ChicagoVPS / CVPS Hacked. New SolusVM exploit? [PT 2/2]

[MannDude]

WHMCS news requires it's own thread...

The hosting industry should be on high alert it appears.

 

[drmike]

Start a new thread for the WHMCS stuff @MannDude...

 

[Marc M.]

@ at the bottom http://www.lowendbox.com/blog/a-days-recap-solusvm-exploit-released-ramnode-downtime-and-robert-clarke/

 

[johnnyd95]

 

Wow this new post just came out. The last threat was to about SolusVM exploit. This one can't be good.


 

 

Me and Curtis G are releasing 0 day vun for whmcs friday

 

[maounique]

Actually, I know how insecure we are, problem is, what to do ?

Leave only linode and amazon provide VPSes ? Will you feel secure with the gov't having a direct line into your stuff ?

Not that they are bullet-proof, anyway, I wish ppl will focus more on taking down the establishment than the little folks with a small business.

 

[drmike]

True 'dat Chairman Mao!

Government isn't spying, they just are providing free backups for your data to every citizen  You just didn't get your API access key yet.

 

[Otakumatic]

There is no way I'm paying $20 for a Linode VPS when I can get the same specs for ~$7.

And not all LEB VPSers are script kiddies. :|

 

[Marc M.]

There is no way I'm paying $20 for a Linode VPS when I can get the same specs for ~$7.

@Otakumatic Actually you will get better performance for your $7. Heck, our Xen nodes provide way better I/O than Linode, and we're releasing our SSD Cached Xen packages soon (very soon). And there are many other small providers who offer quality service for $7. So of course Linode is making a killing by pushing as many users as possible per node. Plus I have a sneaky suspicion that they are using RAID 5 or 6 instead of 10 to get more storage space out of their drives.

 

[yolo]

   


Me and Curtis G are releasing 0 day vun for whmcs friday

*Curtis G and I

 

[drmike]

*Curtis G and I

 

Dude they are hackers.  They can hack Engwish too.

 

[texteditor]

Dude they are hackers.  They can hack Engwish too.

Grammar is for the sheeple in meatspace

 

[Magiobiwan]

Seriously you two. What are you getting out of this? Lulz? It's not helping the community any. Providers are locking down their stuff, unwilling to risk being compromised, which inconveniences their clients. The node wiping is causing people to lose their data, their time, the effort they've put in to setting stuff up, in some cases money and their own clients, and possibly their livelihoods. If you want to HELP the community (foreign idea, I know), let SolusVM and WHMCS know of the exploits BEFORE releasing them. Once you've informed the companies about the exploits and they've had a reasonable amount of time to respond, THEN you can release the code. Back to what YOU'RE getting out of this. Nothing really. Public hatred towards you. Potential legal action taken against you (civil and/or criminal), with potential jail time and/or monetary fines. You're ruining your future with this. So STOP. I'm sure the rest of the community agrees on this point. It's not helping ANYONE, just hurting. So don't do it any longer.

 

[maounique]

 let SolusVM and WHMCS know of the exploits BEFORE releasing them. Once you've informed the companies about the exploits and they've had a reasonable amount of time to respond, THEN you can release the code.

I think they did that ?

However, those companies are more interested by PR and spinning the things around instead of the quality of the code.

We have plenty of evidence about that, at least from Solus, I tend to believe them when they say they sent the exploits not only to the companies, but also to infinity and others.

From where I stand, they are doing a good thing, destroying company credibility means they will have to get it back by releasing a decent product for a change.

Everyone will benefit in the end, exploits will no longer stay hidden to be used only by criminals, the fixes will be forced out of the culprits, people will be more aware of security and will take more back-ups as well as not disclosing personal data, everyone will win.

Even solus will have a better product which will generate better sales if they are really thinking about changing their ways, fire a few PR spin doctors and hire better coders. After all, they are not a political party, just a company which has to deliver a product.

 

[drmike]

fire a few PR spin doctors and hire better coders. After all, they are not a political party, just a company which has to deliver a product

Chairman Mao is on fire!  So true.  Better coders and less PR spin. 

 

[peterw]

What a show!

First SolusVM and now Hostbill and WHMCS. It's exciting to see how vulnerable a monoculture is.

 

[Marc M.]

What a show! First SolusVM and now Hostbill and WHMCS. It's exciting to see how vulnerable a monoculture is.

@peterw yeah, I imagine it is. Imagine how exciting it will be when you will have to pay $30 for the lowest end VPS and close to a $100 to get something decent, like it was just a few short years ago. Then you'll miss this "crappy monoculture" that you like so much to laugh at!

 

[travmed]

Just got this email update from ChicagoVPS. My question is don't we need access to the SolusVM to initiate a reimage of our server is everything is lost?

[SIZE=small]This is a further status update to the recent security breach that ChicagoVPS has experienced. We have successfully restored some nodes, and the vast majority of our VPS customers are online, however we have a small percentage of nodes which still need to be worked on. Some of the nodes we are working on had data loss that we cannot restore. These nodes are LA18, ATL1, ATL4, ATL5. I you on are on one of these nodes you can safely start to rebuild, or open a ticket asking for this months refund.
    
On a positive note, it seems like SolusVM has released a new update in light of the recent incidents ( [/SIZE][SIZE=small]http://blog.soluslabs.com/2013/06/19/security-updates-available-for-all-solusvm-versions/[/SIZE][SIZE=small] ). However, at this time we do not feel comfortable enabling SolusVM access at this minute as we were a victim of their security vulnerabilities two times in the past 7 months. We are evaluating other alternative panels, but at the moment our priority is taking care of our customers and getting the impacted nodes back in working order.
    
Please understand that we have all hands on deck working tirelessly to restore service connectivity for those impacted. Therefore, our ticket response times are affected to allow us to effectively work without anything slowing us down. We apologize for the delayed ticket response times but we assure you we are making progress and working hard to get everything back to normal.

Our goal is to have everything 100% restored tomorrow. Those affected by this incident will recieve compensation.
   
Regards,

ChicagoVPS Team[/SIZE]

 

[peterw]

@peterw yeah, I imagine it is. Imagine how exciting it will be when you will have to pay $30 for the lowest end VPS and close to a $100 to get something decent, like it was just a few short years ago. Then you'll miss this "crappy monoculture" that you like so much to laugh at!

I am pissed off. Someone is trying to destroy the whole SolusVM based economy. I am seeing it but I can't believe it. If the Hostbill and WHMCS 0day exploits are true it is just the beginning.

How should providers work if they can't use SolusVM and WHMCS?

I am using this monoculture too. Nothing to laugh at!

 

[Marc M.]

I am using this monoculture too. Nothing to laugh at!

@peterw As long as providers take steps to secure them, they will be fine. There are plenty of simple solutions to prevent SQL injections and such, and on top of that providers can use CloudFlare as a reverse proxy (it's running Nginx as well). So no, the entire industry won't come crashing down.

 

[zero]

My Status update;

LA - Dont answer ping still down

AT - Still ping reply and empty vps, no data

Chicago 1 -  Still ping reply and empty vps, no data

Chicago 2 -  Still ping reply and empty vps, no data

CVPS cant answer the tickets. I fight my clients on the phone. 

CPVS dont care how about us ...

Thank you CPVS you push us in to dark.