Web Host Hacked Via Virtualization Tool

Virtualization security risk is a topic that has often been discussed in worrisome “what if” scenarios. It looks like “what if” just became reality for customers of a UK web hosting company. The Register reported yesterday that VAserv.com was trying to recover 100,000 customer web sites that were wiped out when intruders gained root access to their system, apparently through a zero-day exploit in virtualization management software.

VAServ.com director Rus Foster told the Register that the company’s servers were exploited through a critical vulnerability in HyperVM, a virtualization application made by a company called LXLabs. Many of the deleted accounts were on an unmanaged service that didn’t provide backups. 

UPDATE: There’s a sad and shocking new twist. The head of HyperVM developer LXLabs has been found dead in a suspected suicide. The Times of India has an article on the death of LX Labs ownerKT Ligesh that suggests the executive may have been troubled about issues unrelated to the VAServ issue. Reuven Cohen shares some memories of Ligesh.

Read more about the VAserv story at The Registerfor more. For additional perspectives on virtualization-related security, see coverage at CNet , Network World and Burton Group.