I have been following this developing story about VAServ, a small UK hosting company that was infiltrated by hackers who proceeded to delete data on over 100,000 hosted websites. This included thousands of small businesses who spent years developing their websites.
Naturally, VAServ had to deal with more than a few angry phone calls from users. One comment read, “Yeah thanks for ruining my life for the last 2 years i had built up my site spending alot of money and giving up my job for nothing………what am i going to tell the wife?” But VAServ is just a small company using the internet to look big; there were only three employees to deal with the crisis that affected tens of thousands.
The hack is thought to be caused by unpatched vulnerabilities in a virtual machine management software program called Kloxo that VAServ used. Days before the hack, an amazing 24 high risk vulnerabilities in Kloxo were posted on milw0rm. The anonymous poster said that they decided to make the vulnerabilities public after Lxlabs, the creators of Kloxo, did not fix the software after two weeks after the initial notification. He concluded that the ‘vendor appears uninterested’ in the vulnerabilities.
This is the common procedure of a lot of white (or grey) hat hackers. If the software developers or website refuse to acknowledge and correct the vulnerabilities, then they publicize the exploits to inform the users of the danger and put pressure on the developers to take action. Forcing developers to patch their vulnerabilities is sometimes the only way to save software or website users who may be exploited by black hats.
However, in this case, publicizing the vulnerabilities in Kloxo may have had the side effect of tipping off black hats who hacked into VAServ and deleted customer websites.
After the incident, Lxlabs founder and owner, K T Ligesh, was found hung in his apartment in Bangalore. But no one can be sure whether or not this incident was the primary cause of the suicide since Ligesh seemed to have other issues disturbing him.
I think this incident might rekindle discussions about the way some hackers publicize exploits for the good of the users. Was the anonymous milw0rm poster too hasty to post the exploits? I’m interested to hear your thoughts.
Email This Post
Print This Post
You must log in to post a comment.