Cloudy Circumstances Surround LXLabs Suicide
There are never adequate words to describe tragedies, especially those that involve loss of life. Today we find ourselves struggling for words to report the apparent suicide of LXLabs founder K. T. Lingesh on Monday.
LXLabs is perhaps best known for HyperVM, a popular control panel for virtual private server management. The product is used by countless VPS providers to control Xen and OpenVZ virtualization and, along with the hosting control panel Lxadmin (now known as Kloxo), to build and manage shared web hosting systems. Some twenty-four vulnerabilities in the Kloxo platform were recently discovered and patched by the company, a harbinger, perhaps of what was to come. Over the weekend, Veraserv, a hosting provider based in the United Kingdom, was the subject of a hacking attack, resulting in some 100,000 websites hosted with the company being deleted — roughly half of the company's stored user data. According to reports, many of the affected accounts had chosen the company's unmanaged hosting plans — significantly less expensive than managed plans — which did not include automatic backups, and as a result, their data may have been lost permanently.
Veraserv, which says that other firms have acknowledged experiencing similar attacks, attributed the breach to a zero-day vulnerability in HyperVM (Version 2.0.7992), possibly involving a SQL-injection attack against the company's central management system. The company's website, which has been replaced with plain-text — presumably due to traffic volume — bears a notice to customers containing information about the attack, the status of the company's systems and users' accounts, the steps being taken to remedy the situation, and a brief FAQ. The obviously quickly-composed message also includes a log of the actions being taken by Veraserv staff, including the provisioning of new virtual private servers to all affected customers.
According to The Times of India1, K. T. Lingesh and a roommate identified only as "Sheenu" spent Sunday evening drinking and talking — according to the report, the two talked about Lingesh's mother and sister, both of whom committed suicide several years ago. The Times article also suggests he was upset over a contract recently lost by LXLabs — there is no mention of the Veraserv hack or the Kloxo vulnerabilities in the article, though most reports draw what is certainly a clear link between the attacks and Lingesh's death. The Times indicates that "Sheenu" went to bed sometime after midnight, and on awaking Monday morning, found the thirty-two year old had hung himself.
Lingesh's death — as hardly needs saying — came as a great shock to fellow developers and LXLabs customers. One provider, Seattle-based VPSLink — a subsidiary of Spry, providing unmanaged virtual private servers — reported his death on its blog, expressing its sadness and saying the company had been in contact with Lingesh as late as Saturday to discuss LXLabs' software, including the possibility of joining the firm.
As of this time, LXLabs has not commented on the attacks or Lingesh's death — it is not immediately apparent who, if anyone, will step into Lingesh's role and what the future of the company and its products will be. Breaking News will continue to update this article as new information becomes available.
1 — The Times of India article contains some India-specific descriptions which results in some unclear information.
Justin Ryan is a Contributing Editor for Linux Journal.
|Bitcoin on Amazon! Sort of...||Sep 28, 2016|
|Free Today: September Issue of Linux Journal (Retail value: $5.99)||Sep 27, 2016|
|nginx||Sep 27, 2016|
|Epiq Solutions' Sidekiq M.2||Sep 26, 2016|
|Nativ Disc||Sep 23, 2016|
|Android Browser Security--What You Haven't Been Told||Sep 22, 2016|
- Free Today: September Issue of Linux Journal (Retail value: $5.99)
- Bitcoin on Amazon! Sort of...
- Android Browser Security--What You Haven't Been Told
- Epiq Solutions' Sidekiq M.2
- Identity: Our Last Stand
- Nativ Disc
- The Many Paths to a Solution
- Securing the Programmer
- Tech Tip: Really Simple HTTP Server with Python
Pick up any e-commerce web or mobile app today, and you’ll be holding a mashup of interconnected applications and services from a variety of different providers. For instance, when you connect to Amazon’s e-commerce app, cookies, tags and pixels that are monitored by solutions like Exact Target, BazaarVoice, Bing, Shopzilla, Liveramp and Google Tag Manager track every action you take. You’re presented with special offers and coupons based on your viewing and buying patterns. If you find something you want for your birthday, a third party manages your wish list, which you can share through multiple social- media outlets or email to a friend. When you select something to buy, you find yourself presented with similar items as kind suggestions. And when you finally check out, you’re offered the ability to pay with promo codes, gifts cards, PayPal or a variety of credit cards.Get the Guide