Linode VPS Host Accidentally Deploys Servers with the Same SSH Key

  • 10 February 2016
  • 3 replies
  • 355 views

Userlevel 7
Badge +54

Company fixes issue with Ubuntu 15.10 server images

 
                                    http://i1-news.softpedia-static.com/images/fitted/340x180/linode-vps-host-accidentally-deploys-servers-with-the-same-ssh-key.png
 
Feb 10, 2016 08:57 GMT  ·  By Catalin Cimpanu  In an email sent to customers, Linode has admitted to its blunder, saying that it deployed Ubuntu 15.10 images to some of its clients' servers that were using the same SSH key.
 
Linode says this happened from November 10, 2015, through February 4, 2016, but the problem has been fixed after the company updated its deployment configurations.
 
That means that, for about three months, Linode VPS servers hosted on Ubuntu machines would have been susceptible to the most trivial types of MitM (Man-in-the-Middle) attacks if an attacker had noticed the company's slip-up.
 
Full Article

3 replies

Userlevel 7
Human error can be costly and damaging to customers. More care is needed and better implemented practices needed.
Userlevel 6
linode continuously ends up in the news.. lol
Userlevel 7
Badge +54

New API, policies and open source manager added to ward off future stolen creds attacks

 
                                       


  22 Feb 2016 at 08:34, Richard Chirgwin Hosting outfit Linode has announced a slew of changes to its user procedures after a long analysis of the attack that led to a system-wide password reset in January. It's also determined that the breach was the result of customer credential theft.
 
The company's post-mortem of the issue, published here, notes that the December 2015 breach – and an earlier breach in July 2015 – both appeared to have resulted from stolen customer credentials being used by fraudsters.
 
One new breach revealed by the investigation is that an attacker somehow worked out a way to generate valid two-factor authentication keys, something which the company says “significantly changed the seriousness of our investigation”, even though it doesn't seem to have been related to any logins.
 
Full Article

Reply