Drar
New Member
^This...I think cvps took today off.
^This...I think cvps took today off.
Would you put it past them? I'm still waiting for a simple reply :unsure: My 2nd CHI VPS just went dead and it didn't go down at all during the whole messI think cvps took today off.
At this time virtually all customers are back online; some with all original files in tact and others with new containers. File restoration is possible, though must be done manually by our staff. Right now we only have 2 more nodes to fix, and once that process is completed we are going to begin working through the long list of requests for file restoration from our backups. That process will take 3-4 days before all requests have been fulfilled.
We are happy to restore your files, though if its easier and quicker for you to restore the files yourself from your own backups we recommend going in that direction.
You now have full control over your VPS from WHMCS (you can stop/start/restart/reset root PW/reload it, etc).
Thank you again for your business and support.
---------------
Matthew
Support Guru
I got the same one, like, the EXACT wording .. so its another mass response, i was going to post it ... you beat me to it.Hahahahaha get this crap, just got it in a new message to a ticket I had open:
Wait, what?! I thought in the last RFO report they said they had completed ALL node fixing and were now working on restoring? So which is a lie, this or that?
With the recent SolusVM exploits that have affected our company and others with a negative impact, many of our customers and us are not supportive of enabling public facing access to our SolusVM VPS CP as additional code could be exploitable. Let's not take a risk when it comes to security. At this time, we are releasing an alternative frontend solution to our customers to allow them to reboot, start, shut down, serial console, change root pass, or change hostname on their VPS. We hope to be making this more feature rich soon, however at the moment the only thing that you CANNOT do with this new frontend is: reinstall VPS, manage DNS entries, or create central backup. We are working on making these features available to you ASAP.
You can now access your virtual server controls at https://billing.chicagovps.net/clientarea.php?action=products . Select the service, and under the "Virtual Server Control" section you can manage multiple aspects of your VPS, including reboot, start, shut down, serial console, change root password, or change hostname.
No client's VPS data was leaked or accessed by a 3rd party during this hack. The hacker(s) did not directly access any VPS container or hypervisor, and simply used a SolusVM exploit to wipe out and cause damage to a certain number of VPS nodes. The intentions of the malicious hackers was cause mayhem within our company by wiping some of our servers. With this compromise, our SolusVM database was accessed by a third party. As such, there is a possibility that any passwords that were related with SolusVM could be at risk, for example your initial password you signed up with. For those clients VPS's that are now accessible and showing as an online state in the virtual server controls section in our client area, we urge that you immediately change your root password by clicking on the "Change Root Password" button.
Let it be clear that this compromise did not impact our client area in anyway, so any billing information, etc stored in our client area at billing.chicagovps.net is safe.
For good measure, please take a minute to change your client area password. Those who used the same SolusVM password as the client area should do this promptly. https://billing.chicagovps.net/clientarea.php?action=changepw
On a related note, rest assured we're making great progress in our recovery. A further update regarding this matter will be sent out later today.
We thank our customers for their continued support during this ordeal.
Regards,
ChicagoVPS Team
Umm...what? The Solus master has direct access to every node - so yes, if the hacker knew of someone already at CVPS they wanted data of, it would be as simple as sending a command like tar zxvf /var/www/data.tgz /vz/private/<vservers.ctid>/ to the node, then grabbing the tarball of that VPS's data from the node's webserver. To be quite honest, you should simply assume that someone has all of your VPS' contents from prior to the hack, and take the appropriate security precautions.No client's VPS data was leaked or accessed by a 3rd party during this hack.
3 to 4 days????? what the fluff???once that process is completed we are going to begin working through the long list of requests for file restoration from our backups. That process will take 3-4 days before all requests have been fulfilled.
Not to mention solusvm has the ability to change passwords right? So if one controls solusvm, ...Umm...what? The Solus master has direct access to every node - so yes, if the hacker knew of someone already at CVPS they wanted data of, it would be as simple as sending a command like tar zxvf /var/www/data.tgz /vz/private/<vservers.ctid>/ to the node, then grabbing the tarball of that VPS's data from the node's webserver. To be quite honest, you should simply assume that someone has all of your VPS' contents from prior to the hack, and take the appropriate security precautions.
Yep. Most users won't end up asking for a restore. Those that do will just happen to be the ones that had corrupted or wiped backups. How unlucky for them!CVPS 3-4 days = Probably not going to happen. They just need more time to think about how to slowly equivocate until their customers just go away quietly. Step 2: Restart the entire company under a new name!
True enough. What really should concern people is the database leak, though. @ could confirm this... but wasn't the DB leak dated at least a day or more before the actual attack? The guy could've grabbed any number of VPS dumps in the meantime before tearing everything up.Not to mention solusvm has the ability to change passwords right? So if one controls solusvm, ...