A critical vulnerability has been discovered in the free control panel of Vesta Control Panel to allow root access. On the past days off the Trojan.DDoS_XOR virus began to actively use it to infect the servers.
If you have VestaCP, please take action:
- Upgrade the control panel to version 0.9.8-20 (fixes further problems with the vulnerability). Run the command in SSH from under root:
# v-update-sys-vesta-all - To check if your system is infected login via SSH and run the following command : find /etc -name gcc.sh -print
- If the result of the command is /etc/cron.hourly/gcc.sh - it means that the trojan is present on your service, please contact our support team to take the necessary measures to clean your system.
Thank you
Offshore Servers Administration
Segunda-feira, Abril 9, 2018
