Post
Topic
Board Gambling
Re: DaDice.com - Next Gen Social Gambling Dice Experience | Progressive Jackpot
by
eightbits
on 21/08/2015, 23:38:01 UTC
Was there logins in the auth.log from an outsider using root or a bash_history showing someone was using the root account?  It's a bad idea to have ssh access open to root accounts.  You should use another account and SU.  Also you should have hidden bastion server access and not allow any ssh from IP's other than two bastions (the other as a backup).

I ask because rarely does a hack happen with a root password.  Typically it's poor code allow cross-site scripting, SQL injection etc. etc.  If there is no proof of shell access search access logs for PUTS and POSTS to narrow it down.  Or, check your database integrity to see if it was compromised.