Open source hosting control panel VestaCP became a victim of cyber attacks recently. Attackers were able to compromise VestaCP server and they changed all all installation scripts to log admin password and IP address in addition to the distro name.
One of the team members from VestaCP confirmed the hacking attack in response on a forum post. As stated in the response, the hackers exploited a bug that existed in the API of a previous software version.
Our infrastructure server was hacked. Presumably using API bug in the release 0.9.8-20. The hackers then changed all installation scripts to log admin password and ip as addition to the distro name we used to collect stats.
Please check if your server IP here
If you are using VestaCP, you can verify your server’s IP address from the above URL. If it is affected, you should change your admin password immediately and you should upgrade your installation.