Here is probably one of the biggest/fasting growing outage thread on WebHostingTalk — started by someone reporting FsckVPS connectivity issue yesterday morning. When I went to bed last night there was around 50+ pages of discussions, and now it has grown to 80+ pages. FsckVPS, one of the VAServ companies, was offering low-cost full-automated OpenVZ VPS with instant activation. And it turns out that HyperVM, a virtualization control panel for both OpenVZ and Xen developed by LxLabs, has some serious vulnerabilities. Someone could exploit it and gain super user privilege on the physical node, including performing highly malicious operations. It appears to be the case with FsckVPS and someone managed to exploit HyperVM and wiped out data for 100,000 websites (according to The Register).
“We were hit by a zero-day exploit” in version 2.0.7992 of the application, he (Rus Foster of VAServ) said. “I’ve heard from other people they’ve been hit by the same thing.”
Because of unmanaged nature of FsckVPS, they do not actually carry any backup of their clients’ VPS (which is a fair call from a providers’ point of view). Many might not actually have offsite backup anywhere — and now that’s pretty bad.
Recent comments
1 day 19 min ago
1 day 15 hours ago
3 days 21 hours ago
4 days 11 hours ago
4 days 11 hours ago
6 days 19 hours ago
1 week 3 hours ago
1 week 1 day ago
1 week 1 day ago
1 week 2 days ago