Jump to content
Posted 24 April 2018 - 06:53 PM
Posted 24 April 2018 - 08:15 PM
Not that anything is impossible, but the scenario you describe is highly improbable. . . very highly improbable.
Brian AKA Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134
. . . the presumption of innocence, while essential in the legal realm, does not mean the elimination of common sense outside it. The willing suspension of disbelief has its limits, or should.
~ Ruth Marcus, November 10, 2017, in Washington Post article, Bannon is right: It’s no coincidence The Post broke the Moore story
Posted 25 April 2018 - 04:40 AM
Edited by MarkMackerel, 25 April 2018 - 04:41 AM.
Posted 25 April 2018 - 06:19 AM
I'm pretty new to tech stuff so I'm sorry if this sounds a bit ridiculous.
No such thing as ridiculous!
I'm a huge PC gamer so i have game accounts that cost money and are really important to protect. If someone were to hack my computer or if I were to get a virus, would my accounts be forever compromised?
As Mark say's, if someone exploited a vuln on your system and placed a payload on your device, giving them either a bind or reverse shell access (remotely), then you are pawned......or owned by them, so to speak.
They can look around and do whatever they wish.
But one must look at the motives behind this type of hack.
They are not easy to run and require loads of information gathering (time) and other modulations.
Unless you are the Pentagon, a world bank or own a million $ Bitcoin wallet, your simply not worth the time and effort to exploit.
Furthermore, the attacker (if from your gaming hangouts) would have to know your identity on the network (WAN IP) to get the ball rolling.
If you have gaming accounts which are valuable to you, and possibly others, then it is within the games server domain itself, that you will most likely see attempts to be compromised......not your machine at home itself.
Its simply non economical to just randomly infiltrate machines hoping to find gaming server login creds.
Do you know what i mean?
As mentioned, the only info they most likely have on you through the server is your email addy (hopefully you are proxied or vpn'ed)......if they want your creds, this is how they will target you, so just be aware of any potential phishing and social engineering attacks via email in order to keep your home network safe.
Like I can't just change the password and be ok again if I were to move onto a new PC? Could they infect my new computer through it?
If you suspect that your gaming machine has been infected/comprimised, then yes, move to a known 'safe device' and change all your server passwords. (and any others that may protect sensitive application data).
If you have access to a known safe device (formatted or new system) then no they cannot hurt you, as any suspected malicious payload for control is gone!
Edited by Replicator, 25 April 2018 - 06:29 AM.
Posted 25 April 2018 - 01:15 PM
If these account are very important to you, check if they can be protected with more than a password. For example with Google authenticator.
I'm not a gamer, so I don't know if that is supported.
For more details: https://en.wikipedia.org/wiki/Multi-factor_authentication
SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.
Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"
0 members, 0 guests, 0 anonymous users