Hackers are still exploiting the cPanel bug to gain control of thousands of websites

Nearly a week after the makers of the popular web server management software cPanel and WebHost Manager (WHM) alerted users of a critical flaw in its software, hackers are still targeting thousands of websites that use the vulnerable software. As of Monday there are more than 550,000 potentially vulnerable servers running cPanel, a number that has remained stable for days. And there are now around 2,000 cPanel instances likely compromised, down from around 44,000 on Thursday. These statistics are published by Shadowserver, a nonprofit organization that scans and monitors the internet for cyberattacks. On Thursday, security researchers alerted that hackers started compromising servers running cPanel and WHM , taking advantage of a bug that allowed the attackers to take full control of and hijack the vulnerable servers via their control panels. As Bleeping Computer reported , the extent of the damage is visible by the fact that Google has indexed dozens of websites that at some point displayed a message from a group of hackers that claimed to have encrypted the victim’s files in an apparent ransomware attack. Some of those sites now load normally. The ransom note included a chat ID for the victims to contact the hackers, who did not immediately respond to TechCrunch’s request for comment. The U.S. …