Welcome to HBH V2 ! If you had an account on hellboundhacker.org you will need to reset your password using the Lost Password system before you will be able to login.

Somewhat funny/interesting story about being hacked.


The-Scarecrow's Avatar
Member
505 8

I run a Linux server on an old OLD laptop next to me. It was a xp machine before obviously skipping vista and running 7. It was done with that 10 years ago, so Linux server it became. I’ve found laptops make the best home servers, low power, built in UPS, screen, keyboard, quiet but unfortunately completely gutless. I route my incoming router traffic into it. I used to run a couple of things on it that I would sometimes need to access from outside my home network. Just fun stuff, like giving friends copies of TV shows (from the public domain of course) who didn’t have the ability to torrent. Nothing important.

Anyway, one day I sit down and my laptop fan next to me is absolutely fizzing and hot to touch. Odd. Check webmin. CPU 100%. Not great. Check the processes and Google it. It’s a crypto miner. No one else online was complaining about the CPU burning though, just a silent achiever in the background.

I check the user its running on. ‘Oh that’s right’ I think to myself. A 3 letter user with a 1 noun password. I was meant to delete that.. ssl, ftp and un-chrooted. Yep this is a reinstall, and I deserve that. But springs back good as new.

It got me thinking though, why was my CPU burning? Whereas everyone else’s was more of a background process? From my previous experience with mining, if you try hashing on a system that’s RAM is smaller than that crytpo’s ledger it’s pointless and runs hot. All the sys-admins commenting about the process are likely running machines with hundreds of GB of RAM.

Not me though, no sir. Sometimes best defensive security is to run a machine so garbage that even the virus doesn’t have the resources to run properly.


Futility's Avatar
:(
80 69

I like to call this “Security Through Obsolescence”. I feel like malware research companies should include a “minimum system requirements” in their write-ups so I can know whether or not it’s something that I have to actually worry about.

Thanks for the story (and hopefully that laptop didn’t have unfettered access to the rest of your network or share any creds with the router!)


The-Scarecrow's Avatar
Member
505 8

Exactly that would be nice.

My network looking down on any 64bit virus’.

meme