Vaserv.com, a very popular UK ISP, has suffered a large cyber attack that has caused over 100,000 websites that relied on a virtualization manager solution known as HyperVM to lose data.
The virus attacked the HyperVM software in particular, which is located in LXL Labs, through a small vulnerability built into the software, destroying data left and right and also stealing credit card numbers from the servers.
Rus Foster, the director of Vaserv said that the damage was done on Sunday evening.
According to Foster, administrators noticed that there was something odd in the system and soon after, half of the websites that the ISP server supports faced data attacks.
The hackers were primarily focused on deleting files from hosted websites by executing Unix commands, including rapid recursive deletion, via the ‘rm –rf’ command.
Vaserv reported that some of the nodes that were attacked were able to be restored, but that repair is not quite finished so the word on how many servers were permanently affected in the ISP attack is not confirmed, although the ISP did say that over 20 FSCK servers did suffer from full data loss.
Many ISPs are taking the recent Vaserv attack to heart as an example of why data backup procedures need to be implemented and followed, along with the existence of an emergency recovery procedure.
Engineers are continuing to work on restoring lost data from what Foster labeled was a SQL cyber attack, although no hacker or hacker groups have yet claimed responsibility for the cyber attack.
Industry analysts have speculated that if Vaserv is not able to restore data fast enough to satisfy companies the cyber attack could result in a fast cheap ‘fire’ sale to another ISP.