http://www.itwire.com/content/view/25559/53/
"Reports are emerging that KT Ligesh, the 32 year old boss of LXLabs in Bangalore, has been found hanged at his house.
[](http://www.statcounter.com/)
Described as a brilliant software engineer, his company was said to be doing quite well which begs the question: why the suicide? The Times of India suggests that suicide ran in the family and Ligesh was upset about a lost contract.
However, I wonder if the unfolding events surrounding the discovery of critical vulnerabilities in applications developed by LXLabs might have some bearing on the tragedy?
First there are 24 vulnerabilities reported in the Kloxo (previously known as Lxadmin) web hosting platform.
But perhaps even more troubling is the suggested critical vulnerability in virtualisation software called HyperVM, that has apparently been exploited over the weekend causing as many as 100,000 websites to be damaged so far.
UK-based ISP VAServ has stated that up to 100,000 websites had been damaged following a zero-day exploit which hit the ISP’s central management software and wiped data from sites which had opted for a cheaper, non-backed up, hosting service on Sunday night.
VAServ says in a statement that it had worked through Sunday night, and continues to do so now, in order to recover as many virtually hosted sites as possible however it admits that “if your server is not currently up, or not partly up (i.e. it is up but not working due to a configuration issue) then it is unfortunate that you will have lost your data due to this third party attack.”
LXLabs has yet to comment either on the death of KT Ligesh or the reports of critical vulnerabilities in its software."
Code http://milw0rm.com/exploits/8880
Weird I was just about to start running this…
Other reports also say they reused admin passwords…so who knows…
"A day after news of a so called HyperVM 0-day that resulted in 100,000 sites being wiped out on Vaserv, the following information has come to light from an anonymous source:
Z3r0 day in hypervm?? plz u give us too much credit. If you really really wanna know how you got wtfpwned ***** it was ur own stupidity and excessive passwd reuse. Rus's passwds are
Code:
e2x2%sin0ei unf1shf4rt 3^%3df 1/2=%mod5 f0ster
f0ster being the latest one, quite secure eh bitches? We were in ur networks sniffing ur passwds for the past two months quite funny this openvz crap is we could just get into any VPS we like at any time thanks to ur mad passwds. But we got bored so we decided to initiate operation rmfication and hypervm was a great t00l to do that since it spared us the time of sshing into all ur 200 boxen just to issue rm -rf. Coded a little .pl to do just that, take a look at this eleet output it's mad dawg
Code:
[root@vz-vaserv .ssh]# perl h.pl -user admin -pass ****off -host cp.vaserv.com -cmd 'rm -rf /* 2> /dev/null > /dev/null &'
[+] Attempting to login using admin / ****off
[+] Logged in, showtime!
<snip>
"