[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ale] I was hacked!
Good to know. These "war stories" help remind us that even as sysadmins, we sometimes miss things.
I'm curious though if they hacked you though the web portal instead? I've seen several vulnerabilities in CMS software (i.e. WordPress) and even vulnerabilities in PHP.
Thank you for posting this.
From: Ale <ale-bounces at ale.org> On Behalf Of Jim via Ale
Sent: Monday, November 4, 2019 5:40 AM
To: Atlanta Linux Enthusiasts <ale at ale.org>
Subject: [ale] I was hacked!
I run a server on a VPS for an organization I support pro bono. I gave up trying to run a mail server a while ago and started using mailgun. Mailgun is free for the first 10,000 emails per month and I knew something was wrong when I received a bill for $10 from them. Seems my server that used to send less than 500 email suddenly sent nearly 20,000 last month. I started investigating and found that the emails were all sent from root to root on the same machine.