amuck-landowner

ChicagoVPS / CVPS Hacked. New SolusVM exploit? (Content Restored) [PT. 1/2]

Status
Not open for further replies.

drmike

100% Tier-1 Gogent
From LET:

ihatetonyy Member


7:57AM edited 7:57AM





In Chicago, not sure what node:

-bash-4.1# ls
Segmentation fault
-bash-4.1# uptime
Segmentation fault
-bash-4.1# ls
Segmentation fault
-bash-4.1# ps ax
Segmentation fault
-bash-4.1# ls
Segmentation fault
-bash-4.1# uptime
Segmentation fault
-bash-4.1#
 

MannDude

Just a dude
vpsBoard Founder
Moderator
Just heard someone say they have 3 VPSes down at CVPS now.

Anyone else have things down over there?
I don't know anyone who has a VPS with them, LET probably has more who do than from here. Quick Twitter search shows a few people complaining about VPSes being down: https://twitter.com/search?q=chicagovps&src=typd

After the last incident they setup backup servers so hopefully everyone who is down has a backup made.
 

maounique

Active Member
Guys, maybe cvps and chris in particular are unsavoury and liars, however, this is a very serious stuff, if there are 3 more vulnerabilities and maybe a full "crate" of those, we are seriously screwed and have to replace Solus.

Francisco's Stallion looks very good now, in fact too good. Coincidence ?
 

drmike

100% Tier-1 Gogent
Francisco's Stallion looks very good now, in fact too good. Coincidence ?
 

Didn't Stallion originally have roots in Solus?  (not to get off track)

I've never heard of Fran bringing Stallion to market as a product for other providers.  Might not be a bad idea though.
 

Francisco

Company Lube
Verified Provider
Guys, maybe cvps and chris in particular are unsavoury and liars, however, this is a very serious stuff, if there are 3 more vulnerabilities and maybe a full "crate" of those, we are seriously screwed and have to replace Solus.

Francisco's Stallion looks very good now, in fact too good. Coincidence ?
It isn't for sale.

I will likely give a few hosts a free copy but I haven't decided who.

Francisco
 

Magiobiwan

Insert Witty Statement Here
Verified Provider
I doubt BuyVM would do this. Too risky. Anyways, if you're a provider and HAVE NOT taken SolusVM down, YOU SHOULD!
 

MannDude

Just a dude
vpsBoard Founder
Moderator
Does anyone have a CVPS VPS that is ONLINE?

CVPS_Chris is reading this thread but I'd imagine he's too busy to respond right now.

Best of luck to everyone and hopefully their backups can be restored quickly.
 

drmike

100% Tier-1 Gogent
if you're a provider and HAVE NOT taken SolusVM down, YOU SHOULD!
 

To reiterate, someone has posted that they have at least 3 hacks for SolusVM that are unknown and have given a 12 hour timeline for providers to lock things down.

Their rationale is that they reported the vulnerabilities to Solus and Solus hasn't done squat.
 

mpkossen

New Member
Does anyone have a CVPS VPS that is ONLINE?

CVPS_Chris is reading this thread but I'd imagine he's too busy to respond right now.

Best of luck to everyone and hopefully their backups can be restored quickly.
On Skype he told me they are aware of the situation, so I guess they're working on it.
 

ihatetonyy

New Member
Does anyone have a CVPS VPS that is ONLINE?

CVPS_Chris is reading this thread but I'd imagine he's too busy to respond right now.

Best of luck to everyone and hopefully their backups can be restored quickly.
Yes. One in LA that hasn't had any data fuckery yet and has reasonable load again.


Code:
[root@fundamental ~]# uptime
 12:17:16 up 27 days,  8:08,  1 user,  load average: 0.03, 0.13, 0.15
 

ashworth

New Member
Chris Fabozzi just updated in a ticket that they're working on it and will release a statement shortly (after I went crazy in a ticket).

Glad to know someone's listening at least, and that the CEO can take a moment to respond.
 

D. Strout

Resident IPv6 Proponent
Just got an e-mail from Versatile IT stating that they have shut down SolusVM for a while - basically until after the vulnerabilities are released and the damage can be assessed.
 
Last edited by a moderator:

drmike

100% Tier-1 Gogent
What a shame, I PM'd @CVPS_Chris prior to this going public telling him I wasn't sure that Kevin was doing a good job checking on system compromises since in fact Kevin doesn't exist.

Ghost employees really make lousy employees.
 
Last edited by a moderator:

Francisco

Company Lube
Verified Provider
Didn't Stallion originally have roots in Solus?  (not to get off track)

I've never heard of Fran bringing Stallion to market as a product for other providers.  Might not be a bad idea though.
We originally used solus but broke away after they pulled BS with us and modifying a few pages.

Stallion 1 still uses a very old solusvm skin though.

Francisco
 

Kris

New Member
My 3 are down. No funky messages even. Good call on the central backups. How doesn't Solus have some sort of mod security type rules in-between the web server?

The developers clearly can't secure the program, going to need predictive Mod Security / OWASP rules in between their shit software.
 
Last edited by a moderator:
Status
Not open for further replies.
Top
amuck-landowner