Follow us on Twitter X-Cart on Facebook Wiki
Shopping cart software Solutions for online shops and malls

100k site hacked, programmer commits suicide!

 
Reply
   X-Cart forums > General > General talk
 
Thread Tools
  #1  
Old 06-09-2009, 02:10 PM
  bigredseo's Avatar 
bigredseo bigredseo is offline
 

X-Man
  
Join Date: Oct 2002
Location: Omaha, NE, USA
Posts: 2,364
 

Unhappy 100k site hacked, programmer commits suicide!

Well many of you may not know about the incident yet (for some reason it hasn't made the major news), but in the hosting world, we've been watching a horror story unfold.

VAserv (http://www.vaserv.com) - a well established VPS hosting provider in the UK market had approx 100,000 websites hacked and deleted. The hacker (according to reports) used an exploit in HyperVM, a hosting control panel, in order to gain access to more than 1800 VPS Accounts and run the command "rm -rf" - DELETE.

There are mixed reports at the moment as to the nature of the attack. The hacker has come forward on a number of forums and discussions to disclose what they had done, and the hack appears to run deeper than just an exploit. They appear to have gained access to the hosting companies information, their passwords for servers, their billing system, customer information, customer credit card details and various other aspects of the company.

While news reports are being thrown around about a "Zero Day Exloit" (basically means the vulnerability was found the same day the hacks were made), personally I believe there's more to the story: http://www.theregister.co.uk/2009/06/08/webhost_attack/

The owner/developer/programmer of HyperVM comitted suicide on Monday - http://www.theregister.co.uk/2009/06/09/lxlabs_funder_death/

So lets see if I have it right;

Sunday Night, the VPS Provider is hacked and 100,000 websides deleted (oh, did I forget to mention that they don't have backups?)
Monday, the developer of the program (HyperVM), the same one the host uses, is found dead.
Tuesday, the person who did the hack comes forward to explain it WASNT a HyperVM exploit, it was a hosting company hack.

I know programmers and developers and hosting companies work their tails off to keep everything running smoothly, and there's been any number of days when we all just want to give up and quit, but few take it to the level that Mr. Ligesh (age 32) did.

So the lesson in all of this? Did you make a backup? If your host is making backups, what happens if your host is taken out of business, how will you survive?

If you use HyperVM, or Lxadmin, or Kloxo (all developed by LxLabs), please make a backup. There's many vulnerabilities, and without a lead programmer/owner it could be some time before there's a fix.

Clients will be happy to know that Hands-on uses Virtuozzo as our VPS platform and is unaffected. We also make backups for our customers, however you should be making a backup too. I'd never wish a hack upon ANYONE and can only imagine what the guys at VAserv must be going through

Interested in more than 1800 posts on this hosts events? Check out http://www.webhostingtalk.com/showthread.php?t=867100.
__________________
Conor Treacy - Big Red SEO - @bigredseo
Search Engine Optimization & Internet Marketing - We Bring Your Website Out Of Hiding!
If you can't be found on Google, Bing or Yahoo, you pretty much don't exist on the Internet.
Omaha SEO Office with National & Local SEO Services
Hourly Consulting - great for SEO Disaster Recovery, Audits and DIY Guidance
Reply With Quote
  #2  
Old 06-09-2009, 02:36 PM
  flyclothing's Avatar 
flyclothing flyclothing is offline
 

eXpert
  
Join Date: Aug 2004
Location: Gilbert, AZ
Posts: 357
 

Default Re: 100k site hacked, programmer commits suicide!

Conor,

I am sad to hear this happened and even more that the programmer took his life over it. I am glad you can find a lesson in it for all and run a "tight ship" at your business! Its much appreciated.
__________________
Jonathan
Flyclothing, LLC
PO Box 1490
Gilbert, AZ 85299-1571
P 480.422.7350
F 888.359.2568
www.flysportsgear.com?MMCF_xcartforum (X-Cart 4.5.2) FOR SALE
Reply With Quote
  #3  
Old 06-09-2009, 03:46 PM
 
Emerson Emerson is offline
 

X-Man
  
Join Date: Mar 2004
Location: Atlanta, GA
Posts: 2,209
 

Default Re: 100k site hacked, programmer commits suicide!

