bangalore.

[...]


_____________________________________________
Visit the InfoSec News security bookstore!
http://www.shopinfosecnews.org 
Received on Tue Jun 09 2009 - 02:04:57 PDT

This archive was generated by hypermail 2.2.0 : Tue Jun 09 2009 - 02:24:56 PDT