Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

hcker inside. not detected, using server instead... new? probably


  • Please log in to reply
9 replies to this topic

#1 James T Kirk

James T Kirk

  • Members
  • 247 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:StarSystem 4
  • Local time:07:21 PM

Posted 24 January 2014 - 04:54 AM

hi y'all pilgrams? computers to you all.
how is everyone today?
 
i have a possibly, the newest form of getting "inside" that is available today. have not heard of it. no virus detected!
the hcker has 5+ years of experience and only goes online every 3 or so days with a secure computer that is encrypted, so no "usage spikes" can be seen except at random when they come on, so it might be hard to find (by chance when your looking), you can't tell if they are if you have a faster computer.
 
i don't even think that they used a file virus to get in, i think they are linking directly through a "server", bypassing without the need even for a virus. i have not downloaded any files, so if it got in, it snuck in through a legit program that was already running maybe? or through a newly created "server" conduit.
 
does anybody know how to block them?

Edited by hamluis, 26 January 2014 - 07:55 AM.
Moved from Gen Security to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 James T Kirk

James T Kirk
  • Topic Starter

  • Members
  • 247 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:StarSystem 4
  • Local time:07:21 PM

Posted 24 January 2014 - 09:26 PM

hi computer people's.
greetings everyone.
 
im having a mite bit of a problematic delimina here:
 
can a hcker get "inside" with your email address?
 


#3 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:21 AM

Posted 25 January 2014 - 01:06 AM

the hcker has 5+ years of experience and only goes online every 3 or so days with a secure computer that is encrypted

So do you know the "hcker" or is this related to Any general "Hacker" ??

I am not aware of a hcker, except the one that was arrested 24hours ago in Romania (I think)

 

Download Screen317 Security Check and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Please post the contents of that document.
Note:: If a security program requests permission to access the Internet, allow it to do so.

 

We can have a general look at your Security setup"

 

 

If you are sure that you have someone interfering from the outside read below -

  • If you need assistance, please follow the instructions in the Preparation Guide starting at Step #6.
  • Note that Windows 8 will not run the requested program, so just post your problem and steps you have taken.

     

     

  • When you have done that, start a new topic and post the required logs to  Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team Experts.
  • If you are unable to complete any step, just post the topic and leave a full description of your problems

     

     

  • Please Use Copy / Paste for your responses, and Do Not Attach them unless your helper requests this.

     

     

  • If Help Bot responds to your topic, please follw his Step #1 so the team will be notified.

     

     

  • After doing this, please reply back in this thread with a link to the new topic so we can close this one.

Thank You -



#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:21 AM

Posted 25 January 2014 - 08:16 AM

Are any of these what you are talking about ??
Elusive hacker Guccifer arrested in Romania - report RT (blog)- Published time: January 23, 2014 01:13
Romanian authorities arrested on Wednesday a man they suspect is hacker Guccifer, known for infiltrating the email accounts of many  international political and public figures, including former US President George W. Bush.
Also Pune-based global hacker Amit Tiwari arrested Saturday, Jan 25, 2014, 7:53 IST | Place: New Delhi | Agency: DNA
And 'Revenge porn' site creator, alleged hacker charged with computer crime, ID theft NBCNews.com (blog) - 1 day ago

 

Without specific information, we do not know who you are talking about -



#5 James T Kirk

James T Kirk
  • Topic Starter

  • Members
  • 247 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:StarSystem 4
  • Local time:07:21 PM

Posted 25 January 2014 - 05:44 PM

noknojon, thanks for the reply

that is not who i am talking about.

 

a virus was not detected.

yet there is evidence that there is a hacker inside my computer.

they have set up a separate "server".

 

how can i start a new topic in the section that you indicated when no virus was detected.

it is only a "server", a conduit, or access point.

there may not even be a running process! (or at least one that can be seen -- invisible)

i have never seen anything like it :flame:

 

 --cAptain KIrk
UNknown


#6 AV4Me

AV4Me

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:21 PM

Posted 25 January 2014 - 08:01 PM

A Virus is not always required to gain access into a computer, all one has to do is find a vulnerability in which they can exploit and they are in, I have gained access to numerous computers without ever requiring a virus to do so. 

 

Just because a virus was not detected does not mean one is not present, it simply means your antivirus does not have a signature for it, and if you are using heuristics the piece of software was stealthy enough not to set off any alarms. 

 

As for not being able to see a running process, any time a system has been compromised you have to assume the tools on that system have been as well, this is a common technique to hide our tracks when gaining access into a system is to ensure our malicious software will not show up under task manager or other similar programs. You need to get yourself a trusted set of tools to do your analysis. I would also suggest running a packet capture program like wireshark and look for any connections which just don't look right. 



