[Discuss] Does anyone here know someone who's been victimized?

[darose at darose.net (David Rosenstrauch)]

On 02/19/2015 02:21 PM, Edward Ned Harvey (blu) wrote:
> I have spoken with two IT people, whose servers had been compromised and used to deliver some sort of illegal content, presumably sold from malicious person 1 to malicious person 2 on the black market (silk road or whatever).
>
> Of course it's also possible to have things like a hacked dropbox or google account or whatever - used by bad people - where the legitimate user is essentially victimized, or possibly even framed for having some sort of illegal materials.
>
> I'm looking for reports or stories of that nature - Do any of you know anyone whose servers, or accounts, have been victimized and basically the cops or the FBI come knocking on your door because somebody without your knowledge stuck some illicit stuff in your account, or used your server to do bad stuff on the net?

At a previous job a few years back we had a server (Linux) that got 
hacked.  I'm not 100% sure how it happened, but it looks like they found 
a way to compromise a common daemon user account.  They set up some new 
daemon process that was doing something nefarious - I was never sure 
exactly what, but my guess was either spamming or trying to hack other 
servers.  The only way we found out about it was that our data center 
notified us about the malicious traffic coming out of our server.

I started after the hack occurred, and had to deal with cleaning up the 
mess.

DR