Vaserv hits with 'zero-day virtualization vulnerability'; 100,000 sites destroyed

For as many as 100,000 websites was destroyed by attackers who targeted a zero-day vulnerability in a virtualization application software HyperVM, which powers most virtual private server (VPS) hosting companies. Most of the VPS systems hosted by Vaserv, and its sister companies CheapVPS and FSCKVPS were taken offline, when the hackers exploited a zero-day vulnerability in the […]

For as many as 100,000 websites was destroyed by attackers who targeted a zero-day vulnerability in a virtualization application software HyperVM, which powers most virtual private server (VPS) hosting companies. Most of the VPS systems hosted by Vaserv, and its sister companies CheapVPS and FSCKVPS were taken offline, when the hackers exploited a zero-day vulnerability in the LxLabs HyperVM software to gain root access to company's system. The hackers were then able to run commands (such as "rm -rf", Linux parlance for "remove everything, all files and folders, no questions asked,") to destroy both user and system data, preventing the servers from booting, and preventing users from recovering data.

More infoThe Register