My website was hacked and ask for money

Posted April 28, 2019 6k views
DigitalOceanUbuntu 18.04

Hi 27/04/2019 i was hacked on internet from this gmail account, i dont know where to write for help so i found to report this hacker and find some help because DO is off dont helping.

Header email

Have control of my droplet website 27/04 changed my emails, instagram, website all
We will leak and publicity your database on pastebin and smillar service if you don’t pay us $100 within 24 hours.
I responded to the email and Now i have received this email from the hacker
BTC : 1M8kz7cH23W1Uu71BfvwAgaRF7Ha5bXvNZ
I cant delete the droplet i have clients what to do. Any recommendation pls..

1 comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
4 answers
  1. Do you have a backup? If it’s not too old, restore the backup. Snapshot could be one option etc.
  2. You could use the services of sucuri or sitelock (check their websites and look for the “I was hacked” services or 911 as far as I know). It will be not cheap, but they could help.
  3. For the future, check out if you could migrate your clients to a droplet with Plesk - that you could get as a one-click app from the DO marketplace: . It comes not only with many security features on all levels, but also for WordPress.
  4. In case you are using WordPress - make sure you keep your installations up2date, either through a tool like Plesk to automate it. But in general. :)

good luck!

if you have email back up. you can restore your websaite password from it.
for saite data you can restore it from your back up.

I don’t know why Digitalocena don’t help with this hacking email from today
I give you time 24hours from now to pay, if not I will publicity the database and make your server goes offline.

On Mon, Apr 29, 2019 at 1:21 AM Luçifeàr wrote:

Guys thanks 🙏 for your recommendations I will try all options yes I have backup but think he have full control over server.
Don’t know how find from where he are login.
Another question what’s pastebin he are threatening me whit pastebin ??

  • I don’t know why Digitalocena don’t help with this hacking email from today

    I can answer to that. It isn’t that we’re not sympathetic to the situation or anything like that. Rather, you have all of the resources to handle this in every way that it can be handled, and we have less of them. What we provide is root access to a server that you manage. If you upload a website that is vulnerable to compromise, or set a root password that someone else can get hold of, we do not stop you. These are the freedoms and responsibilities that exist when you have root access to a server.

    Anything that can be done at this stage will be personal to you. You can investigate logs, you can restore backups, you can secure your server. We cannot log in to your server for you, so we can do none of these things. You are 100% in control here and have all of the resources that exist. There is nothing that we, as your provider, can do for you that you cannot do for yourself.

    I hope that helps to understand the situation from our perspective.

The responsibilities is all yours! Digital Ocean only provided you droplet services.

There’s no good way dealing with hackers, If I were you I prefer to pay because he only ask for tiny money $100 not like ransomware hacker who usually ask for $10000.

By the way I saw recently this database leak like you said on pastebin Is this yours?

Always monitor your log access with tail -f, becareful because they can login to your server and destroy your important data.

I hope that helps