Hacker using Digital Ocean IPs

September 1, 2017 486 views
DigitalOcean Security

I report a particular hacker using Digital Ocean on nearly a daily basis. I supply logs to show the hacker access to my droplet. I provide links to abusedb.com to show the IP is being used for hacking.

What does it take for Digital Ocean to simply refuse to provide a user service when they are demonstratively show to be a bad actor?

1 Answer

Are you using tickets? I doubt you'll get much done by creating a ticket. I suggest you send them an email to abuse@digitalocean.com with all the information regarding users malicious actions.
All hosting companies will have people who abuse their services and to be honest with you not many of them do much about it anyway.

  • I use abuse@digitalocean.com.

    I don't report the scrapers, wordpress hackers, port sniffers, etc. However email is sacred because if you have a bad actor in your IP space, some RBL will block the entire IP space in some of their more aggressive lists. As you probably know, the RBL providers are mighty useless regarding why you are on the list, presumably so you don't discover how to avoid their spammer detector. Frankly given the poor job Digital Ocean does on blocking this hacker, I don't blame the RBLs for blocking an entire chunk of Digital Ocean. I would do the same thing since the hacker has been operational for months.

    Personally when you have over 100 RBL providers, there is simply something suspicious. I've heard some are shakedown artists. Pay them money not to be on the list. I try to get some hosting companies to drop the slime RBLs like spamrl, but it isn't easy.

Have another answer? Share your knowledge.