2 weeks ago this server was hacked. I was unfortunate to have an old version of realvncrunning which made me vulnerable, since the old version contained a bug which could lead to access without using a password.
This machine is a private server, so i don’t check it every day. But on a morning i started to notice a lot of traffic going on, so i decided to check what was the cause. I immediately saw things were bad. Someone logged in on the administrator account and several programs where running which i did not install, like an sms program, live messenger, MSservice.exe and a password (brute force) cracking program.
At that time i had to go to work so i had to shut down the machine (just in case). Later that day i tried to reboot it but that is where things got out of hand. During a disk check i found bad sectors a.o. which i could not fix. So after more than a day trying to fix things, but ending up putting a new install… I want to thank the motherf*ckers for not putting a simple textfile on the the desktop saying “Warning we are hackers, and we entered your machine…please fix the problem….evil grinn”