☎️HELP! I'VE BEEN HACKED!?

Resources for those experiencing an attack.

Remove Threat

Use the Server Owner/Admin account to remove the compromised user or bot from the Server.

If an Admin was compromised... The Server is Compromised. Remove the threat & lockdown the server (automatic with WICK or similar bot) / manual process:

LockDown Server

Remove Administrator roles/permissions from all users & bots
Set all Categories/Channel to private
(save for a single read-only channel, with single text-only alert post)
Review Roles/Permissions on users & bots to ensure server is locked down
Have compromised Admin change their password.
Have all staff setup new unmarked email addresses and change their Discord emails.
Change passwords once again, ensure password contains letters (combination of lower & uppercase), numbers, and at least one symbol (!@#$%^&*)
Consider reviewing this document before restoring channels and permissions.

If the Server Owner account is compromised... the Server is lost. Attempt to change the password, but if ownership has been passed to a new account, then recovery is near impossible.

⚖️Role Hierarchy

Discords are COMPROMISED, not hacked. Compromises can be avoided. Damage for all other unavoidable attack types can be mitigated. Study the fundamentals to prevent future attacks.

✅Security Audit Checklist

PreviousStart Here NextOwner & Admin Perms

Last updated 2 years ago