It seems that VestaCP has been hit by a 0-day exploit through its API, which allows code to be executed as Root(!!!). Many users reported on VestaCP forums that their hosting accounts were suspended and their servers were compromised. Exploit makes the hacked server to attack a chinese IP. It looks like a DDoS trojan where a .sh file(gcc.sh) is loaded in cron.hourly triggering DDoS attacks to other servers. Deleting the cron or the file loaded through the cron won't help much dealing with … [Read more...] about VestaCP hit by 0-day exploit