Web Host Hacked Via Virtualization Tool

A hack at a UK web host that has wiped out as many as 100,000 sites has highlighted the risks of exploits targeting virtualization software.

Virtualization security risk is a topic that has often been discussed in worrisome "what if" scenarios. It looks like "what if" just became reality for customers of a UK web hosting company. The Register reported yesterday that VAserv.com was trying to recover 100,000 customer web sites that were wiped out when intruders gained root access to their system, apparently through a zero-day exploit in virtualization management software.

VAServ.com director Rus Foster told the Register that the company's servers were exploited through a critical vulnerability in HyperVM, a virtualization application made by a company called LXLabs. Many of the deleted accounts were on an unmanaged service that didn't provide backups. 

UPDATE: There's a sad and shocking new twist. The head of HyperVM developer LXLabs has been found dead in a suspected suicide. The Times of India has an article on the death of LX Labs ownerKT Ligesh that suggests the executive may have been troubled about issues unrelated to the VAServ issue. Reuven Cohen shares some memories of Ligesh.

Read more about the VAserv story at The Registerfor more. For additional perspectives on virtualization-related security, see coverage at CNet , Network World and Burton Group.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish