Technical Discussion
  >> Security Related Issues


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | 2 | 3 | 4 | 5 | (show all)   Print Thread
Standard User caley
(member) Sun 19-Jun-16 21:46:49
Print Post

Have I been Hacked?


[link to this post]
 
Would appreciate any advice forum members can give me.
For around 18 months I have had various issues on my computer mainly modem/router and wireless issues I think. I began to think something was wrong way back then when my mouse would have crazy fits and rotate around the screen then the light on my network indicator would flash as if on the net but I wasn't on the net doing anything. There was nothing uploading or downloading in the background, no windows updates were downloading or installing. These frustrating episodes were not too frequent. I ran scans but nothing showed up as wrong, installed lots of security programmes but still these oddities went on happening. Sometimes it would be on a daily basis for a week then nothing for a couple of weeks. However, I hadn't had any events since last November till last week. Suddenly I couldn't access the internet, lights went out on my router. I eventually found out through a friend that my password had changed. I set the router back to defaults and redid the password and everything was fine. Rerun all the security checks and nothing suspicious was found.
I'm now worried that something is on my computer that isn't obvious and the security stuff I use can't see it and I can't find it. My browser has been opened too as if by itself. I don't close my computer down but always close any programme that's open when I plan on leaving the room and a few times when I've been away from the computer for a while the browser has been opened when I got back. I've been going crazy trying to find the cause of this. Does anyone here think I could have faulty security that's letting an intruder into my computer? If so how do I find out how it's being done? I don't bank online thank goodness and don't keep credit card details on my computer so if it is a person that's doing this for gain then they won't gain much here.

Thank in advance for any advice.

Caley.

Lost a Pet?
Remember them forever at
Caley's Pet Remembrance Tributes
www.petremembrance.co.uk
Standard User Lethe
(fountain of knowledge) Mon 20-Jun-16 16:38:09
Print Post

Re: Have I been Hacked?


[re: caley] [link to this post]
 
Well, it sounds dodgy.

The only sure way of sorting this is to completely wipe your PC and do a fresh reinstall - obviously back-ups are useless here - you don't know what is infected or how. Also you will need to clear the router, change the passwords etc - and if you can, re-flash it with new firmware, as that could be infected with a back door and the gateway into your home network..

Nick
Standard User 961a
(member) Mon 20-Jun-16 16:58:07
Print Post

Re: Have I been Hacked?


[re: caley] [link to this post]
 
In reply to a post by caley:
Would appreciate any advice forum members can give me.
For around 18 months I have had various issues on my computer mainly modem/router and wireless issues I think. I began to think something was wrong way back then when my mouse would have crazy fits and rotate around the screen then the light on my network indicator would flash as if on the net but I wasn't on the net doing anything. There was nothing uploading or downloading in the background, no windows updates were downloading or installing. These frustrating episodes were not too frequent. I ran scans but nothing showed up as wrong, installed lots of security programmes but still these oddities went on happening. Sometimes it would be on a daily basis for a week then nothing for a couple of weeks. However, I hadn't had any events since last November till last week. Suddenly I couldn't access the internet, lights went out on my router. I eventually found out through a friend that my password had changed. I set the router back to defaults and redid the password and everything was fine. Rerun all the security checks and nothing suspicious was found.
I'm now worried that something is on my computer that isn't obvious and the security stuff I use can't see it and I can't find it. My browser has been opened too as if by itself. I don't close my computer down but always close any programme that's open when I plan on leaving the room and a few times when I've been away from the computer for a while the browser has been opened when I got back. I've been going crazy trying to find the cause of this. Does anyone here think I could have faulty security that's letting an intruder into my computer? If so how do I find out how it's being done? I don't bank online thank goodness and don't keep credit card details on my computer so if it is a person that's doing this for gain then they won't gain much here.

Thank in advance for any advice.

Caley.


Some info first please

Make and age of computer

what windows are you using. is it up to date

what make anti virus are you using?

what security system have you set on your internet connection? Are you on ADSL or fibre?

Is your telephone socket - router - computer connected by ethernet cable or wireless?

who is your ISP?

what downloads have you tried to find the problem?

Have you run Malwarebytes? If not, please do so now and report any findings. The free version will do fine, there is no need to buy the paid for version

https://www.malwarebytes.com/antimalware/

Run a (free) on line scan from Kaspersky and report any findings

http://www.kaspersky.com/free-virus-scan


Register (or login) on our website and you will not see this ad.

Standard User 961a
(member) Mon 20-Jun-16 17:18:23
Print Post

Re: Have I been Hacked?


[re: 961a] [link to this post]
 
As a matter of interest can you check to see if remote control of your computer is enabled on your machine please. It is normally disabled by default but is easy for someone to turn on

http://antivirus.about.com/od/securitytips/ht/How-To...

Does anyone else have access to your computer. May I suggest that for the moment you password protect your user account and turn the machine off when not using it
Standard User AdrianPH
(member) Mon 20-Jun-16 17:59:22
Print Post

Re: Have I been Hacked?


[re: caley] [link to this post]
 
Could be someone has been using your WiFi .

Malwarebytes Chameleon would be the best thing to run on your PC, that works in DOS and kills rootkits.

https://www.malwarebytes.com/chameleon/

The instructions for use are in the .zip file.

Standard User ukhardy07
(knowledge is power) Mon 20-Jun-16 21:09:46
Print Post

Re: Have I been Hacked?


