Sunday, November 18, 2018

Control Panel Vulnerabilities

Upgrading Control Panel

A good web hosting company encourages regular control panel updates and keep the tight security of serves, preventing and removing internet threats.

Vesta Control Panel

Web Hosting Software VestaCP Server compromised with DDoS malware, which could log passwords and open shells. The hacker exploited the bug existed in the API of the previous software version release 0.9.8-20 and changed all installation scripts to log admin password and IP as addition to the distro name used to collect stats. Furthermore, hacker installed /usr/bin/dhcprenew binary, that could open a shell or launch DDoS attacks to the server. The hackers went a step further and installed a new malware strain known as Linux/ChachaDDoS.
The vulnerability now patched in version 0.9.8-23. The providers explained the procedure to check and remove the Chacha DDoS malware running on their servers.

Security Warnings

  • Abnormal bandwidth use.

No comments:

Post a Comment