amuck-landowner

ChicagoVPS / CVPS Hacked. New SolusVM exploit? (Content Restored) [PT. 1/2]

Status
Not open for further replies.
drmike

drmike

100% Tier-1 Gogent
Mao said:
In all honesty ramnode had much fewer nodes.
Click to expand...
Well, I've long be curious as to number of nodes RamNode operates. :)  I don't think they are as small as folks think. Seem to have quite a few customers.  Ahh where's the SolusVM database :) ?

What RamNode really had was a better management policy and contingency planning.  Nick isn't a sales idiot, he's the owner and a technical guy.  Contrast that to CVPS where the owner is a sales fellow who spends his time trolling forums and playing whack-a-mole.

Then again, no clue in either attack to the number of nodes destroyed.  I suspect CVPS had far more nodes destroyed.

jfreak53 said:
washed their hands of it and are just waiting for people to jump ship personally. Each ticket opened gets the same canned response
Click to expand...

Little doubt at this point if you are offline, you are going to receive an empty VPS --- if you still want to be a CVPS customer. (heck two major hacks in 7 months --- so the saying goes, third one is a charm).

The canned responses are kind of comical.   This is why you hire proper staff and maintain what you need for the customer base.   They should have brought in more folks to do customer support and someone to get working on billing credits while the other helpers and regular staff dealt with the technical issues of reinstalling servers and retrieving backups.

Those offline have been the entire business week.

jfreak53 said:
They say everything is back online
Click to expand...
There are at LEAST 11 servers that show major downtime in this 24 hours.  Mind you, there are nodes that aren't monitored in Pingdom and one of them had been down through at least early this morning.  Plus their control panel is offline according to monitoring (unsure how customers are doing Solus-necessary things without Solus available).
 
N

Nth

New Member
buffalooed said:
Plus their control panel is offline according to monitoring (unsure how customers are doing Solus-necessary things without Solus available).
Click to expand...
We aren't. My VPS has been online for a few hours but its just a fresh install as they said. I logged in just long enough to see that and logged out. I'll wait a couple more days to see if they can restore it before settings everything back up. It is good that they're making progress.
 
upsetcvps

upsetcvps

New Member
Nth said:
We aren't. My VPS has been online for a few hours but its just a fresh install as they said. I logged in just long enough to see that and logged out. I'll wait a couple more days to see if they can restore it before settings everything back up. It is good that they're making progress.
Click to expand...
How did you obtain the login credentials?
 
Last edited by a moderator:
XFS_Duke

XFS_Duke

XFuse Solutions, LLC
Verified Provider
jfreak53 said:
I think they've just washed their hands of it and are just waiting for people to jump ship personally. Each ticket opened gets the same canned response. Same 4 servers offline as when this whole thing started. From a "Josh" someone ha ha.
Click to expand...
I saw them restore your VPS if I'm not mistaken, your VPS should be ready soon.
 
MannDude

MannDude

Just a dude
vpsBoard Founder
Moderator
XFS_Duke said:
Should be the one that you were using when it went down...
Click to expand...
Since you're helping CVPS restore customer's VPSes, can you comment on why they didn't do a forced password change?

In March when the November DB was leaked, they forced a reset on all passwords as a 'security measure' (later to be revealed it was because the DB was leaked), so I know they know how to.

Just seems a bit silly re-creating these VPSes with the same credentials. Judging by the number of search queries I've seen for people looking for the DB as well as people asking on Twitter for the DB, I'd be quite alarmed by who all has hands on it now. I'm sure your average customer should know to change their password immediately, even better using the 'passwd' command via SSH, but still...
 
Last edited by a moderator:
upsetcvps

upsetcvps

New Member
Nth said:
It is the orginal password emailed to you when you first got your VPS.

 
Click to expand...
what a stupid policy.  How are they sure whoever hacked them didn't obtain access to these?  Why don't they just generate new passwords and send out an e-mail like gets done when you first create an account?
 
Last edited by a moderator:
N

Nth

New Member
zulualpha said:
Well that will make life a little easier... Are they emailing people when their VPS goes back up or should we just keep trying to ssh until it eventually works?
Click to expand...
I got no message. Since it was down I've been running ping with a 30 second timeout on my vps's ip and noticed when it came back up.
 
X

xvtv

New Member
My vps is finally up after 87 hours !

But I can't login. My ssh key is not recognized anymore, and the original password is not working as well.

Have to wait for solusvm...
 
earl

earl

Active Member
It's times like these that makes you wonder about those companies that ask for government issued ID's for a $1 VPS!

Hmm.. no thanks! lol
 
M

mnsalem

New Member
VPS finally up here .. With the wrong OS :p


When I ordered, I chose Debian, now from the apache test page, I see it's CentOS


Waiting for the backup restoration now! :)
 
Status
Not open for further replies.
Top
amuck-landowner