I believe I have a pretty secure set of servers, and in over 7 years being open to the internet, I had not been hacked… until tonight.
The thing that really puzzles me is that the hacker registered without a single failure, with a 10 digits username and a 10 alphanum char password, upper&lowercase.
I am fairly confident that the hacker has not gotten hold of the account info (he is from palestine, 1000’s miles from where I work), unless he hacked into my customer email, and then decided to hack my server, etc… but I really doubt it
How could the guy got the right password from first shot… strange enough, I’ve already seen valid usernames with wrong passwords attempts, but user & pass right from the 1st attempt, I’m really surprised !
any ideas (other than he got hold of the credential is some way) would be nice - asterisk version is 11.21.0 if that serves.