According to Krebs, the attack comes amid reports from multiple sources reporting a spike in website compromises that stem from Plesk installations.
The hacker is selling the exploit for $8,000 a pop, and the security vulnerability it targets remains unpatched, according to the seller.
In addition to the exploit, the hacker has developed a point-and-click tool that can recover the admin password from a vulnerable Plesk installation, and read and write files to the Plesk Panel..
This news comes two weeks after Parallels launched Parallels Plesk Panel 11, the latest version of its web hosting control panel software. Among the updates, Parallels says Plesk 11 includes enhanced server security, password storage and encryption to avoid potential vulnerabilities. Security updates are “highly visible” and easier to apply in Plesk 11 as well.
Parallels partnered with more than 60 web hosting providers to offer Parallels Plesk 11.
In a security advisory posted on the Parallels website, Parallels says the claims of the security vulnerability are unsubstantiated, however it is recommending customers upgrade to the latest version of Plesk.
Parallels released a patch to a Plesk security flaw in February, but a report bySC Magazine says up to 50,000 websites could have been infected as part of a the Plesk Zero-day attack since the majority of the hacked sites involving Plesk installations. Others involved WordPress plugins like TimThumb.
The WHIR has reached out to Parallels for comment and will update when we receive any new information.
Talk back: Have you updated Parallels Plesk Panel yet? Have your users been aware of any security vulnerabilities with the control panel? Let us know in a comment.