We just got into a malicious bots database with root access.

So guard duty gave us some warnings for our tableau server, after investigating we found an ip that was spamming us trying all sorts. After trying some stuff we managed to access their MySQL database, root root logged us in. Anyway the database we just broke into seems to have schemas for not only the bot but also a few Chinese gambling websites. There are lots of payment details on here.

Big question, who do we report this to, and what's the best way to do so anonymously? I'm assuming the malicious bot has just hyjacked the server for these gambling sites so we won't touch those but dropping the schema the bot is using is also viable. However it has a list of other ips, trying those we found more compromised servers which we could also log in to with root root.

This is kinda ongoing, writing this as my coworker is digging through this more.

A site I manage in my spare time with a couple thousand normal users was getting attacked by a Chinese botnet. All the requests were coming from only two subnets. Easy to block. Feels like this was only the vanguard. Prelude to the real attack. I'm thinking about moving the site to its own server, so it won't affect my other sites. There at least if it gets kneeled, it'll only be that site.

I regularly get added by unknown people on telegram. Now, sometimes they're real people asking you to rate some hotels or put smth in a shopping basket in a specific webshop.

It's my hobby to figure out what their scam is. (I think just not paying, how would they do that anyway).

Also, you've bots. Doing acquisition and then ask you to contact them on a different number. I do this. Yolo. For fun.

But now, there's a Chinese girl that added me and I can't figure out if she's a bot or real. She did ask me to contact on a different number - like bot.. But she goes to sleep on Hong Kong timezones and I've let her tell me what was in a youtube video. She described well. Still, I don't trust.

She does have some inconsistenties in dot usage at end of sentence and stuff.

English, quite well but I think she uses translator if she's real. She said it's not her native language.

It drives me totally crazy not being able to figure out.

What are more ways to check if AI?