A highly damaging hack at UK-based web hosting company VAserv has taken a tragic turn for the worse after it was revealed that the boss of the Indian firm whose software was at the centre the attack, has hanged himself.
On Sunday, VAserv suffered a malicious attack on its virtual server infrastructure, which resulted in the deletion of approximately 100,000 sites.
According to the Register, the attackers apparently took advantage of security flaws in a virtualisation software platform called HyperVM, in order to break into the company's servers and issue commands to erase all of the contents hosted on them. The hackers appeared to have accessed customer credit card data and other information stored on the compromised servers.
VAserv offers low-cost web hosting services using virtualised private servers based on HyperVM. Unfortunately, it appears that many of its customers have irretrievably lost data, as backups do not seem to have being taken.
HyperVM is the virtualisation application made by LXLabs, an Indian based in Bangalore.
In the wake of the exploitation of a critical vulnerability in HyperVM, LXLabs' boss, K T Ligesh, hanged himself in a case of suspected suicide.
32 year-old Ligesh was found hanged in his Bangalore house on Monday morning, after a late night drinking session. The Times of India reports that he was upset with the loss of a recent contract. Ligesh was also still coming to terms with the suicides, also by hanging, of his sister and mother five years ago.
The news is a sobering development, especially as it is not clear whether the servers had been compromised because of vulnerabilities in HyperVM, as VAserv claims, or whether weak administrator passwords were to blame, as posted by the Inquisitr. The site links to a post, ostensibly by someone behind the attack, that talks about it having been facilitated by "excessive passwd reuse."
"Z3r0 day in hypervm?? plz u give us too much credit," the poster said, adding that he or she had compromised the VAserv billing system, installed backdoors on it and stolen lots of credit card numbers. "Telling you this cuz we got bored of this ****, it's just too easy and monotonous."
A note on VAserv's website, gives an indication of the scale of the disaster facing the UK ISP.
"We have been working dilengtly to recover the information that we can. Currently if your VPS is not responding it is best to consider that all data and information is lost," the note read. "This applies to all VPS and all nodes. We are now working on reprovisining and have approx 250 servers left to provision out and down to 120 support tickets. We are aiming to clear most of the backlog in the next 12 hours."
Jaikumar Vijayan of Computerworld (US), contributed to this article.