New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
ChicagoVPS hacked, bunch of VPS customers offline
This discussion has been closed.
Comments
@soluslabs did you get a response from CVPS? If not I might no why...
Cheers
@solusvm thanks for clarification, good to know you checked the code, hope you do an independent audit and I hope everything turns out okay
Since the last update.. No.
@soluslabs https://www.facebook.com/jeremiah.shinkle?fref=ts![:\](https://lowendtalk.com/resources/emoji/confused.png ":\")
^ what he said.
@soluslabs hire jeremiah?
This thread just gets more interesting...
Actually this was already talked about in the chicagovps update thread. http://www.lowendtalk.com/discussion/5727/chicagovps-update#Item_127
Has it been testing by a 3rd party? You can't really test your own creation objectively.
Not since this thread was reported to us.
Just opensource it.. We will gladly test it out for you?
And then what is the incentive to pay the fee? I know I would still pay some fee to insure development, but not the $350/mo I pay now.
It was a joke. We both know that they will never do it
Weesh, lay off Solus a bit, at least they are here and trying to show their interest.
Of course you did and of course you found nothing.
That is the definition of an exploit, isnt it, a flaw that managed to pass the checks, if everyone would be able to detect all flaws at checks then all software would be perfect because I cant think of any programmer in their right mind releasing unchecked products.
This being said:
1. Glad you are here;
2. Sad you do not consider this a reputable forum, but I can understand why it looks so at first, however, lack of heavy moderation has it's good aspects, too many heavily moderated forums out there where you can err or considered to err simply by rules interpretations;
3. It does seem this was not a real exploit, more like an exploitation of a human error;
4. This thread is one of the most enlightening about how some things work int he industry, conspiracy theory or not, in the end someone will put all the threads together and someone who knows someone that knows someone will come up with at least part of the truth.
This is why we love LET in the end. For things like these.
M
I think it os a good idea to hire jeremiah, consider it @soluslabs. he is way better compared to we3cares
Sorry more on the side of SolusLabs if this was indeed some kind of "in the wild exploit", WHT would be blown up with downtime complaints and/or emails from other affected providers.
Anyone reporting malicious probing/scannings with their nodes, WHMCS, SolusVM, etc? If so, exploit in the wild. If not, what everybody has already said or is thinking but won't say.
I can't tell anymore what the real facts are based on CVPS communications, nor from this huge thread.
Yes, as a customer who probably lost their data, Jeremiah's good reputation is the only thing that gives me some hope of finding answers now. It seems he has left CVPS meanwhile, and I hope Jeremiah will come out with the full truth, however ugly.
My questions:
(1) Was there an intrusion? If so: outsider or disgruntled employee?
(2) If a software issue: was root cause confirmed, and how?
(3) Any hope of recovering any data from the VPS instances? Was data deleted or just compromised? If not recoverable, then I for one am quite F'd.
(4) Was private client and credit card data compromised?
Take your time to get your stuff together Jeremiah, it must be shitty times for you now, but please do tell us what really happened from your perspective and live up to your reputation. (apologies if you answered these questions anywhere else).
@CentralAmerica,
CVPS has said there was a security breech in the SolusVM API area.
Disgruntled employee? Perhaps. Jeremiah is gone from both companies (which was a weird arrangement for two companies that aren't related supposedly).
SolusVM keeps getting poked at here. Nothing conclusive and main point at last check was that CVPS had NOT contacted them or did so with nothing useful provided.
Data is gone. Gone from your VPS, gone from backups you would have needed to manually have scheduled in Solus panel.
No details on how the data was lost. But it includes backups done as long as three weeks ago. Probably took out all their backups. 10% of their servers were destroyed using numbers they provided.
I said 'some of the things joepie91' said, not all of them.
+1
Correct, second order SQL injection. However, it virtually makes first order SQL injection impossible. So PDO should still be used.
That's where I think you're wrong. This should be top priority. You've got a VPS control panel, not a grocery list application! Security and code quality should be for very first concern! WHMCS has some of the same crazy "security practices".
Also: I've send @soluslabs a PM with some other feedback not mentioned here.
I will reply to it shortly
Thanks @pubcrawler !
What has everyone been getting in the way of compensation?
Nothing here, at least for the moment.
During the incident I had an invoice for one of my servers for $7 (Enterprise Deal) which was later cancelled to $0.
How can you guys be sure that @Soluslabs /is/ soluslabs?
The replies are on par for We3Cares responses. Had the misfortune of working with them directly while helping out a VPS company. They were one of the first things to go.
That's not we3cares, it's soluslabs posting as... @soluslabs.
That's scarier to be honest.