Some of you may not follow all this, just know the point of the story is I was a BIG idiot.
My job requires me to interact with an internal server but our customers log into it from outside our network so I do a lot of testing from my home server to test incoming connection. I needed a Windows 7 machine to test some things so I grabbed the free virtual hard drive from Microsoft and created a machine on my server.
The VHD is clean and they give me (everyone) the same administrator password, with the idea that even a complete moron would at least change the admin password.... except one
I set up my own admin account and completely forgot to change/disable the built in account. Normally this wouldn't be a huge deal except I had to open remote desktop to log into it from work.
I was working away a couple days ago and then kept getting kicked off by the "administrator". So I logged in and as I'm typing the default password, it started to dawn on me what happened. When I got on, there was a directory open transferring files that had a ton of Russian text in the names. Yep, took the hackers less than a week to find my open port and figure out the damn admin password was still default
I quickly shut down the machine but I'm sure damage was done. This morning I found out someone hacked my Hilton account and took most of my points. Luckily Hilton is giving them all back, and I'm actually pretty sure this is a coincidence since one of the stays they made was on September 25 which is the day before I created the machine, but still weird.
Also luckily I use a password manager that makes it very easy to quickly change all my important passwords, but I get to spend a bunch of time this weekend cleaning up after this mess.
Lesson learned...CHANGE THE DAMN DEFAULT ADMIN PASSWORDS!!!!!!