#7 James T Kirk

James T Kirk
  • Topic Starter

  • Members
  • 247 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:StarSystem 4
  • Local time:07:21 PM

Posted 25 January 2014 - 10:59 PM

thanks for the reply av4me,
 
is  "access" gained by methods, 1,2, OR 3?
1. can you gain "access" to a computer by only knowing a  "targets"  email address? :football:
2. if the "target" does not open any attachments (in email )?
3. the "target" only opens the email itself
 
--cAptain KIrk
UNknown

Edited by James T Kirk, 25 January 2014 - 11:00 PM.


#8 AV4Me

AV4Me

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:21 PM

Posted 26 January 2014 - 07:49 PM

Acccess can be gained by a number of methods, I use which ever is avaible to me.

 

As for using an email where you have not opened an attachment, sure all I need is an Iframe or small graphic which loads from my website in your email, then I just check my logs and I have your IP and all you did was open the email, no need to open attachment. 

 

So to answer your question yes with the right knowledge one could gain access knowing only your email.

 

I would suggest running a vulnerability scan to identify any vulnerabilities you may be suffering from and begin to fix them.



#9 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:21 AM

Posted 26 January 2014 - 08:05 PM

As this has been transferred here, I will offer a bit more advice.

 

 

Please start with Tracing a hacker and also Windows Forensics: Have I been Hacked?.
This includes a "Why would someone want to hack me?" section.

Here is a link for Wireshark program, that also includes basic directions.
Also here is one for TCP View which is often regarded as a milder version of Wireshark.

You have never replied to a request for minor scans, so thay we may check your system security.
For this reason you make it very hard to help you ensure that you have any correct programs that will block an invasion by a hacker of any type.

If you prefer not to reply, then your best sources are just to Google "Hacker Prevention" and spend your time following their advice -
Find How can I hack someone or something?.
See the hacker definition for further information and related links.
Quite often these users are nothing more than script kiddies.

 

Often script kiddies will create something odd, just for something to do on a quiet day.

From any of the above and below ideas, You can Google for days on the subject, and still be confused.

 

There are now "confirmed reports" that CIA / FBI type agencies can now activate youe Web-cam without you knowing. Even the Red light will not indicate activity(a good use for Poat Iy notes).

How hackers hack Facebook Account & How to stop them? <= The most used version of information stealing.

 

Warnings
•There is always the possibility of being hacked even if you follow these steps. Hackers are clever and are always coming up with new methods of deception.
•You might not know if you're being or have been hacked. Always be aware of how your computer is running, any email communication sent or received and what programs are installed on your computer.
•To ensure of not being hacked remain careful while using email. Check if you are not using a downloaded email home page because there is a method used by hacker in which they hack by changing some codes in downloaded file.
 

Several Antimalware companies have now stated that the CryptoLocker program was fully blocked by their active program, and no other action was needed.
 

The specifics of your questions require more information to be offered from your end.

You are the one that claims to be entertaining a "hacker", and even your questions are so general that Google finds several million answers to each one.

Note that email is not the start and end of "hacking" any computer. It is more your full security setup.
 

Thank You -


Edited by noknojon, 26 January 2014 - 08:07 PM.


#10 James T Kirk

James T Kirk
  • Topic Starter

  • Members
  • 247 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:StarSystem 4
  • Local time:07:21 PM

Posted 27 January 2014 - 06:17 AM

AV4me, thanks for getting back to me.
 
i heard that you can get "in" through legit programs -- is this true?
 
noknojon hello,
 
i don't want to give away my security programs, but yes i do have a security program and a firewall.
but i don't see how a firewall will help if the hcker has already gotten inside, because the virus creates an access point to BYPASS the firewall and slip through, no prob.
 
and a security program will not detect the newer viruses that they use.
 
i just want to know HOW to prevent them, in a brief summary of what to do, as in 1,2,3 etc :smilers:
 
1. do this.
2. use this technique.
3. make sure this is done.
4.
5.
6.
7.
 
for how many there are in a single sentance or so, summarized, for each listing :thumbup2:
i am trying to find out the different ways to prevent anybody from getting into MY computer.
 
if i fix it, i don't want it to happen again: so finding ways to prevent access to my computer is what i am seeking here.
in fact, fixing it doesn't do any good at all: they can just do it again.
 
i don't know, maybe someone hasn't gotten into my computer, but i still want to know how to prevent it in the future.
 
thanks.
 
--cAptain KIrk
UNknown :horse:





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users