Server hacked

The company that set up and manages my server has made some basic security mistakes and now we're stuck with some Brazilian hackers on my machine.
So far they've only been using it to send out spam and attack new targets, but there's an irc server and a couple of bots running on it that allow full remote control.

It looks like they got in because the sshd is allowing root to log in and the root pwd may not have been strong enough.

Since I'm paying for a fully managed service and I'm still stuck with a broken ankle I really don't feel like taking action myself.
I spoke to the guys on the phone and they promised me to start working on it in an hour or so. We'll just have to wait and see.

Please keep an eye out for strange behavior on the site until it's fixed.

Sorry for any inconvenience..

Okay, everything should be back to normal.
I've given the company maintaining my server a few security tips and they've implemented some of them as well as some additional security features.
Let's hope that keeps those hackers out..

Some e-mails from wechall were marked as spam by gmail last week, so I bet wechall was on RBL, but luckily right now its no longer on RBL, and the e-mails are not filtered.

Nice to see it get resolved and cleaned quickly.

I just want to post a note about account security on the internet:

It can always happen that one website gets hacked. You should keep that in mind when creating accounts.
What i want to say is: do not re-use passwords.

In the worst case scenario people are currently trying to crack the passwords in our database, and try the successfully cracked passwords on the connected email accounts. Your email can also be your login name on paypal, etc.
Also Z pointed out lately, that there could be even malicious site owners, that simply collect your passwords in plaintext.
At least you should not re-use important passwords anywhere.

Greetings
Gizmore

Absolutely.

I myself use KeePass to create separate strong passwords for every login.
I also appreciate that I can now log in anywhere by simply pressing ctrl-alt-a

The security of my server has also been increased now.
There's a new tool called CSF installed. Root can no longer login through ssh and port 22 is restricted to only a few IP adresses in the firewall.

I know a brazilian hacker able to hack wechall for interest...

His name is 4ngr4r0x !

Let me know if you want to know more about him !

Go0d Luc4 !

Quote from totoiste

I know a brazilian hacker able to hack wechall for interest...
His name is 4ngr4r0x !
Let me know if you want to know more about him !

Have him contact me with the details and we can discuss a reward.

Kender,

I'm not a friend of 4ngr4r0x.

I just wanted to let you know that this bad guy could do that...

No necessary reward for totoiste ;-)

Ah well, there are probably hundreds of people out there who claim they can hack WeChall.
99% of them are bluffing and should be ignored.
The rest either inform us of a security hole or abuse the hole and hack the server.

Since this 4ngr4r0x has not contacted us and the server is running fine I have to assume he's bluffing so we'll just ignore that.