My database got hacked ๐
I guess this is a terrible way to start a Monday, my database got hacked this morning, and the hacker wiped all the data leave a message in the database:
Your Database is downloaded and backed up on our secured servers. To recover your lost data: Send 0.2 BTC to our BitCoin Address and Contact us by eMail with your server IP Address and a Proof of Payment. Any eMail without your server IP Address and a Proof of Payment together will be ignored. You are welcome!
Why this happen?
Not setting a password
I am a lazy bum because I try to solve things the easiest way (All the programmers are lazy). So, I open up a port for my database for my own entry without setting a password. I was busy developing stuff but I don't take security as my first priority.
Accidentally push my server IP to github
Then, I accidentally push the database IP into github, with the port that connected to the database. I am so lazy that I just patch it with another commit without reverting the push file. Since GitHub is open up for everyone to check, it could be that the hacker went into there and get the server IP.
Not backing up
I plan to back up the data when I am free, not taking this issue seriously. So, the data got wiped out by the hacker and nothing is left.
Fixing it
I spend the whole morning creating a new server and setting up the bot all over again. This time, I closed up the port and setup admin user for my database.
If I take security into consideration, it would take me less than 30 minutes, rather than my whole database got wiped and the whole morning fixing.
I guess I learnt it the hard way because I was ignorant about security and saving backups.
Thanks for reading, STEEM-ON!
Animated Banner Created By @zord189
Sorry you had to feel that pain, these hackers are super sharp today, good lessons to be shared @superoo
Thanks for stopping by, I guess I have learn it the hard way haha.
Sry to hear about it mate! But feels good to hear how fast you recovered from it and kept moving
Thanks man. I guess I learn from the mistakes haha
@superoo7 Omg, you got hacked bro? Hmm, we need to be extremely careful with our own passwords...
The problem is I din setup password
oh no, that's a worst fear of mine to accidentally publish my password!! hope everything turns out ok.
I guess everything is fine, just that the data are lost ๐
No worries. It's good that it happen now than later. Thank you for your fast recovery on the bot.
Although I don't understand this, but I am glad everything is under control. So moral of this event is, don't be lazy, anything can happen. Need to be extra careful too.
Haha, Thanks for stopping by. Yea I am lazy and ignorant about security. So, always put security first โ
I am lazy too. So mommy @elizacheng will scold me for being too lazy. ๐
hack them back
Ouch! Sorry it caused you so much grief... :(
But you got back on your feet pronto, which is a good thing! Cheer up, no worries, we are all behind you!! ๐ช
Thanks haha, luckily I am not losing much
Oh dear...no wonder the bot is down. Glad that you managed to plug the leak and immediately rectify it. You are doing a great job of powering our bots and balancing it with your studies. Let this incident be a valuable lesson and not stop you from being more vigilant in future.
Thanks @karinzdailygrind , appreciate it ๐
adui, guess i have to careful what i upload to github
Facepalm myself, haha
Learn it the hard way ๐
I can revoke the push actually, but lazy to check the documentation, so I patch it. ๐