Question Got Hacked; How Did It Happen?

[michael diemer]

Awhile back, while I was on a BSD operating system, I was hacked. I had left the computer for a moment, and when I came back, there was a terminal up and running. Someone was typing away, right in front of my eyes. I saw the word "chroot," get typed and immediately shut down. That meant someone was about to take root control of my computer.

At the time, I was on a music forum, and it uses the Adobe Flash Player (although I had not loaded it on my system). I had assumed BSD, like Linux, was safer than Windows. Apparently not!

Anybody have any thoughts on who may have done this, and how? A Russian hacker? Someone on the music forum? Someone in the BSD community? I have since wiped the drive and now have a Linux system on it.

 

[USAFRet]

While a base Linux (or BSD) install may be 'safer' than a base Windows install...all that other software, and the user, is the real issue.

Something you installed opened up a port to the outside.

 

[britechguy]

The fact of the matter is (and this is not meant as a swipe at the OP, as I have had infections in the past, too) that it's virtually always direct user action that is the infection vector.

That's been demonstrated again, and again, and again. The best defense against infection is developing safe habits for interacting with cyberspace.

Quietman7, a security expert who is an active contributor on Bleeping Computer, has written extensively on what you (any you) need to do to develop safe interaction habits with cyberspace. The following four are, in my opinion, must-reads:

• Users Themselves Are The Most Substantial Weakness In The Security Chain (just that single message)
• What you must understand regarding computer security (also just this single message)
• Best Practices for Safe Computing
• Reflections on Antivirus/Antimalware Testing & Comparisons

I don't, and never have, come close to following all of the Best Practices in the topic above, and I truly doubt that there are many people who do. But if everyone followed even 50% of them that are applicable to their usual travels through cyberspace infections from every vector type would plummet, drastically!

 

[michael diemer]

Thanks for the tips. This was a weird experience, because I had not even been on the BDS system very long, and don't recall having installed much software. But I guess something I did opened the door. One thing I wonder about is router security. The first thing I did after this event was to change my DNS routing. I plan to upgrade to a more secure router also. I also will not install any version of Flash. And I will definitely be more careful about what sites I visit.

 

[michael diemer]

I recently came across this article, and am wondering if it could relate to my situation:

CVE-2018-14665: Xorg Vulnerability Affects Both Linux and BSD Systems

Linux and BSD systems face a critical risk as a Xorg vulnerability has been found. This is the main display server which is used to provide the graphics

sensorstechforum.com

Anyone have any thoughts on this?