[ale] I was hacked!
Raj Wurttemberg
rajaw at c64.us
Mon Nov 4 07:12:20 EST 2019
Good to know. These "war stories" help remind us that even as sysadmins, we sometimes miss things.
I'm curious though if they hacked you though the web portal instead? I've seen several vulnerabilities in CMS software (i.e. WordPress) and even vulnerabilities in PHP.
Thank you for posting this.
/Raj
-----Original Message-----
From: Ale <ale-bounces at ale.org> On Behalf Of Jim via Ale
Sent: Monday, November 4, 2019 5:40 AM
To: Atlanta Linux Enthusiasts <ale at ale.org>
Subject: [ale] I was hacked!
I run a server on a VPS for an organization I support pro bono. I gave up trying to run a mail server a while ago and started using mailgun. Mailgun is free for the first 10,000 emails per month and I knew something was wrong when I received a bill for $10 from them. Seems my server that used to send less than 500 email suddenly sent nearly 20,000 last month. I started investigating and found that the emails were all sent from root to root on the same machine.
More information about the Ale
mailing list