Flaw In Virtualization App Causes Data Loss On Thousands Of Websites

Hackers this week exploited vulnerabilities in a virtualization application to wipe out data from as many as 100,000 Websites hosted by U.K. hosting provider VAServ.

According to news reports, the vulnerabilities enabled attackers to gain root access to the servers hosted by VAServ, which uses virtualization to provide hosted services at a price that is significantly lower than dedicated servers.

Root access enabled the attackers to wipe out large portions of the data on all of VAServ's hosted U.K. and U.S. Websites, the reports say. About half of VAServer's customers had not signed up for the provider's backup service, and in some cases their data might never be recovered, the reports say.

The virtualization software, Lxlabs' HyperVM, is used by other service providers, and observers are concerned that the attackers may strike again. Meanwhile, Lxlabs founder and owner KT Ligesh was found dead in his house yesterday in what appears to be a suicide by hanging, according to another news report. Ligesh had been drinking heavily and was depressed about losing an important contract and the suicide of his mother and sister five years ago, the report says.

The unknown hacker who disclosed the flaws claimed the vendor was unresponsive to warnings prior to the release of the vulnerabilities. He says he notified Lxlabs last month and received a confirmation, but on June 4 he wrote that he had not received a response from the vendor.

Last Thursday, hackers also published exploit code for 24 unpatched vulnerabilities in the Kloxo software, also developed by Lxlabs. Kloxo Enterprise is a Web-based central management platform with the ability to "manage hundreds of thousands of domains on hundreds of servers," according to the vendor.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.