[Security Advisory] Breach in Live Chat support of Virtualizor
mikho
AdministratorOG
Got this email….
Take care out there
——
Dear Clients,
We hope this email finds you well. We are reaching out to inform you of a possible security breach in our live chat account. If you have ever provided your root details on Live Chat and still use the same password, we request you to change it immediately.
Recently, we detected unauthorized installations of XMRig on servers whose credentials were provided via live chat. To safeguard your account and infrastructure, we strongly recommend changing your passwords immediately.
To enhance security, we have permanently removed all past chat records and will no longer accept server credentials via live chat. Moving forward, please provide any necessary server credentials through our support ticket system instead.
This incident was limited only to the live chat support system for Virtualizor, and no other support systems have been affected.
We sincerely apologize for the inconvenience and are taking stringent measures to prevent such occurrences in the future. Your security remains our top priority.
If you have any questions or need further assistance, please reach out to our support team.
Best regards,
Virtualizor Team
“Technology is best when it brings people together.” – Matt Mullenweg
Comments
People were sending passwords in live chat? AND not changing them after?
Michael from DragonWebHost & OnePoundEmail
The last idiot is yet to be born. 🤷🏻
“Technology is best when it brings people together.” – Matt Mullenweg
MITM attack?
Free Hosting at YetiNode | MicroNode | Cryptid Security | URL Shortener | LaunchVPS | ExtraVM | Host-C | In the Node, or Out of the Loop?
Its even worse than that, Virtualizor was apparently asking people for these passwords on livechat...
I don't understand how these incompetent companies grow so much.