[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] I was hacked!

Even more interesting -- I got this reply but didn't receive the
original message from Jim!


Raj Wurttemberg via Ale <ale at ale.org> writes:

> Good to know.  These "war stories" help remind us that even as
> sysadmins, we sometimes miss things.
> I'm curious though if they hacked you though the web portal instead?
> I've seen several vulnerabilities in CMS software (i.e. WordPress) and
> even vulnerabilities in PHP.
> Thank you for posting this.
> /Raj 
> -----Original Message-----
> From: Ale <ale-bounces at ale.org> On Behalf Of Jim via Ale
> Sent: Monday, November 4, 2019 5:40 AM
> To: Atlanta Linux Enthusiasts <ale at ale.org>
> Subject: [ale] I was hacked!
> I run a server on a VPS for an organization I support pro bono. I gave
> up trying to run a mail server a while ago and started using
> mailgun. Mailgun is free for the first 10,000 emails per month and I
> knew something was wrong when I received a bill for $10 from them.
> Seems my server that used to send less than 500 email suddenly sent
> nearly 20,000 last month.  I started investigating and found that the
> emails were all sent from root to root on the same machine.
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> https://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo

       Derek Atkins                 617-623-3745
       derek at ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant