Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possibly a packet sniffer?


  • Please log in to reply
3 replies to this topic

#1 Hideous piping

Hideous piping

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:02 AM

Posted 13 April 2010 - 08:14 AM

Ive had a password stolen and changed 4 times in the past 2 days, even after being changed on a verified clean system on my network. Ive ran Combofix, Malwarebytes, Avast, SUPERantispyware, and they have all come back clean even after multiple scans. The last thing i can think of is a possible packet sniffer on my network. Any idea how I would confirm/remove this if it's the case? Thank you.

BC AdBot (Login to Remove)

 


#2 JimMcGowanInlet

JimMcGowanInlet

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:02 AM

Posted 13 April 2010 - 09:48 AM

In todays switched networks its not likely that a sniffer could get your password unless they had direct access to your network and probably support from the network team. A sniffer might work if you were on an unsecured wireless network.

You didn't mention what the password was for. Is it your email password for an outside email like yahoo or gmail? Is it the PC password, or a windows network password?

If you havent already try a very complex password that is atleast 7 characters long with numbers, uppercase characters and atleast one of the characters above the numbers !@#$%^&*()_+

Be more specific about what the password is to and I can give you more specific ideas.

#3 Hideous piping

Hideous piping
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:02 AM

Posted 13 April 2010 - 11:48 AM

I play World of Warcraft *dont judge me :thumbsup:* And i have had my account hacked into 4 times in the past 2 days, I have ran Combofix, Avast, Malware Bytes, SUPERantispyware and they all have come up clean so far. I got on my backup laptop to change my account info while my desktop was running scans. Not more than 4 hours later i got emails from Blizzard that my account had been switched back the same email address that's been stealing my info, and my password was changed again. I have done everything short of a system restore to my PC to no avail, and the fact that they were able to log my password from the laptop that has never had the game installed on it in any way shape or form is really spooking me.

Also, the email address i am changing my info to, have all been different and on different hosts, so im at a loss as what to do next.

Edited by Hideous piping, 13 April 2010 - 11:51 AM.


#4 JimMcGowanInlet

JimMcGowanInlet

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:02 AM

Posted 13 April 2010 - 04:38 PM

I would say its some mechanism for World of Warcraft password recovery. What ever you are doing to get control back they are probably doing to take control away. Are you calling the support department? Maybe they are too. Does WoW use a Hint retrival method? Have you changed your hints?

Have you tried a complex password?

Does anyone have physical access to your PC where they could be stealing the password from a local file?

Are you on Wireless?

Have you run windows update to get all the critical patches?

UPDATE:
Another thing to consider is a keylogger designed to steal passwords from WoW is probably not something an AntiVirus, Spyware or other software has in its signatures. If something is new and no one has reported it it will go undetected until someone does. Your PC may have a yet to be reported/discoverd hack.

Edited by JimMcGowanInlet, 13 April 2010 - 04:58 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users