Good message but wrong way to do it from @AgentGamerPro.
As @CoolProgrammer said, these kind of attacks are common for servers owned by people or people with little/no experience having dangerous permissions.
Put it simple:
Do not give dangerous commands to players that you don't know well (/gamemode, /op or deop, /stop, etc).
Teach the players with access to dangerous commands the risks of giving someone else dangerous commands and maybe not give them at all without the owner/manager's permission.
If you end up giving someone creative mode and they write a sign and they tell you to click on the sign placed or not, DO NOT CLICK ON THE SIGN for the safety of the server.
Make daily backups of your server via your server's panel, run /save-all hourly or have a skript to do so atleast you have a save.
Use DiscordSRV or Skript with Vixio to log all commands ran by operators/players with * permissions if you need to.
Due to how customizable Minecraft is, these kind of attacks are very easily done if someone with dangerous permissions doesn't know any better, the community just needs to learn how these attacks are done and avoid them from happening at all costs.
If a attack is done on Minehut and you have very clear evidence/proof that they attacked, you may report them here.
Please note: when I say "dangerous permissions", this means /op status or * (all commands) permissions given by someone via a permission plugin such as "LuckPerms" and "PermissionsEX".