R
Railway3mo ago
marsic

Dapp under attack

Hello everyone, I urgently require your assistance. We've been developing a web3 application and have been utilizing a Railway server to store our private keys within the environment variables. We now need to investigate if our server has been compromised, as it's the sole location where we've stored our private key.
Solution:
I will say, the likeihood that someone got into your Railway account is incredibly low. It is much more likely that you leaked the creds some other way
Jump to solution
10 Replies
Percy
Percy3mo ago
Project ID: N/A
marsic
marsic3mo ago
N/A
Adam
Adam3mo ago
If you've just used your private keys in environment variables through Railway's UI, they cannot have been leaked
marsic
marsic3mo ago
can we investigate did anyone logged in on our railway?
Adam
Adam3mo ago
You should have two factor authentication on your Railway account Railway cannot provide logs for account logins
Brody
Brody3mo ago
the only information about logins would be here https://railway.app/account/security
marsic
marsic3mo ago
thanks but this information are only for my personal access is there any way I can check is there any other account that has the access?
Brody
Brody3mo ago
the page shows you every device that's logged into your account
Solution
Adam
Adam3mo ago
I will say, the likeihood that someone got into your Railway account is incredibly low. It is much more likely that you leaked the creds some other way
Adam
Adam3mo ago
Uploading creds to a public Github repo is the most common mistake people make
Want results from more Discord servers?
Add your server
More Posts
hobby plan monthly charges are not clearhttps://help.railway.app/questions/unfair-charges-d79b355e I started a ticket and now it's archivedDEPLOYMENT QUESTION: React Native AppHi ! I was wondering if I wanted to deploy the web version of a react-native-app, is it the same proLaravel 11I hope you're doing well. I'm experiencing some issues when trying to deploy my Laravel application Website Under AttackThis morning I woke up to over 7000 emails from my Django server of Disallowed Host errors. My app iCan't connect to redis internal but can over ipv4 addrI am trying to use the railway internal network for a Redis store in a NodeJS server but I can only trouble working with npm workspacesHey I'm working in a new pattern than usual which is a monorepo using npm workspaces My build faileSSL not working for siteits been loading the ssl for around a week now and its not working. I had ssl on cloudflare before sAxiosError Request failed with status code 502I have an API host on Railway that have an endpoint that worked well with generates qrcode, but suddError connecting to postgres using private urlHey mates, I searched for this issue in the threads and realised a couple of other people has also Caching causes build to get significantly longerI have a build which is for a decently basic Nest.js app with Node and TypeScript. I'm using yarn 4.