[[sucking in air]]
...
just be sure you don't know of any way it can be hacked. It will be hacked, and that's what you'll learn from the experience. But HN is like putting out to sea in a canoe. You can't go back, and it's going to leak, so be more than ready.
What surprised me about this incident was how many script kiddies are out there. The sophistication of the attacks were so low. Very poor opsec (using compromised machines as jump boxes, but still logging into the site with their desktop browser with no VPN or Tor), very poor understanding of attack tools (LD_PRELOAD to make certain processes not show up in "ps", except we don't use a dynamically-linked binary to do that, so it has no effect), etc. I feel like I never converse with that type of person on HN, so I just forgot they existed.
I kind of assumed that whole field of specialization died off when people started getting aggressively prosecuted for this sort of thing, but apparently not. If anything, the crypto craze has really increased the demand for hacked Linux systems. I was very surprised to see thousands of compromised machines on major cloud providers attacking us, as well as a long tail of tiny hosting companies that I assumed didn't exist in the world of Linode and Digital Ocean. Like you can get a server in a rack somewhere and sell it to someone, and there are customers that buy that service. Mind blown!
Honestly the stolen credit cards were interesting, but overall not that big of a deal. We had free trials which were equally effective for crypto mining. Post-pay is always a drag. Lots of people that sign up with cards that have a spending limit well below what we claim the price is going to be. Other people issue chargebacks months later with excuses like "oh, I forgot I was using that" or "I didn't feel like I got the value for what you charged".
All in all it's an amusing business.
