VestaCP Server Compromised

Open source hosting control panel VestaCP became a victim of cyber attacks recently. Attackers were able to compromise VestaCP server and they changed all all installation scripts to log admin password and IP address in addition to the distro name.


One of the team members from VestaCP confirmed the hacking attack in response on a forum post. As stated in the response, the hackers exploited a bug that existed in the API of a previous software version.

Our infrastructure server was hacked. Presumably using API bug in the release 0.9.8-20. The hackers then changed all installation scripts to log admin password and ip as addition to the distro name we used to collect stats.

Please check if your server IP here

If you are using VestaCP, you can verify your server’s IP address from the above URL. If it is affected, you should change your admin password immediately and you should upgrade your installation.

1 Comment

  1. Avatar
    Alexis Dorais-JoncasOctober 23, 2018

    More technical information about the compromise and the Linux malware installed on VestaCP users available here:


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to top
%d bloggers like this: