Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Harddrive physically hacked?


  • This topic is locked This topic is locked
5 replies to this topic

#1 Cristie

Cristie

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Oregon
  • Local time:05:41 AM

Posted 05 April 2013 - 12:38 PM

Greetings; 
 
I am a victim of malicous menacing locally....I have searched the forums for something about someone having physical access to my harddrive and potentially my program CDs as I am aware that my activity on the internet is being monitored and even after destructive reformats.   i.e., Notably new behavior where the log-in and/or entry fields on a particular webpage will highlight a light blue when they are clicked-on; my passwords get mysteriously changed; I get locked out of my email and bank accounts.  I have Active Ports and Process Explorer, but they show nothing questionable.   If the intruders are using my IP to connect through the internet connection they wouldn't, right??   I have performed  /release and /renew in ipconfig and turned off as many Remote Access options as possible. I disabled my router.
 
Will changing the IP address be enough?  With the last hard reformat, the IP changed automatically without my intervening.  That was new!
 
If I sound a little moritified, its because I am.  I don't know what to do to ensure that my internet activity is secure from the culprits.  Understandably, Comcast has promised little in helping.
 
Any assistance or suggestions would be greatly appreciated.  I'm out of ideas here and just don't access sensitive information anymore.
 
2 online claim forms reporting the culprits were stopped and never received.
 
Will changing the IP address be enough?  With the last hard reformat, the IP changed automatically without my intervening.  That was new!
 
If I sound a little moritified, its because I am.  I don't know what to do to ensure that my internet activity is secure from the culprits.  Understandably, Comcast has promised little in helping.
 
Any assistance or suggestions would be greatly appreciated.  I'm out of ideas here and just don't access sensitive information anymore.

Mod Edit:  Merged topics, combined posts - Hamluis.
 

Edited by hamluis, 05 April 2013 - 01:04 PM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Stephen W

Stephen W

  • Members
  • 210 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norwich, UK
  • Local time:02:41 PM

Posted 05 April 2013 - 01:26 PM

Hi. I'm not one of the experts here, and I am sure somebody will get back to you soon. They are great here. But I just wanted to say that what you are experiencing sounds awful. I doubt very very much that a hard drive can be physically hacked. I would be tempted to check that there is no surveillance equipment hidden in your home which somebody could use to see you type your passwords. You might want to change the security and passwords on your router too if you have not done so. Hopefully somebody here will know what advice to give you.



#3 Cristie

Cristie
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Oregon
  • Local time:05:41 AM

Posted 06 April 2013 - 01:31 PM

Hi Stephen W.  Thank you for your kind response.  Yes, it is awful. And I KNOW there have been cameras in here.  The police are worthless in helping.

 

Again, thank you.    Cristie



#4 UpgradeMe

UpgradeMe

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA USA
  • Local time:08:41 AM

Posted 08 April 2013 - 02:15 AM

Cristie...it just occurred to me that the highlighting of the fields could be so that someone can see clearly what you type in the fields.  You may have already thought of this.  Some programs in the options give you the option of making passwords invisible when you type them.  I guess you probably already know this too.

 

Perhaps a hacker installed software on your PC that records the keystrokes you type and then sends them to the hacker and that too could be accounting for the mysterious blue color.  Sure seems like a reformat and changing your IP address would help, but it sounds like whoever is on the other end of this does know the usernames of your accounts and could potentially find your IP again.

 

I watched a video of some guy showing how to hack into private PCs.  I forget what the technique is called, but a hacker can lock on an IP and then use some programs to get onto your PC by just monitoring a website's traffic.  If you have been hacked, I hope this is what happened to you and not that someone broke into your home.  While on your PC, the hacker can use your webcam and just about anything else.

 

Yes, I long ago turned off Remote Desktop, just as you have.  There are other software options for that thankfully.

 

I guess this is about as intimidating as it gets.  Wish I could help, but it sounds like you are on top of the problem.  At least you are aware and can adjust you usage.  Definitely wouldn't be typing in any credit card information any time soon... :unsure:

 

YouTube is a good source for information on this topic.  Here is a useful video, but there are numerous ones on how the process works, too.  I recommend taking a look under "how to hack a pc ip" search:

 



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,070 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:41 AM

Posted 29 April 2013 - 08:45 PM

Hello to resolve this we need to get a deeper look. Please follow this Preparation Guide and post in a new topic.

Let me know if all went well.


Include this link back to here...

 

http://www.bleepingcomputer.com/forums/t/490856/harddrive-physically-hacked/#ipboard_body


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 34,841 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:06:41 AM

Posted 29 May 2013 - 11:44 AM

Now that your log is properly posted here, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the logs you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another Malware Removal Team member is already assisting you and not open the thread to respond.

To avoid confusion, I am closing this topic.


The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users