UK Internet service provider Claranet (uk.clara.net) has been hacked as the result of a major security vulnerability in the Linux kernel revealed earlier this week.
Using a bug in the sys_vmsplice kernel call, which handles virtual memory management, the hacker was able to gain root privileges and swap Claranet customers’ index.html files with the hacker’s calling card. The exploit was found at approximately 6 p.m. on Tuesday.
Claranet said: “Malicious activity related to the vulnerability was detected on Claranet’s shared hosting platform. Within 10 minutes Claranet contained and halted the malicious activity, and locked down the platform to prevent further damage. The shared hosting platform was fully patched with the vendor’s updates by 10 a.m. on Wednesday. Less than one percent of the total websites hosted on the Claranet platform were affected and all were restored to their original states by 1 p.m. on Wednesday 13 February.”
Security notification firm Secunia said that switching to either version 2.6.23.16 or 2.6.24.2 of the Linux kernel protects users from attack. There are also hotfixes designed to plug the vulnerability without having to upgrade the kernel.
Linux vendors said they are working on a permanent solution to remedy the problem, while Claranet continues to monitor announcements of new vulnerabilities and works to patch them.
Each web hosting solution is designed for some purposes, it could be from blog web hosting, family site hosting to ebusiness web site hosting. In webhostingclue.com, we give out the Best Web Hosting Awards to those which have been the best solutions for the given categories.
Know more about How We Select the Hosting Award Winners
We are a professional review site to help people find best web hosting with lowest price. We receive compensation from the companies whose products we review. But we test each product thoroughly and give high marks to only the very best from hundreds of hosting products.
