Warning! The ColoCrossing database appears to have been compromised.
We warned ColoCrossing, but they decided to restore the email, we
came up with the choice to start leaking the database, and once we
get access to the new data from the email back - we'll send
everything out to the emails
Link to ColoCrossing database https://dropmefiles.com/REMOVED
Removed the download link and I'm not sure if I'm allowed to post it.
Comments
Their Virtualizor got breached. ColoCrossing, HudsonValleyHost, ChicagoVPS are affected. ~11k customers data is there, all in plaintext. Passwords, email and data related to VM's. I would recommend reinstalling all your VM's with them and changing passwords. Or even better, don't use providers with Virtualizor.
mod edit: snip
Shoot!!
https://microlxc.net/
And nothing will happen to them.
Did anyone received explanation email from cc? Laughable.
You mean as usual? This is not the first or last time.
Free Hosting at YetiNode | MicroNode| Cryptid Security | URL Shortener | LaunchVPS | ExtraVM | Host-C | In the Node, or Out of the Loop?
This is the response. And they are lying about the scope.
There is evidence of several VM's being compromised as a result of this, and the leaked data speaks for itself.
dont know why anyone would use CC vps. far from best in price and performance.
I bench YABS 24/7/365 unless it's a leap year.
Looks pretty ugly, they also posted the link on nodeseek....
Free NAT KVM | Free NAT LXC
"the attacker was able to access limited system metadata, email addresses" passwords are not limited system metadata. They are literally lying.
Plaintext container passwords 🫠
I wonder why other panels only show a generated root password once…
Do people keep the password set by the panel during installation (and/or set the root password through the panel)? Is this ever a good idea?
Or if you are using the VPS for something important - shouldn't you install the VPS from scratch anyway, so you know what's actually running on the VPS?
Sorry, but how does
"leaking email addresses"
qualify as
".. this did not ... expose any personal ... information"
Hey teamacc. You're a dick. (c) Jon Biloh, 2020.
Maybe the email that got leaked was their company email address, not personal email.
Never make the same mistake twice. There are so many new ones to make.
It’s OK if you disagree with me. I can’t force you to be right.
Someone apparently does, and it is definitely not a good idea. Better approach (from a providers' perspective) is to enforce password reset on first successful login. The best approaches are use of SSH public keys, or, as you've mentioned:
However, there is a problem with this approach - virtual machine provision will take significantly longer or more effort than installation from a provider provided template.
Check our KVM VPS plans in 🇵🇱 Warsaw, Poland and 🇸🇪 Stockholm, Sweden
Right, but using the provider provided template will hit you later (most likely at the most inconvenient time): when something breaks (probably because you are upgrading to a new version) and you have to figure out why, and then you have to ask "why on earth did they make that modification in their template?"
I have yet to see a provider provided template without any issues.
Depends, there should be no issues with templates that are official images with cloud-init.
Check our KVM VPS plans in 🇵🇱 Warsaw, Poland and 🇸🇪 Stockholm, Sweden
Full names are also exposed, since those are migrated from WHMCS when they create your Virtualizor account for management. Unless you manually changed it.
Anyone know where to download such files? Asking on behalf of some very reputable hosts looking for new customers
EDIT: ^ The above is a sarcasm and not to be taken seriously (cant believe i have to explain it)...
Never make the same mistake twice. There are so many new ones to make.
It’s OK if you disagree with me. I can’t force you to be right.
Good move. Feel free to discuss what happened but there will be no sharing or distribution of compromised databases/customer details on this platform.
Head Janitor @ LES • About • Rules • Support
@VirMach are you secretly enjoying this
I bench YABS 24/7/365 unless it's a leap year.
I'm sure he can neither confirm nor deny it.
Well it appears they have received the ColonCleansing they needed
Free Hosting at YetiNode | MicroNode| Cryptid Security | URL Shortener | LaunchVPS | ExtraVM | Host-C | In the Node, or Out of the Loop?
Colonoscopy was done and some artifacts discovered. Now long path to healing... Both reputational damage + damage for deleted servers.
They are like slimes man they always recover for awful reason. Like the bad guys in DBZ.
Free Hosting at YetiNode | MicroNode| Cryptid Security | URL Shortener | LaunchVPS | ExtraVM | Host-C | In the Node, or Out of the Loop?
@VirMach any any refugee offers? Just got 3 of VMs nuked.
Reguards
The Ultimate Speedtest Script | Get Instant Alerts on new LES/LET deals | Cheap VPS Deals | VirMach Flash Sales Notifier
FREE KVM VPS - FreeVPS.org | FREE LXC VPS - MicroLXC
Looks like you won't have to reinstall it anymore, the attackers nuked all the vm's lol
They still have access to Virtualizor, prior to that some Chinese users started getting infected with crypto miners on their VPS.
What a disaster
colocrossing is also not loading anymore
Free NAT KVM | Free NAT LXC
We can probably honor whatever amount of service you had left with them and renewal at the same price, but I don't know much about the type of offers they've been posting. Let's just say it'd be to help out any LES members, as I don't want to open the floodgates to a bunch of tickets at the moment (it'll be difficult to go through all of them, verify, and manually create.)
I'm waiting for the @raindog308 "ColoCrossing Teeters at the Edge" LEB post.
Yeah, he won't bite the hand that feeds him. CC ultimately feeds him contrary to other statements. I foresee an LEB post of "all is really fine, they are on top of it, you should thank CC for their effort and not worry, etc".
Wow nice. Their main plan was a $10 one - 1c/1g/20gb SSD and 20tb bw. I think most people are on that.
Already out
https://lowendbox.com/blog/colocloud-breach-virtualizer-bugs-lead-to-wild-lowendtalk-thread/
The Ultimate Speedtest Script | Get Instant Alerts on new LES/LET deals | Cheap VPS Deals | VirMach Flash Sales Notifier
FREE KVM VPS - FreeVPS.org | FREE LXC VPS - MicroLXC