Cloudcone is reporting a security breach where attackers used the Virtualizor "Server Terminal" to bypass SSH alerts and run a ransom script on a subset of nodes.
What happened: Affected VMs had their boot sectors overwritten with ransom messages.
Scope: Limited to nodes on a single Virtualizor instance. Other platforms and billing/personal data were not impacted.
Recovery: The team is currently attempting data recovery via raw block devices and partition reconstruction.
Affected users should keep an eye on their email for further updates from Cloudcone.
————————————————————
⚠️ Cloudcone 通过 Virtualizor 漏洞遭遇勒索软件攻击
Cloudcone 正在报告一起安全漏洞事件,攻击者利用 Virtualizor 的“服务器终端”绕过 SSH 警报,并在部分节点上运行了勒索脚本。
事件经过:受影响的虚拟机(VM)其引导扇区被覆盖为勒索信息。
影响范围:仅限于单个 Virtualizor 实例上的节点。其他平台以及计费/个人数据未受到影响。
恢复情况:团队目前正在通过原始块设备和分区重建来尝试数据恢复。
受影响的用户应留意来自 Cloudcone 的后续邮件更新。
来源:https://t.me/lowendweb/5398
