ChicagoVPS hacked SolusVM, Bypassed Licensing, and is Running Illegal Cracked Copies of Solus

[Jack]

It's obviously all about #WINNING

 

[drmike]

Whatever happened to the custom panel they are/were working on? Does CVPS still use Solus, or are they only using parts of it?

Isn't Feathur that ?

.

ChicagoVPS is the largest low end provider and their low end market share is over 50% (source: ) so they would be spending considerably more than $10 for licenses for their hundreds thousands of nodes.

150 nodes is largest number I recall.   Officially at time of last database dump it was roughly 100 nodes.  50 growth was thereafter.   When I see better performing nodes like I have in reviews for CVPS lately (well a few of them) means either shedding of users or more nodes brought online.

 

[HN-Matt]

Seems like a lot of troulbe to go through just to save $10.

That's what I was thinking.

/God fearing $10 SolusVM license payer

EDIT: Or maybe they are buying licenses through buycpanel.com?

 

[raidz]

They are probably doing it through a different company name. I couldn't imagine cvpschris #winning moneybags has a problem paying $10 a server, they do have 50% of the VPS market....

 

[Artie]

IF ChicagoVPS is running a nulled/older version of Solus, and then they got hacked after the initial exploit (Ramnode got hacked during this "initial" exploit), then I care a great deal. People took their Solus offline after the initial hack, brought it back online when given the "all clear", and then ChicagoVPS got hacked so it very promptly went back offline for the vast majority of providers for an extended period of time. ChicagoVPS directly caused quite the workload for hosts, and a lot of unnecessary scrambling if this turns out to be the case.


Edit: I'd like to specifically note the IF part. Based on the fact that cVPS happened to get hacked long after a solus update was available makes me very inclined to lean in buffa's favor on the facts, but without total proof I'd like to err on the side of speculation.

If hosts base their decisions from an entity that has to been proven to lie before that's not really CVPS' fault. CVPS didn't directly cause any workload, hosts choose to create this workload by believing CVPS in the first place. Ultimately the decision is up to the host themselves, and blaming someone else for you turning off your panel is non-sense.

Easy. Just think of the marketing you could do to their supposedly large client base.


"We pay our bills"


"We plan on being around longer than the time it takes to get caught cheating our license providers"


Lots of people would care with good reason

I highly doubt anyone sane would want CVPS' clients in the first place. With all things that have come out (including these client's personal data) these clients should of bailed. They didn't, what does that tell you?

tl;dr OH LOOK! Another CVPS screw up. Did you think people would stop caring after the first hundreds of them? Nope.

 

[tchen]

Whatever happened to the custom panel they are/were working on? Does CVPS still use Solus, or are they only using parts of it?

SolusVM was removed a while back a few months after the second hack I believe.  Clients control it via their own CP in WHMCS 's services section.

 

[concerto49]

SolusVM was removed a while back a few months after the second hack I believe. Clients control it via their own CP in WHMCS 's services section.

Pretty sure that's just ModuleGardens plugin to SolusVM.

 

[drmike]

Is someone here an actual CVPS customer?  (I won't hold it against you )

It was my understanding that they were running the a ModuleGardens WHMCS layer... An API play to front Solus.  Thus still using Solus, just isolating sort of.

Can someone confirm this is still their setup over there?

 

[DomainBop]

Pretty sure that's just ModuleGardens plugin to SolusVM.

It's  either ModulesGarden or something similar they hired a freelancer to do but as far as I know SolusVM is still in use in the background but customer access was removed.

They definitely didn't have time to code their own CP because the initial WHMCS integration was done about 1 week after the hack, and they added a few features after that, like the ability to reinstall the OS without having to open a ticket.

June 29 2013 email - 1 1/2 weeks after Solus was hacked

On another note - last week, we sent you an email regarding the new frontend VPS management accessible through the client area for controlling basic functions of your VPS. We're pleased to announce that by next week we will be adding additional features to make this frontend more advanced, including the ability to conduct reinstallations of your VPS container(s) without the need to contact support.

June 23rd email - 5 days after the hack

Direct access to SolusVM remains inactive as we wait for their internal and external security audits to be completed (as discussed here: http://www.lowendtalk.com/discussion/11327/solusvm-audit-update#latest). During the interim you are able to control your containers through our billing/support system and may request OS reloads via ticket.

 

[DomainBop]

June 22nd - 4 days after the hack.  Announcement of the new "alternative frontend:"

With the recent SolusVM exploits that have affected our company and others with a negative impact, many of our customers and us are not supportive of enabling public facing access to our SolusVM VPS CP as additional code could be exploitable. Let's not take a risk when it comes to security. At this time, we are releasing an alternative frontend solution to our customers to allow them to reboot, start, shut down, serial console, change root pass, or change hostname on their VPS. We hope to be making this more feature rich soon, however at the moment the only thing that you CANNOT do with this new frontend is: reinstall VPS, manage DNS entries, or create central backup. We are working on making these features available to you ASAP.

You can now access your virtual server controls at https://billing.chicagovps.net/clientarea.php?action=products . Select the service, and under the "Virtual Server Control" section you can manage multiple aspects of your VPS, including reboot, start, shut down, serial console, change root password, or change hostname.

 

 

[drmike]

Ehh... wait a second... I am sure it's ModulesGarden...

Pulling screens.

 

[drmike]

How we know CVPS is using ModulesGarden to front SolusVM:

1. Matches in organization of panel.

2. Icons match ModulesGarden.

3. Reinstall is not an option in SolusVM, but is in ModulesGarden.

4. tun/tap cannot be set in SolusVM, but can be in ModulesGarden.

Whatcha' all think?

http://www.google.com/search?q=chicagovps+modulesgarden

^--- like that page?  Good results.  Karma math.

 

[drmike]

Yo yo! Where you at @CVPS_Chris ?

 

[Erawan]

If anyone can check the owner of this SolusVM key, it would be great

SVMSO-RQ60Z-OC5LF-6F9TH-81B4M-W0W8C-YNBHZ

 

[mikho]

Would you mind posting the rest of the ticket? Want to see the company name you asked for.

 

[MannDude]

I suppose this could be debunked if CVPS_Chris cares to post his recent invoice receipts to Solus. Could be a simple mix up where their under a different name or associated with someone who is no longer with CVPS. Their WHMCS is still registered to Shinkle and he's not been with the company for some time as far as I know. Could very well be under his name, under Jon's or something.

<shrugs>

 

[Virtovo]

I think this is most likely to be an issue around company name.  I cannot imagine that CVPS would be so vocal about their use of SolusVM in public if they were using nulled versions.

 

[NickM]

If anyone can check the owner of this SolusVM key, it would be great


SVMSO-RQ60Z-OC5LF-6F9TH-81B4M-W0W8C-YNBHZ

That license key is not active.

 

[drmike]

This is the original point of contact ticket...

 

[nunim]

Without any hard proof this is just speculation and the title should be changed to reflect that.

I can't see why CVPS wouldn't pony up for the licensing fees.