Cloudcone hit by ransomware via Virtualizor exploit
Cloudcone is reporting a security breach where attackers used the Virtualizor "Server Terminal" to bypass SSH alerts and run a ransom script on a subset of nodes.
What happened: Affected VMs had their boot sectors overwritten with ransom messages.
Scope: Limited to nodes on a single Virtualizor instance. Other platforms and billing/personal data were not impacted.
Recovery: The team is currently attempting data recovery via raw block devices and partition reconstruction.
Affected users should keep an eye on their email for further updates from Cloudcone.
————————————————————
Cloudcone 通过 Virtualizor 漏洞遭遇勒索软件攻击
Cloudcone 正在报告一起安全漏洞事件,攻击者利用 Virtualizor 的“服务器终端”绕过 SSH 警报,并在部分节点上运行了勒索脚本。
事件经过:受影响的虚拟机(VM)其引导扇区被覆盖为勒索信息。
影响范围:仅限于单个 Virtualizor 实例上的节点。其他平台以及计费/个人数据未受到影响。
恢复情况:团队目前正在通过原始块设备和分区重建来尝试数据恢复。
受影响的用户应留意来自 Cloudcone 的后续邮件更新。
来源:
精彩评论
Cloudcone is reporting a security breach where attackers used the Virtualizor "Server Terminal" to bypass SSH alerts and run a ransom script on a subset of nodes.
What happened: Affected VMs had their boot sectors overwritten with ransom messages.
Scope: Limited to nodes on a single Virtualizor instance. Other platforms and billing/personal data were not impacted.
Recovery: The team is currently attempting data recovery via raw block devices and partition reconstruction.
Affected users should keep an eye on their email for further updates from Cloudcone.
————————————————————
Cloudcone 通过 Virtualizor 漏洞遭遇勒索软件攻击Cloudcone 正在报告一起安全漏洞事件,攻击者利用 Virtualizor 的“服务器终端”绕过 SSH 警报,并在部分节点上运行了勒索脚本。
事件经过:受影响的虚拟机(VM)其引导扇区被覆盖为勒索信息。
影响范围:仅限于单个 Virtualizor 实例上的节点。其他平台以及计费/个人数据未受到影响。
恢复情况:团队目前正在通过原始块设备和分区重建来尝试数据恢复。
受影响的用户应留意来自 Cloudcone 的后续邮件更新。
来源:
精彩评论