https://stackoverflow.com/questions/17946838
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian
Here's a few possibilities:
The attacker most likely gained access by...
- guessing your FTP password, is it short and simple?
- using a key-logger on a computer that accesses the FTP (the key-logger may have been installed from a phishing email), email attachment: "sexy_picxxx.exe" don't open those.
- software running on your server is not patched to the latest version or the current version has an un-patched "exploit". Exploit being a means to circumvent the security, like a buffer overflow, a hidden default admin username and password, etc.
- the person who pays for the server had their credit card information compromised (read: stolen), with that stolen info the attacker was able to call the company that is running the server and gain control of it.
- the attacker used minimal information about the owner of the account and some social engineering skill to have the company that runs the server help him gain access.
As for "enlightenment" that's probably for your personal education (in the eyes of the attacker anyways).
To avoid getting hacked in the future, do all of the commonsense boilerplate things you always hear about with regards to computer security.
- use strong passwords
- keep server software (web servers, FTP servers, operating systems, etc) patched and up-to-date
- keep the computer(s) that have admin access to your server are patched and up-to-date
- have some level of security or intrusion detection setup on the server and the computer(s) that have admin access to it
- Firewalls
- Anti-virus
- Secured connections using PKI public/private certificates
