2 weeks ago this server was hacked. I was unfortunate to have an old version of realvncrunning which made me vulnerable, since the old version contained a bug which could lead to access without using a password.
This machine is a private server, so i don’t check it every day. But on a morning i started to notice a lot of traffic going on, so i decided to check what was the cause. I immediately saw things were bad. Someone logged in on the administrator account and several programs where running which i did not install, like an sms program, live messenger, MSservice.exe and a password (brute force) cracking program.
At that time i had to go to work so i had to shut down the machine (just in case). Later that day i tried to reboot it but that is where things got out of hand. During a disk check i found bad sectors a.o. which i could not fix. So after more than a day trying to fix things, but ending up putting a new install… I want to thank the motherf*ckers for not putting a simple textfile on the the desktop saying “Warning we are hackers, and we entered your machine…please fix the problem….evil grinn”

No Comments »

admin on March 8th 2007 in Miscellaneous


Hmm i was looking for the description of what a rootkit really is and on my search i stumbled upon the discovery of the famous Sony rootkit incident. Sony had put a rootkit into the player they included in their audio CD’s as a part of DRM. The man who discovered this nasty piece of malware was Mark Russinovich who worked at sysinternals, and on his blog you can read the whole story.

No Comments »

admin on April 6th 2006 in Miscellaneous