In the wake of UK-based Vaserv.com, a large internet service provider, was hit by a zero-day vulnerability that wiped out the data for 100,000 websites the man behind the virtualization software used by Vaserv.com was found hanged .
The virtualization software, called HyperVM, was the web platform software from an Indian company called LxLabs and is currently used to managed approximately 30,000 virtualized private servers. It is this virtualization that allows many web hosting companies to provide extremely low-cost hosting services.
Recent reports though from security researches show that products from LxLabs contain up to 24 security vulnerabilities and exploits. It was one of these exploits that totally wiped (delete) the data for half of the websites hosted on Vaserv.com.
Little is known about the people who attacked the site. So far, there are no known reports of individuals taking credit for the hack. The breach was likely the result of a SQL injection attack that penetrated Vaserv’s central management software and removed vital binaries and data for about half of all user data stored by the service, Foster said.
“This wasn’t someone randomly scanning things,” he said. “It was a deliberate attack on our infrastructure.”
Vaserv specializes in low-cost web hosting using VPS, or virtualized private servers. Virtualization features in LXLabs’ HyperVM helped Vaserv provide the service, which costs a fraction of the price of dedicated server hosting.
Source: The Register
Whether or not this failure of the LxLabs software was a contributing factor in the death of KT Ligesh, CEO of LxLabs, is unknown. The Times of India reports that he was found hanged in his Bangalore home on Monday morning. They also report he was apparently upset with the loss of a recent contract and had been on a late night of drinking before his death.