colocrossing旗下VPS平台数据泄露,注意修改密码等!
colocrossing旗下VPS平台数据泄露,注意修改密码等!
colocrossing旗下卖VPS的平台有3个,分别是cloud.ColoCrossing.com, HudsonValleyHost.com, ChicagoVPS.net,全部都是用的Virtualizor面板管理的VPS,当前黑客就是利用的这个Virtualizor漏洞入侵拿到了全部数据。大家最好先备份自己VPS上的内容,然后再重装系统,然后手动修改root密码(不要用系统默认生成的)。
Re: colocrossing旗下VPS平台数据泄露,注意修改密码等!
官方的正式回复来了:
Dear Customer,
We’re reaching out to inform you of a recently resolved security matter involving the control panel software used to manage your ColoCloud virtual servers.
The issue was identified on May 24th and stemmed from a vulnerability in a Single Sign-On (SSO) feature. While this did not impact the ColoCloud billing system (WHMCS) or expose any personal or payment information, the attacker was able to access limited system metadata, email addresses and used our mail server API to send an unauthorized message to ColoCloud customers.
All ColoCloud infrastructure is fully operational and secure. With support from the software vendor, we have taken all necessary steps to address the vulnerability and harden the environment.
As a precaution, we recommend:
Rotating the root password for your virtual server container
If you reuse your Virtualizor password on other platforms, consider updating those as well
These recommendations are made out of an abundance of caution. All stored container passwords remain securely encrypted. Additionally, while we have temporarily disabled access to the Virtualizor control panel, customers may still manage and interact with their virtual servers securely via WHMCS.
We’ve responded quickly and thoroughly to ensure platform security and prevent this from recurring. If you need assistance resetting your passwords, our support team is ready to help.
Please note: this communication applies only to the ColoCloud cloud/vps platform. It does not involve any part of the ColoCrossing dedicated server or colocation infrastructure, which operates on a separate system.
Thank you for your continued trust.
Sincerely,
The ColoCloud Team
尊敬的客户:
我们特此通知您,近期解决了一个涉及您用于管理 ColoCloud 虚拟服务器的控制面板软件的安全问题。
该问题于 5 月 24 日被发现,源于单点登录 (SSO) 功能中的一个漏洞。虽然该漏洞并未影响 ColoCloud 计费系统 (WHMCS) 或泄露任何个人信息或付款信息,但攻击者能够访问有限的系统元数据和电子邮件地址,并使用我们的邮件服务器 API 向 ColoCloud 客户发送未经授权的消息。
所有 ColoCloud 基础设施均已全面安全运行。在软件供应商的支持下,我们已采取一切必要措施来修复该漏洞并强化环境。
作为预防措施,我们建议:
轮换虚拟服务器容器的 root 密码
如果您在其他平台上重复使用 Virtualizor 密码,请考虑同时更新这些平台的密码
这些建议是出于谨慎考虑而提出的。所有存储的容器密码均保持安全加密。此外,虽然我们暂时禁用了 Virtualizor 控制面板的访问权限,但客户仍然可以通过 WHMCS 安全地管理和与其虚拟服务器交互。
我们已迅速而全面地做出响应,以确保平台安全并防止此类事件再次发生。如果您需要重置密码方面的帮助,我们的支持团队随时准备为您提供帮助。
请注意:此通知仅适用于 ColoCloud 云/VPS 平台。它不涉及 ColoCrossing 专用服务器或主机托管基础设施的任何部分,这些服务器或主机托管基础设施在单独的系统上运行。
感谢您一直以来的信任。
此致,
ColoCloud 团队
Dear Customer,
We’re reaching out to inform you of a recently resolved security matter involving the control panel software used to manage your ColoCloud virtual servers.
The issue was identified on May 24th and stemmed from a vulnerability in a Single Sign-On (SSO) feature. While this did not impact the ColoCloud billing system (WHMCS) or expose any personal or payment information, the attacker was able to access limited system metadata, email addresses and used our mail server API to send an unauthorized message to ColoCloud customers.
All ColoCloud infrastructure is fully operational and secure. With support from the software vendor, we have taken all necessary steps to address the vulnerability and harden the environment.
As a precaution, we recommend:
Rotating the root password for your virtual server container
If you reuse your Virtualizor password on other platforms, consider updating those as well
These recommendations are made out of an abundance of caution. All stored container passwords remain securely encrypted. Additionally, while we have temporarily disabled access to the Virtualizor control panel, customers may still manage and interact with their virtual servers securely via WHMCS.
We’ve responded quickly and thoroughly to ensure platform security and prevent this from recurring. If you need assistance resetting your passwords, our support team is ready to help.
Please note: this communication applies only to the ColoCloud cloud/vps platform. It does not involve any part of the ColoCrossing dedicated server or colocation infrastructure, which operates on a separate system.
Thank you for your continued trust.
Sincerely,
The ColoCloud Team
尊敬的客户:
我们特此通知您,近期解决了一个涉及您用于管理 ColoCloud 虚拟服务器的控制面板软件的安全问题。
该问题于 5 月 24 日被发现,源于单点登录 (SSO) 功能中的一个漏洞。虽然该漏洞并未影响 ColoCloud 计费系统 (WHMCS) 或泄露任何个人信息或付款信息,但攻击者能够访问有限的系统元数据和电子邮件地址,并使用我们的邮件服务器 API 向 ColoCloud 客户发送未经授权的消息。
所有 ColoCloud 基础设施均已全面安全运行。在软件供应商的支持下,我们已采取一切必要措施来修复该漏洞并强化环境。
作为预防措施,我们建议:
轮换虚拟服务器容器的 root 密码
如果您在其他平台上重复使用 Virtualizor 密码,请考虑同时更新这些平台的密码
这些建议是出于谨慎考虑而提出的。所有存储的容器密码均保持安全加密。此外,虽然我们暂时禁用了 Virtualizor 控制面板的访问权限,但客户仍然可以通过 WHMCS 安全地管理和与其虚拟服务器交互。
我们已迅速而全面地做出响应,以确保平台安全并防止此类事件再次发生。如果您需要重置密码方面的帮助,我们的支持团队随时准备为您提供帮助。
请注意:此通知仅适用于 ColoCloud 云/VPS 平台。它不涉及 ColoCrossing 专用服务器或主机托管基础设施的任何部分,这些服务器或主机托管基础设施在单独的系统上运行。
感谢您一直以来的信任。
此致,
ColoCloud 团队