Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


ChicagoVPS hacked - Page 4
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

ChicagoVPS hacked

1246712

Comments

  • @CVPS_Adam Finally Adam, you are the 0day to be happily patched today. Welcome to LET

  • @BradND said:
    CVPS_Adam I'm not sure anyone cares about you being hacked, why did you lie about being kevin?

    I'm sure that his customers whose VPS's are down or who could lose data care very much about him being hacked. Am I to assume that you don'tt give a fuck about end users losing their data? Is that an official NodeDeploy position or is it just yours?

  • aoleeaolee Member

    omg hope they don't lose our data. i need the most recent data :(

  • AnthonySmithAnthonySmith Member, Patron Provider

    @Liam said:
    run

    Hahahahahahahahahhahahaahahahahahahaha,,,,,,, no

    Thanked by 1tux
  • BradNDBradND Member

    @jack yes I'm sure they will answer it all truthfully.... Heh

  • AnthonySmithAnthonySmith Member, Patron Provider

    @aolee said:
    omg hope they don't lose our data. i need the most recent data :(

    They did not loose 'your' data only you can do that.

  • AnthonySmithAnthonySmith Member, Patron Provider

    @Liam haha nice one.

  • @Maounique said:
    Jesus !!!

    I dont think this is just the solusvm thing.
    It might be another exploit that is used against them, maybe the same as last time they were hacked.
    soluslabs any idea about this ???

    Don't even bother, these wankers won't admit nor help

  • @mpkossen said:
    What's up with people these days...

    It's not like CVPS had any enemies or something /sarcasm

  • @Zen said:
    Well that's my point. Release it with no support, no updates, no expectations - remove the design.. let people throw that in themselves. Why not? I think many hosts would take the challenge.

    So there will be even more vulnerable panels around?

  • Has anyone else noticed that the title of this thread is spelled wrong?

  • erhwegesrgsrerhwegesrgsr Member
    edited June 2013

    @Zen said:
    Because vulnerabilities just pop out the second you release code. I'm not telling them to release it in an improper state, but they don't need to support it.

    No, I mean, give more providers who want their own panel badly but simply suck at PHP security a chance to make some shitty vuln panel

  • CVPS_ChrisCVPS_Chris Member, Patron Provider

    Hey guys,

    We're aware of this compromise obviously and we are all working hard to get it fixed. We won't sleep until everything is recovered. SolusVM is actively working with us to investigate as well, and we thank them for that.

    Regards

    Chris

  • MannDudeMannDude Host Rep, Veteran
    edited June 2013

    @Magiobiwan said:
    Has anyone else noticed that the title of this thread is spelled wrong?

    Probably so it's not indexed by Google when you search for 'ChicagoVPS hacked'.

  • @wk2egk7zme said:
    Probably so it's not indexed by Google when you search for 'ChicagoVPS hacked'.

    More likely that it was just a genuine mistake, he used the corect spelling in the OP anyway.

  • MannDudeMannDude Host Rep, Veteran

    @gsrdgrdghd said:
    More likely that it was just a genuine mistake, he used the corect spelling in the OP anyway.

    Quite true aswell.

    I'm sure they'll get it sorted soon anyhow as they should have backups now. Best of luck to everyone.

  • MaouniqueMaounique Host Rep, Veteran
    edited June 2013

    @Jack said:
    Tell Phil to get his arse on here and provide us with an update with are we safe to put our installs back online or not.

    Yes, we are waiting too, and while i understand cvps is more urgent, at least a short 3 lines update would help a lot with the nerves...

    OT, speaking of lines, why doesnt vanila honour the CR char ?

    I am not used with forums where I have to leave a line every damn paragraph.
    /OT

  • SpiritSpirit Member

    I am wondering how many hosts are compromised already without knowing it. We know about 3 cases now solely because abusers let as know about them (erased stuff, leaked database...)

  • EvoEvo Member

    @Maounique, @Jack,

    SolusLabs does not seems to be interested - they had plenty of time to comment on any of the multiple topics about the problems with their software.

    Their position is simple: "Wait for the storm to pass, and then continue with the sales - they have no choice - our software is the only option as a VPS panel"

  • SpiritSpirit Member

    Yes, @Jack. Without stuff erased or/and database leaked we wouldn't even know about them but there could be much more hosts compromised already.

  • InfinityInfinity Member, Host Rep

    Just for those that are wondering from near the start of the thread who that "lol" guy on LEB is, the IP is in the same range as CurtisG's, and just last night he was asking to be unbanned to ask for opinions on his new VPS control panel (he already has a thread on VPSboard about it).

    Food for thought.

  • MaouniqueMaounique Host Rep, Veteran

    @Evo said:
    Maounique, Jack,
    Their position is simple: "Wait for the storm to pass, and then continue with the sales - they have no choice - our software is the only option as a VPS panel"

    Is that so...

    Well, in that case, I am sure this is exactly what the market needs, a point of entrance for other vendors.

    Many folks are so desperate they would try out and the userbase will grow, the code will improve and we will have more options at next occurence of these exploits.

    We need more options and designing and using own will probably not be much better in terms of security, actually, as I said some other place, it is probably a bad idea to use own code and secure it through obscurity.
    The webserver (php, db, whatever) might have an exploit and the code will leak, after that will be a kid's play.

  • Awmusic12635Awmusic12635 Member, Host Rep
    edited June 2013

    @Evo I'd much rather have them work on their software than spending their time commenting here.

  • curtisg = robert = constantinous?

  • MaouniqueMaounique Host Rep, Veteran

    I doubt the PR manager has much to do with coding and figuring exploits with forensic techniques, or even if they are pointed to them.

    We only need some basic info:

    Did, or did not Solus Labs receive the mentioned exploits ?

    Who reviewed them ?

    Are they responsible for CVPS or was some other issue ?

    That would be enough for now, I think. We have customers waiting to access their solus interface, may not be in such a desperate state as CVPS, but still, 3 answers by someone who can write basic english after was told what to say by some representative is not too much to ask.

  • @rds100 said:
    Do we still have the "chief" excuse? Who is this mythical creature?

    He is a real person, not an excuse. His real name is Joel. He probably hasn't logged in for a while. From what I heard, some actions were taken that only he knows the full reason of. Sometimes that makes Liam's life a tiny bit more difficult because he simple can't answer some questions since he doesn't know the answer.

    @erhwegesrgsr said:
    It's not like CVPS had any enemies or something /sarcasm

    Sure, they have "enemies". For me personally, that still wouldn't be a reason to do something like this. I'd stay away would I have disliked CVPS.

  • AnthonySmithAnthonySmith Member, Patron Provider
    Just to clear up one of the rumours - we have not been informed by anyone about any new vulnerabilities or exploits and we've certainly not received any information as to how they are apparently executed.
    
    We're currently conducting a complete audit of code to see if any problems exist and if they do will release a statement and patch immediately. I'm sure you can appreciate we need to carry out these checks as a high priority over commenting on forums and various threads.
    

    I got this back from SolusVM

  • halhal Member

    change you password as soon as possible

  • BradNDBradND Member

    Did they not do a full audit before and the centralbackup exploit still got through?

  • erichierichi Member

    We're currently conducting a complete audit of code to see if any problems exist

    This seems like something that is long overdue.

Sign In or Register to comment.