APT is always behind it

Task by Dmitry Molokovich (@mlsdmitry) · Par time: ~45 min

Hey there! My VPS has been hacked by some APT :(

I just tried to start my own Minecraft server to be an admin there! Who doesn't want it, right?
Try to find hacker’s control panel server.


Added at 12:30 UTC: find the control panel IP address, there will the flag right away on port 80. You shouldn’t run suspicious binaries on your system, I thought it’s obvious.

Added at 14:45 UTC: the hackers targeted docker daemon first. Try to figure out what they’ve done with the containers. Additional intelligence: the control panel IP you need is hosted on DigitalOcean.