VestaCP bị Auto hack, mọi người check lại nhé

Hôm nay nhận được email từ nhà cung cấp dịch vụ về việc VestaCP bị auto hack, mình gởi lên đây để a e nào trong forum sử dụng nền tảng CP này thì xem xét lại hệ thống của mình nhé [QUOTE]Hi, VestaCP reportedly hit with a zeroday exploit. VestaCP is one of the most popular web hosting control panel. Lots of users at the official Vestacp forum reporting their VestaCP installs were hacked. VestaCP team members suggest shutting down the vesta service on your box until they can figure it out and release a patch. Here is what we have researched so far 1. The first wave happened on April 4. Servers were infected with /etc/cron.hourly/gcc.sh 2. It was an automated hack 3. The attack was platform independent. 4. VestaCP team didn’t find any traces in vesta and system logs yet 5. On April 7 infected servers started to DDoS remote hosts using /usr/lib/libudev.so. Temporary solution until VestaCP releases a patch Carry out the following commands on your VestaCP VM to temporarily patch the issue as reported by the VestaCP team [#] cd /etc/cron.hourly [#] rm -rf gcc.sh [#] systemctl stop vesta && systemctl disable vesta Make sure the VestaCP panel doesn't start on boot (the last command does that on Cent OS7) and make sure your admin panel (:8083) isn't loading. Better to be safe than sorry. We will inform you as we have more information from them so you can start your VestaCP panels back. Thank you, for now, I'll keep you posted as I have more information.[/QUOTE]