It seems that VestaCP has been hit by a 0-day exploit through its API, which allows code to be executed as Root(!!!). Many users reported on VestaCP forums that their hosting accounts were suspended and their servers were compromised. Exploit makes the hacked server attack a Chinese IP. It looks like a DDoS trojan where a .sh file(gcc.sh) is loaded in cron.hourly triggering DDoS attacks on other servers. Deleting the cron or the file loaded through the cron won't help much in dealing with … [Read more...] about VestaCP hit by 0-day exploit