Ramnode's SolusVM was hacked earlier and attempting to log in gave you a list of every single subsciber's email address, name, and root password (plain text) to their VPS as well as IP address. Source: <a href="http://www.reddit.com/r/webdev/comments/1gga3n/ramnode_hacked_names_emails_and_passwords/" rel="nofollow">http://www.reddit.com/r/webdev/comments/1gga3n/ramnode_hacke...</a><p><a href="http://localhost.re/p/solusvm-11303-vulnerabilities" rel="nofollow">http://localhost.re/p/solusvm-11303-vulnerabilities</a><p><a href="http://www.webhostingtalk.com/showthread.php?t=1276286" rel="nofollow">http://www.webhostingtalk.com/showthread.php?t=1276286</a><p>If you use SolusVM: <a href="http://blog.soluslabs.com/2013/06/16/important-security-alert-all-solusvm-versions/" rel="nofollow">http://blog.soluslabs.com/2013/06/16/important-security-aler...</a><p>"We are working to get things back online. We were hit with a SolusVM exploit late last night." (<a href="https://twitter.com/RamNode" rel="nofollow">https://twitter.com/RamNode</a>)<p>Happy Father's Day!
Apparently there are allegation going around that it was done by a competitor, servercrate.<p><a href="http://lowendtalk.com/discussion/comment/284016/#Comment_284016" rel="nofollow">http://lowendtalk.com/discussion/comment/284016/#Comment_284...</a>
Honestly the usage of SolusVM, WHMCS etc (i.e. things written in PHP which have no business being written in at least, the way a PHP typically is written) has been <i>the</i> main security problem of the entire industry.<p>We need more things like OpenStack out there -- competently designed and implemented toolstacks that actually work correctly and have a remotely acceptable security model.
It's a nightmare for them and I'm sure they'll lose customers over it, but I'm staying when two days ago I was planning on canceling my vps due to underuse.<p>It was ridiculously fast for a vm (>700MB/s with vpsbench, all tests), but the $5/mo Digital Ocean instances were fast enough with PostgreSQL/Sphinx that none of my (free) users were complaining. I like Digital Ocean, I'm keeping some stuff over there, but I appreciate Ramnode's transparency & dedication during this. It doesn't hurt that they're probably going to be constructively paranoid now that they've gotten burned. This is one of those things my partner saw all the time running a restaurant - screwups are unavoidable, but handling them well can actually get you a loyal customer.
Sigh. I'm glad I didn't give them any billing information (monthly invoice paid each time via Paypal). It's not clear to me how/why root passwords are compromised by this exploit; anyone care to elaborate?
Any news? my VM is down and I see here that all the nodes are still down:<p><a href="http://status.ramnode.com/" rel="nofollow">http://status.ramnode.com/</a>