Moments after my web app was launched. I challenged a community of coders to try and hack, break or spam the app in anyway possible.
Soon enough, attacks were coming from everywhere. Some sent thousands of requests blocking others from posting, some sent hundreds of random notes spamming the server while others broke the UI in very weird ways.
I had to take tons of security measures, change tons of configurations, place much more design and error handlings to try and combat all of their attacks. The hackers were very nice to not do damage to the database and I did manage to keep things safe. And by the moment I find a way to block them, they find other ways and it was a blast of fun trying to keep up from their attacks.
And that's what I love about all this. The challenge and the fun.
Thank you all for hacking, jamming and spamming. Y'all are cool 🔥
#WordsOfStrangers #Hacking
@Dagmawi_Babi
Soon enough, attacks were coming from everywhere. Some sent thousands of requests blocking others from posting, some sent hundreds of random notes spamming the server while others broke the UI in very weird ways.
I had to take tons of security measures, change tons of configurations, place much more design and error handlings to try and combat all of their attacks. The hackers were very nice to not do damage to the database and I did manage to keep things safe. And by the moment I find a way to block them, they find other ways and it was a blast of fun trying to keep up from their attacks.
And that's what I love about all this. The challenge and the fun.
Thank you all for hacking, jamming and spamming. Y'all are cool 🔥
#WordsOfStrangers #Hacking
@Dagmawi_Babi
Story time
So yesterday I successfully deployed an entire web app onto a VPS server that I bought couple of days ago. Everything was configured well and running flawlessly.
Today, I got a call from the web app users and they were complaining that it's not logging them in. So I had to check what was wrong.
Going to the logs I see that there was no data to be found to match and login users. So I went to the server and checked out the database. Only to find out all the previous databases are gone and one database called "READ__ME_TO_RECOVER_YOUR_DATA" exists and I was like "wtf" and I went on and checked it out. It had a collection inside with one document called "README" So I read it.
It said...
"All your data is a backed up. You must pay 0.043 BTC to 1Kz6v4B5Cawc... In 48 hours for recover it. After 48 hours expiration we will leaked and exposed all your data. In case of refusal to pay, we will contact the General Data Protection Regulation, GDPR and notify them that you store user data in an open form and is not safe. Under the rules of the law, you face a heavy fine or arrest and your base dump will be dropped from our server! "
So yea my production server was hacked and blackmailed. 😅
F*ck that shit! 🖕 I'm wiping the server and reconfiguring everything.
Moral of the story change your passwords and enable two factor authentications on all your major accounts.
#StoryTime #Hacking
@Dagmawi_Babi
So yesterday I successfully deployed an entire web app onto a VPS server that I bought couple of days ago. Everything was configured well and running flawlessly.
Today, I got a call from the web app users and they were complaining that it's not logging them in. So I had to check what was wrong.
Going to the logs I see that there was no data to be found to match and login users. So I went to the server and checked out the database. Only to find out all the previous databases are gone and one database called "READ__ME_TO_RECOVER_YOUR_DATA" exists and I was like "wtf" and I went on and checked it out. It had a collection inside with one document called "README" So I read it.
It said...
"All your data is a backed up. You must pay 0.043 BTC to 1Kz6v4B5Cawc... In 48 hours for recover it. After 48 hours expiration we will leaked and exposed all your data. In case of refusal to pay, we will contact the General Data Protection Regulation, GDPR and notify them that you store user data in an open form and is not safe. Under the rules of the law, you face a heavy fine or arrest and your base dump will be dropped from our server! "
So yea my production server was hacked and blackmailed. 😅
F*ck that shit! 🖕 I'm wiping the server and reconfiguring everything.
Moral of the story change your passwords and enable two factor authentications on all your major accounts.
#StoryTime #Hacking
@Dagmawi_Babi
[ Left Pic ]
The database document left by the hacker
[ Right Pic ]
The price of the demanded Bitcoin
#Hacking #StoryTime
@Dagmawi_Babi
The database document left by the hacker
[ Right Pic ]
The price of the demanded Bitcoin
#Hacking #StoryTime
@Dagmawi_Babi
They hacked a Bitcoin software wallet to recover $3 mill
• youtube.com/watch?v=o5IySpAkThg
As a person who's looking into buying a physical crypto wallet, this was exciting.
#YouTube #Crypto #Hacking
@Dagmawi_Babi
• youtube.com/watch?v=o5IySpAkThg
As a person who's looking into buying a physical crypto wallet, this was exciting.
#YouTube #Crypto #Hacking
@Dagmawi_Babi