Cloudy Circumstances Surround LXLabs Suicide

There are never adequate words to describe tragedies, especially those that involve loss of life. Today we find ourselves struggling for words to report the apparent suicide of LXLabs founder K. T. Lingesh on Monday.

LXLabs is perhaps best known for HyperVM, a popular control panel for virtual private server management. The product is used by countless VPS providers to control Xen and OpenVZ virtualization and, along with the hosting control panel Lxadmin (now known as Kloxo), to build and manage shared web hosting systems. Some twenty-four vulnerabilities in the Kloxo platform were recently discovered and patched by the company, a harbinger, perhaps of what was to come. Over the weekend, Veraserv, a hosting provider based in the United Kingdom, was the subject of a hacking attack, resulting in some 100,000 websites hosted with the company being deleted — roughly half of the company's stored user data. According to reports, many of the affected accounts had chosen the company's unmanaged hosting plans — significantly less expensive than managed plans — which did not include automatic backups, and as a result, their data may have been lost permanently.

Veraserv, which says that other firms have acknowledged experiencing similar attacks, attributed the breach to a zero-day vulnerability in HyperVM (Version 2.0.7992), possibly involving a SQL-injection attack against the company's central management system. The company's website, which has been replaced with plain-text — presumably due to traffic volume — bears a notice to customers containing information about the attack, the status of the company's systems and users' accounts, the steps being taken to remedy the situation, and a brief FAQ. The obviously quickly-composed message also includes a log of the actions being taken by Veraserv staff, including the provisioning of new virtual private servers to all affected customers.

According to The Times of India1, K. T. Lingesh and a roommate identified only as "Sheenu" spent Sunday evening drinking and talking — according to the report, the two talked about Lingesh's mother and sister, both of whom committed suicide several years ago. The Times article also suggests he was upset over a contract recently lost by LXLabs — there is no mention of the Veraserv hack or the Kloxo vulnerabilities in the article, though most reports draw what is certainly a clear link between the attacks and Lingesh's death. The Times indicates that "Sheenu" went to bed sometime after midnight, and on awaking Monday morning, found the thirty-two year old had hung himself.

Lingesh's death — as hardly needs saying — came as a great shock to fellow developers and LXLabs customers. One provider, Seattle-based VPSLink — a subsidiary of Spry, providing unmanaged virtual private servers — reported his death on its blog, expressing its sadness and saying the company had been in contact with Lingesh as late as Saturday to discuss LXLabs' software, including the possibility of joining the firm.

As of this time, LXLabs has not commented on the attacks or Lingesh's death — it is not immediately apparent who, if anyone, will step into Lingesh's role and what the future of the company and its products will be. Breaking News will continue to update this article as new information becomes available.


1 — The Times of India article contains some India-specific descriptions which results in some unclear information.
______________________

Justin Ryan is a Contributing Editor for Linux Journal.

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More like weak repeated passwords!

Anonymous's picture

Do some research and you will find the txt from the hacker (who said it was not HyperVM) it was actually the admin / owner using the same password repeatedly.

R.I.P Ligesh

venerability

Anonymous's picture

> zero-day venerability in HyperVM

I think you mean "vulnerability" instead.

J

White Paper
Linux Management with Red Hat Satellite: Measuring Business Impact and ROI

Linux has become a key foundation for supporting today's rapidly growing IT environments. Linux is being used to deploy business applications and databases, trading on its reputation as a low-cost operating environment. For many IT organizations, Linux is a mainstay for deploying Web servers and has evolved from handling basic file, print, and utility workloads to running mission-critical applications and databases, physically, virtually, and in the cloud. As Linux grows in importance in terms of value to the business, managing Linux environments to high standards of service quality — availability, security, and performance — becomes an essential requirement for business success.

Learn More

Sponsored by Red Hat

White Paper
Private PaaS for the Agile Enterprise

If you already use virtualized infrastructure, you are well on your way to leveraging the power of the cloud. Virtualization offers the promise of limitless resources, but how do you manage that scalability when your DevOps team doesn’t scale? In today’s hypercompetitive markets, fast results can make a difference between leading the pack vs. obsolescence. Organizations need more benefits from cloud computing than just raw resources. They need agility, flexibility, convenience, ROI, and control.

Stackato private Platform-as-a-Service technology from ActiveState extends your private cloud infrastructure by creating a private PaaS to provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your enterprise.

Learn More

Sponsored by ActiveState