A critical vulnerability has been discovered in the free control panel of Vesta Control Panel to allow root access. On the past days off the Trojan.DDoS_XOR virus began to actively use it to infect the servers.

If you have VestaCP, please take action:

  • Upgrade the control panel to version 0.9.8-20 (fixes further problems with the vulnerability). Run the command in SSH from under root: 
    # v-update-sys-vesta-all
  • To check if your system is infected login via SSH and run the following command : find /etc -name gcc.sh -print
  • If the result of the command is /etc/cron.hourly/gcc.sh - it means that the trojan is present on your service, please contact our support team to take the necessary measures to clean your system.

Thank you

Offshore Servers Administration

Monday, April 9, 2018



« Back