Backdoor default user on Debian 8 VPS at Cloudatcost
Cloudatcost, the canadian cheap & flat cloud VPS provider (partner of @Fibernetics ships a backdoor user (“wikus”) with shell and password set on their Debian 8 x86_64 images.
I found this βeaster eggβ on 21th January 2016 by a routine check on system integrity after I created a new Debian instance using my cloudatcost account.Please note that ALL Debian 8 instances created on Cloudatcost with such image are, by default, also listening on ssh standard port for such user.I tried to contact them a week ago but it seems they do not care.Β
wow just noticed that @cloudatcost new #Debian 8 images come with a preinstalled backdoor user #wikus https://t.co/zAaDV5fyNd
— [ πππππ ~ ]# (@korovamilky) January 21, 2016
@cloudatcost have you nothing to declare regarding the #backdoor user "wikus" found on the Debian 8 installations?
— [ πππππ ~ ]# (@korovamilky) January 21, 2016
- 05/02/2016 UPDATE *
I’ve got sort of a response on this topic in a ticket regarding failed Debian 8 builds.
Am I Satisfied? Not really.