Posted in: Technology

UPDATE: New information on the Vaserv hack that wiped 100K sites

hackedjq6.jpg

Earlier I wrote about how the UK based Vaserv.com was hacked and had over 100,000 sites deleted from their servers. At that time I, and other tech news sites, were under the impression that it had something to do with virtualization software from LxLabs, whose boss was found hanged on Monday morning. It turns out, if the information provided in the comments of that original post is correct, that it may have been a more directed attack that had nothing to do with the LxLabs software.

This is the comment as it showed up under the original post

pastebin

So being the curious type of person I am I checked out the link and this is part of what I found

  1. Z3r0 day in hypervm?? plz u give us too much credit. If you really really wanna know how you got wtfpwned bitch it was ur own stupidity and excessive passwd reuse. Rus’s passwds are

    Code:

    e2x2%sin0ei unf1shf4rt 3^%3df 1/2=%mod5 f0ster

    f0ster being the latest one, quite secure eh bitches? We were in ur networks sniffing ur passwds for the past two months quite funny this openvz crap is we could just get into any VPS we like at any time thanks to ur mad passwds. But we got bored so we decided to initiate operation rmfication and hypervm was a great t00l to do that since it spared us the time of sshing into all ur 200 boxen just to issue rm -rf. Coded a little .pl to do just that, take a look at this eleet output it’s mad dawg

    Code:

    [root@vz-vaserv .ssh]# perl h.pl -user admin -pass ****off -host cp.vaserv.com -cmd ‘rm -rf /* 2> /dev/null > /dev/null &’ [+] Attempting to login using admin / ****off [+] Logged in, showtime!

Further down the outputted file there is some additional smack talk for the Vaserv guys

Did the same fo ****vps.com after resetting the passwd to hyper ve emz, it was ever so much fun you should try it sometime Rus it’s GREAT!

BTW to all the customers we deleted ur loving provider is overselling their crappy 8gb nodez to hell and back, thought you’d like to know, you can also thank ur loving buddy Rus for losing ur data hihi. BTW Rus we still have ur billing system wtfpwned and baqdoored we got shitload of CCz from ur retarded customers thanks a lot buddy. Telling you this cuz we got bored of this ****, it’s just too easy and monotonous so patch ur crap, if your too dumb to secure a simple web server my rate is $100/hour or one night with ur sister hauhaiahiaha.

Also wheres ur team Rus? the only ****ers i saw in ur billing sys are Kody, Vlada and u you guys work like ****ing hindus i bet but ur cheap like jews lolz hire some pros like me to help you out manage all those retards VPSs lolololl

Code: 1 1 rghf c32f3310baffcb431875a67196e99ebd Rus F zswlxxoomx@nowmymail.com 0 , Edit Delete 3 1 vlada c32f3310baffcb431875a67196e99ebd Vlada Neskovic zswlxxoomx@nowmymail.com 0 , Edit Delete 4 1 Kody fde67637d867c52d739931528dd92ef0 Kody Riker zswlxxoomx@nowmymail.com Georgia – server22 space 1slot 1gb 0 ,

See we care about ur privacy and edited ur emailz unlike you who do not care about the privacy of ur retarded customers lol

If the folks who actually did this read this and want to pass along any additional info about what happened with the Vaserv servers you can contact me at winextra @ gmail.com – confidentiality assured.

Articles And Offers From The Web

Comments

9 Responses to “UPDATE: New information on the Vaserv hack that wiped 100K sites”

  1. Gunna find ya

    Yeah and if the the folks who did this are reading this and would like to get an iron bar wrapped around their head, please feel free to name a time and place and i will come and find you (anywhere in the world, you cost me enough already, a plane ticket aint no thing dawg).

    And yes, keep boasting to your friends about this as thats how i will find you, not via a lame traceroute which will be masq'd anyways.

  2. zapak

    man i got a complete dataloss jat bcoz of u guyz who did this crap..!!
    this is so damn bad..

  3. jon

    yeah thanks for ruining my life for the last 2 years i had built up my site spending alot of money and giving up my job for nothing………what am i going to tell the wife?

  4. Someone

    Wow, these script kiddies seem to be illiterate. I'm really sorry about what happened to your host. I know how much of your life you probably put into it.

  5. Someguy

    You mean you never backed up your site locally??? I just find that hard to believe.

  6. Every year

    Welcome to the Summer holidays.

    The months are long till september :(