Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can a hacked account infect my computer?


  • Please log in to reply
4 replies to this topic

#1 spad27

spad27

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 24 April 2018 - 06:53 PM

Hi forums!

I'm pretty new to tech stuff so I'm sorry if this sounds a bit ridiculous. I'm a huge PC gamer so i have game accounts that cost money and are really important to protect. If someone were to hack my computer or if I were to get a virus, would my accounts be forever compromised? Like I can't just change the password and be ok again if I were to move onto a new PC? Could they infect my new computer through it? I just want to know to have a heads up and any information would be appreciated!

Thanks y'all

BC AdBot (Login to Remove)

 


#2 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 8,142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:01:43 AM

Posted 24 April 2018 - 08:15 PM

Not that anything is impossible, but the scenario you describe is highly improbable. . . very highly improbable.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

      Memory is a crazy woman that hoards rags and throws away food.

                    ~ Austin O'Malley

 

 

 

              

 


#3 MarkMackerel

MarkMackerel

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 25 April 2018 - 04:40 AM

I will give you the mindset of an attacker wanting to get into your machine.

If they hacked your account, then what have they got access to? They can see your email address and probably some other information. If they have your password and you use the same password for that email account, then they have access to your email account (you should be using different passwords and two factor authentication on your email account). If they are inside your email account they may then be able to obtain some other information. If I wanted to get access to your machine I would look at your contacts and find a person that you have regular contact with. I would then send you an email, spoofing the address of the sender to make it look like it came from that contact that you have regular contact with. I would put a link in the email containing malware and prompt you to click it.

When you open your email account and see this email from your friend and click this link, the malware would get activated and download some software to your machine in the background that you would be completely unaware of.

I would then have full access to your machine.

Edited by MarkMackerel, 25 April 2018 - 04:41 AM.


#4 Replicator

Replicator

  • Members
  • 200 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dark Basement
  • Local time:03:43 PM

Posted 25 April 2018 - 06:19 AM


I'm pretty new to tech stuff so I'm sorry if this sounds a bit ridiculous.

No such thing as ridiculous!

 

 

I'm a huge PC gamer so i have game accounts that cost money and are really important to protect. If someone were to hack my computer or if I were to get a virus, would my accounts be forever compromised?

As Mark say's, if someone exploited a vuln on your system and placed a payload on your device, giving them either a bind or reverse shell access (remotely), then you are pawned......or owned by them, so to speak.

They can look around and do whatever they wish.

 

But one must look at the motives behind this type of hack.

They are not easy to run and require loads of information gathering (time) and other modulations.

Unless you are the Pentagon, a world bank or own a million $ Bitcoin wallet, your simply not worth the time and effort to exploit.

Furthermore, the attacker (if from your gaming hangouts) would have to know your identity on the network (WAN IP) to get the ball rolling.

 

If you have gaming accounts which are valuable to you, and possibly others, then it is within the games server domain itself, that you will most likely see attempts to be compromised......not your machine at home itself.

Its simply non economical to just randomly infiltrate machines hoping to find gaming server login creds.

Do you know what i mean?

 

As mentioned, the only info they most likely have on you through the server is your email addy (hopefully you are proxied or vpn'ed)......if they want your creds, this is how they will target you, so just be aware of any potential phishing and social engineering attacks via email in order to keep your home network safe.

 

 

Like I can't just change the password and be ok again if I were to move onto a new PC? Could they infect my new computer through it?

 

If you suspect that your gaming machine has been infected/comprimised, then yes, move to a known 'safe device' and change all your server passwords. (and any others that may protect sensitive application data).

If you have access to a known safe device (formatted or new system) then no they cannot hurt you, as any suspected malicious payload for control is gone!

 

:wink:


Edited by Replicator, 25 April 2018 - 06:29 AM.

The quieter you become, the more you are able to hear!
CEH, CISSP @ WhiteHat Computers Pty Ltd

 


#5 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:43 AM

Posted 25 April 2018 - 01:15 PM

If these account are very important to you, check if they can be protected with more than a password. For example with Google authenticator.

I'm not a gamer, so I don't know if that is supported.

 

For more details: https://en.wikipedia.org/wiki/Multi-factor_authentication


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users