Mountain Devs Forgot to Lock the Doors and Got Hacked Immediately

The creators of Mountain, a new messenger aiming to take on industry giants, recently launched their first test deployment on a Yandex cloud instance. The team opted for a lean configuration—just 2 CPUs, 4GB of RAM, and a 20GB SSD—thinking simplicity was their best friend. Instead of users, the first thing they welcomed was a hacker.

While the team was busy debugging UI path issues and broken forms, their MongoDB database was being ransomed. A remote actor scanned public IP addresses, found the exposed ports, and dropped a README file demanding Bitcoin. It turns out the developers had spent all their time configuring service limits but completely neglected to secure the server itself, leaving the front door wide open for anyone with a port scanner.

After cleaning up the mess, nuking the server, and actually bothering to set up passwords for Redis and MongoDB, the team turned their attention to feature parity. They’ve added lobby-style voice rooms, temporary chats that vanish like your dignity after a bad meeting, and screen-sharing quality toggles. The platform is currently handling light loads with ease, mostly because the primary activity so far has been fixing their own security oversights.

Building a platform from scratch while learning basic cybersecurity in real-time is certainly one way to approach product development. It remains to be seen if the market needs another Slack clone, or if this is just an expensive way to learn why `ufw status` is a thing.