SolusVM Exploit - Who got hit?

drmike

100% Tier-1 Gogent
So aside from board favorite RamNode, who else fell victim to the SolusVM exploit?

Anyone noticed other low end or even high end providers that were victimized?
 

Magiobiwan

Insert Witty Statement Here
Verified Provider
They gave 3 months free service for their FREE PRODUCTS? It's... So amazing!
 

HalfEatenPie

The Irrational One
Retired Staff
They gave 3 months free service for their FREE PRODUCTS? It's... So amazing!
 

He means Host1Plus.  Host1Plus is the parent of Host1Free, and I believe they used the same Solus (Not too sure?) but just had Host1Plus provision servers on a different servers than those of Host1Free.  Regardless, what he meant was they gave 3 months free service to the paying customers.  
 

MannDude

Just a dude
vpsBoard Founder
Moderator
SO, in other words, not so many ?
Probably not in the lowend market, word traveled quickly and most providers acted faster than skids.

Either that or there were smaller providers that were hit that we don't know about yet, because their 15 clients haven't complained, or perhaps there are providers who got hit with their DBs stolen and they either don't know about it or haven't made it public yet. Any number of scenarios here.

I don't believe it was only RamNode, quite a few providers on LET was showing their log files showing people had tried and failed with them, so I am sure there is a handful out there that we just haven't heard yet where someone succeeded.

There could be someone out there sitting on hundreds of SolusVM DBs to be sold or used for god knows what. Mass hacked VMs used for giant botnets, just pure destruction of data, spam, any number of things of really.
 
Last edited by a moderator:

drmike

100% Tier-1 Gogent
There could be someone out there sitting on hundreds of SolusVM DBs to be sold or used for god knows what. Mass hacked VMs used for giant botnets, just pure destruction of data, spam, any number of things of really.
That reminds me of the ChicagoVPS hack in November that wasn't declared in public and admitted by Chris for a good three months, well the database theft part.

The 1000 VPSes that were purged, lots noticed the day of the event.
 
Last edited by a moderator:

jarland

The ocean is digital
We were hit. By none other than...a pie which is half eaten. I don't know how I stack up, but the two guys I work with are pro.
 

mikho

Not to be taken seriously, ever!
That reminds me of the ChicagoVPS hack in November that wasn't declared in public and admitted by Chris for a good three months, well the database theft part.


The 1000 VPSes that were purged, lots noticed the day of the event.
Perhaps the hack (db dump) wasn't known before the actual destruction of the vm's?
 

drmike

100% Tier-1 Gogent
Deja f*cking vue!

Chris just 12 hours ago I think said Kevin (who doesn't exist) audited their logs and confirmed Robert Clarke tried hacking their Solus and that they weren't compromised..
 

MannDude

Just a dude
vpsBoard Founder
Moderator
Deja f*cking vue!

Chris just 12 hours ago I think said Kevin (who doesn't exist) audited their logs and confirmed Robert Clarke tried hacking their Solus and that they weren't compromised..
Seriously? Where was that said? Would it of been obvious to them if they were compromised? As in, did they actually know before it be made public again?

Yikes.
 
Top