Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I'v been hacked, what to do next


  • Please log in to reply
3 replies to this topic

#1 PoweredByGoogle

PoweredByGoogle

  • Members
  • 192 posts
  • OFFLINE
  •  
  • Local time:12:33 AM

Posted 29 December 2009 - 05:21 AM

So today someone got onto all of my email accounts changed the pw's ect. I was quick to act and found out 2 hours after. Reset all pws and got them back. They also attempted to change my password here on bleeping computer and I got an email that shows the ip address of the person who tried to reset it. They did not steal any money (yet) is there anything i can do with this ip address or anything i can do to find the person or get them in trouble?

They also tried to change the 2nd email on my email account so if I tried to recover the pw the recovery info would be sent to there email so I have that email. Any ideas on what to do next?

I scanned all my computers so I dont know how they keylogged me. I dont click links or open emails from people I dont know and my pw Is not easy to guess its leters and numbers out of the 4 email accounts they got 3 had different passwords (2 emails had the same pw)

BC AdBot (Login to Remove)

 


#2 PoweredByGoogle

PoweredByGoogle
  • Topic Starter

  • Members
  • 192 posts
  • OFFLINE
  •  
  • Local time:12:33 AM

Posted 29 December 2009 - 11:29 PM

Anyway to find out who it is or get them in trouble?

#3 Vortex-19103

Vortex-19103

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:33 PM

Posted 29 December 2009 - 11:44 PM

I would first make sure that you still don't have any open devices. like an open router or default router (out of box/no changes)

if you are on wireless,
make sure that you change the router password,
set mac addressing for temporary to only your mac address
change your SSID then / acquire to PC / then disable SSID from broadcasting (reduce any targets from being seen)
change your password and security settings

if you are wired
make sure that you change the router password,
set mac addressing for temporary time to only your mac address

you should be able to put in a block from that ip address that you suspect. in your router firewall

(simple solution)
make sure its not a family member - pranking you.

Before making changes to system, I would back up Hard Drive to image file (ghost)
run hijackthis and save logfile, look for obivious unknowns
Update av products (I like webroot antispyware/antivirus)

make sure you backup pc first (to image file) then run combofix ... http://www.bleepingcomputer.com/forums/t/273628/combofix-usage-questions-help-look-here/ then sdfix

I hope this helps,

V

Edited by Vortex-19103, 30 December 2009 - 12:06 AM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:33 AM

Posted 29 December 2009 - 11:51 PM

You can get some info here at Whois. I am sure others will have some more info.
http://cqcounter.com/whois/

If they have hacked you as it appears you should scan for Malware and any keyloggers.

Your passwords should be changed from another PC

Next you should reset the router to its default configuration. This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router. Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds). If you donít know the router's default password, you can look it up HERE.


ComboFix is an Anti-Malware tool used by advanced malware technicians

specifically trained in its use.


Please DO NOT USE COMBOFIX on your own without supervision!!!

ComboFix usage, Questions, Help? - Look here

Edited by boopme, 29 December 2009 - 11:56 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users