Security

A large internet service provider said data for as many as 100,000 websites was destroyed by attackers who targeted a zero-day vulnerability in a widely-used virtualization application. Technicians at UK-based Vaserv.com were still scrambling to recover data on Monday evening UK time, more than 24 hours after unknown hackers were able to gain root access to the company's system, Rus Foster, the company's director told The Register. He said the attackers were able to penetrate his servers by exploiting a critical vulnerability in HyperVM, a virtualization application made by a company called LXLabs. "We were hit by a zero-day exploit" in version 2.0.7992 of the application, he said. "I've heard from other people they've been hit by the same thing." Foster said he's been unable to reach anyone at LXLabs to discuss the suspected vulnerability. The Register has also received no response to inquiries sent to the company, which according to its website is located in Bangalore.

Original Article