Author Topic: So my server got ransomware (Read 682 times)

espio100 · May 17, 2019, 04:06:44 PM

Uhhhhh
It literally only had the files for a minecraft server and some registry tweaks to make windows faster

How tf it get on my server lol

Ad Bot · Advertisement

gunsmith torin · May 17, 2019, 04:07:05 PM

Epic fail!

Hawt · May 17, 2019, 04:33:50 PM

worm or exploit

Conan · May 17, 2019, 04:54:59 PM

it probably exploited a passive service you had running. possibly your minecraft hosting software, but its just a guess

i can really only think of three likely ways it got onto your server assuming you didnt share the logon credentials or use sketchy programs - vps used outdated service packages, mc server was exploited somehow, or the physical machine your vps is on got hit and it affected all virtual machines on the server.

theres more ways it could have happened but these three are the most likely afaik. you�re gonna have to get them to wipe your vps completely and make a new virtual machine, and this time keep everything up to date

Jackhammer · May 17, 2019, 04:59:45 PM

at least they're being nice

EcstaticEggplant · May 17, 2019, 05:01:37 PM

Are you using some shady phone app to remote into the server?

The only other way I can think this would happen is if you left some insecure RDP ports open wide