Yes I've been following this as well but if you take a peak at the developer's personal blog(www.ligesh.com) you will quickly see that there have been a lot of issues brewing in the background so IMHO he did not commit the unthinkable based solely on this one event. For someone to go to that extreme you know this has been coming for a while.
__________________
Emerson
Total Server Solutions LLC- Quality X-Cart Hosting
Recommended X-Cart Hosting Provider - US and UK servers
Does your host backup your site? We do EVERY HOUR!!!
Shared Hosting | Managed Cloud | Dedicated Servers
Reply With Quote
  #4  
Old 06-09-2009, 03:48 PM
  bigredseo's Avatar 
bigredseo bigredseo is offline
 

X-Man
  
Join Date: Oct 2002
Location: Omaha, NE, USA
Posts: 2,364
 

Default Re: 100k site hacked, programmer commits suicide!

It's just pretty unbelievable that the guy went out the way he did. Reports say that he was upset about losing a contract on a programming job, and that after a night of heavy drinking his roommate awoke to found Mr. Ligesh dead. So far the consensus seems to be that he hanged himself, but there's been no official statement that I've been able to find.

I'm disapointed in WebHostinTalk's Forums in that every time the hacker comes in to explain that they did more than just use an exploit in the control panel and instead hacked the host (as they used only a handful of passwords on ALL their servers), the WHT admins delete the post within minutes. Why would they cover up this information is beyond me. If the host did indeed only use a handful of passwords for all their servers they've got serious problems on their hands. We have a different password on EVERY server, not one is the same!

I guess the truth will come out over time, it always does. In the mean time, I feel bad for his family and friends (and co-workers) and those hosts that use the HyperVM software as they're left in the dark for a while. I truely hope they are able to track details on the hacker and justice is served, but it seems this is rarely done these days

I believe EWD also runs Virtuozzo on their servers and are not affected by this exploit but I've not been able to reach Emerson yet to verify this.
__________________
Conor Treacy - Big Red SEO - @bigredseo
Search Engine Optimization & Internet Marketing - We Bring Your Website Out Of Hiding!
If you can't be found on Google, Bing or Yahoo, you pretty much don't exist on the Internet.
Omaha SEO Office with National & Local SEO Services
Hourly Consulting - great for SEO Disaster Recovery, Audits and DIY Guidance
Reply With Quote
  #5  
Old 06-09-2009, 03:51 PM
  bigredseo's Avatar 
bigredseo bigredseo is offline
 

X-Man
  
Join Date: Oct 2002
Location: Omaha, NE, USA
Posts: 2,364
 

Default Re: 100k site hacked, programmer commits suicide!

Speak of the devil

Yeah, there's more to what was going on, but for an unstable person it doesn't take much to push them over the edge. Seen it happen too many times unfortuantely

Hopefully the hosting company gets back on their feet quickly (i know the process is still in progress), and they're able to get past this issue and move forward. They have a lot of loyal supporters, but I'm sure there'll be churn out of this.
__________________
Conor Treacy - Big Red SEO - @bigredseo
Search Engine Optimization & Internet Marketing - We Bring Your Website Out Of Hiding!
If you can't be found on Google, Bing or Yahoo, you pretty much don't exist on the Internet.
Omaha SEO Office with National & Local SEO Services
Hourly Consulting - great for SEO Disaster Recovery, Audits and DIY Guidance
Reply With Quote
  #6  
Old 06-09-2009, 04:18 PM
  bigredseo's Avatar 
bigredseo bigredseo is offline
 

X-Man
  
Join Date: Oct 2002
Location: Omaha, NE, USA
Posts: 2,364
 

Default Re: 100k site hacked, programmer commits suicide!

Talked to Emerson. He's also running Virtuozzo over with him on his VPS Accounts - so all is good on his end too!
__________________
Conor Treacy - Big Red SEO - @bigredseo
Search Engine Optimization & Internet Marketing - We Bring Your Website Out Of Hiding!
If you can't be found on Google, Bing or Yahoo, you pretty much don't exist on the Internet.
Omaha SEO Office with National & Local SEO Services
Hourly Consulting - great for SEO Disaster Recovery, Audits and DIY Guidance
Reply With Quote
Reply
   X-Cart forums > General > General talk


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -8. The time now is 09:47 PM.

   

 
X-Cart forums © 2001-2020