Vesta control panel servers infected with DDoS malware after supply chain attack. An open-source hosting panel software provider, Vesta Control Panel (VestaCP), has admitted that the company became a victim of a supply chain attack. In an announcement made by VestaCP on its forum, it was revealed that the hacker managed to contaminate the source code of its project with DDoS malware. The malware was capable of recording passwords and can open shells as well as launch DDoS attacks. In the forum post, a team member of the company stated that an already present bug in the API of an earlier version of VestaCP software was exploited by the attacker to infect the server. “Our infrastructure server was hacked. The hackers then changed all installation scripts to log admin password and .”.