Details about the compromised servers were shared by an anonymous security researcher ZDNet last week.
Although Powerhouse was unable to answer any e-mails from either the security researcher or the ZDNet, the latter found out that the compromised VPN servers are already armed and are used in real attacks – although TechRadar Pro could not verify the authenticity of these claims.
Thousands of servers at risk
According to the anonymous security researcher who shared his findings On GitHub, the threat actors publicly found and exploited a service that runs on UDP port 20811 on Powerhouse’s servers.
“Powerhouse management products – either Outfox (a VPN service to reduce latency) or VyprVPN (a general purpose VPN service) expose an interesting port – port 20811, which is providing massive data …