[re: caley] [link to this post]
 
You say the wireless password had been changed. Wireless attacks are easy and can be carried out in a few minutes to a few hours if WPS is enabled (as is the case on home routers). It is unlikely they would change the wireless password any other way. A full brute force takes too long, it is bound to be WPS compromised. The issue with WPS is that it's an 8 digit pin. The first 3 digits are given to you when you fail to connect, the final digit is not random, so there is only 4 digits to guess as an attacker, you just brute-force the 4 digit pin using a computer in virtually no time.

I would do the following:
1) Reformat the affected machine
2) Log into your router, turn off WPS
3) Log into your router, change the SSID and wireless password to something random, ideally 10 digits or more on the password. If a successful WPS attack occurred, they have your SSID and PW. Do not use dictionary words in the password. Make it hard to guess.
4) Set the router wireless to WPA2-PSK AES only, not WPA/WPA2 mixed mode.

With the above you have the best security possible on a home router. MAC filtering is pointless and easily bypassed so do not bother.
Standard User caley
(member) Mon 20-Jun-16 21:19:01
Print Post

Re: Have I been Hacked?


[re: 961a] [link to this post]
 
Firstly thanks to all who responded with ideas and advice. The details of my set up are below. I've tried many different online scans and they all come back with the same answer no problems detected.

My computer is 2 years old and runs windows 7 with all updates (except windows 10) My anti virus is Avast free. I have fttc on my system. Not sure by what you mean "security system" I run a Netgear D6200 router with an BT Openreach modem, type Huawei Echolife HG612 version 3B but wasn't running these when all this started 18 months ago, had a Netgear N300 adsl 2+ modem back then. I'm connected by ethernet cable but do use wireless also. ISP is UNO for the last 10 months. I have Malwarebytes on my computer running all the time. Downloaded ADWCleaner as well as Super Antispyware but they all find nothing.
Had a bout today of browser window being closed this morning and opened up when I got home. There is nobody in the house when this occurs. I will give Kaspersky a try. With regard to formatting the computer that is not a job I do but when I remove the files I require I'll get someone to do it for me.

Caley.

Lost a Pet?
Remember them forever at
Caley's Pet Remembrance Tributes
www.petremembrance.co.uk
Standard User caley
(member) Mon 20-Jun-16 21:23:28
Print Post

Re: Have I been Hacked?


[re: ukhardy07] [link to this post]
 
Thanks for responding. I have a 24 character password which I have changed numerous times over the past 18 months but still this goes on.

Caley.

Lost a Pet?
Remember them forever at
Caley's Pet Remembrance Tributes
www.petremembrance.co.uk
Standard User 10forcash
(learned) Mon 20-Jun-16 21:58:35
Print Post

Re: Have I been Hacked?


[re: caley] [link to this post]
 
First things first, assume that at least one device on your network is compromised (probably not, however, this is the best way of developing a mind set to resolving the issue...
Secondly, if you go for the 'nuclear option' then don't rely on a wipe and reinstall, only replacement hard drives will get rid of any unwanted software for sure.
Now to the problem. In my opinion, it's very unlikely that a random 'hacker' would be interested in your I.P. address and connected equipment for the length of time you suggest if there is no information there to make it worthwhile. So that (mainly) rules out unknown persons or bots, what about known persons? Who do you know that would / could access your network? Think of access from inside as external access on a dynamic I.P. can be time consuming, especially if you reboot your router on a random basis - note that internal access can be by an installed 'back door' on your internal network which reports your public I.P. to the miscreants. So rather than focussing entirely on your PC, consider the network as a whole - and who could & would have the motivation and skills to mess with your head to the point you post on here.
To go back to my first point, treat every device as an attack vector, and secure every other device against it. Disable unused and un-needed services, download portable malware scanners from another location and burn to CD-R's before taking them home and running on all devices, replace any network switches with a hub so you can run wireshark or similar to analyse network traffic using a new network device appropriately secured and analyse the data off site. If you follow the above, one of two things will happen, either you'll find the attack vector, compromised device and an idea of who or what, or you'd conclude it's just a faulty keyboard and /or trackpad, and think back to that spilt cup of coffee all those years ago....
Good luck!
Standard User Michael_Chare
(experienced) Mon 20-Jun-16 22:03:34
Print Post

Re: Have I been Hacked?


[re: caley] [link to this post]
 
If the 'lights went out on your router', one explanation for this is that your ISP has failed to provide a service for some reason. If your main computer uses a wired connection you can always switch off the Wifi when you don't need it.

You should not use any default password for the router's web interface.

You might want to check how your computer behaves if it looses its internet connection say by removing the RJ45 plug

Michael Chare
Standard User caley
(member) Mon 20-Jun-16 22:13:10
Print Post

Re: Have I been Hacked?


[re: 10forcash] [link to this post]
 
Replacing a hard drive would be a big event for me but if it stopped the goings on then I would have it done.
I have a static IP address, does that make a difference? There's definitely nothing on my computers that has any value to bank info hackers and I cannot think of anyone around me that would do this sort of trick. You're right it has been on going for a long time and I cannot see what anyone is gaining from it. I thought at first my computer might have been turned into a botnet but all the checks I've done would surely rule that out. I've been thinking about buying a new computer but am unsure if that would solve the problem.

Caley.

Lost a Pet?
Remember them forever at
Caley's Pet Remembrance Tributes
www.petremembrance.co.uk
Standard User caley
(member) Mon 20-Jun-16 22:20:45
Print Post

Re: Have I been Hacked?


[re: Michael_Chare] [link to this post]
 
I've had very few problems with UNO, in fact can say anything that was wrong they sorted it very quickly. I have wireless switched on as I have a tablet, laptop, Amazon Firestick and Smart TV that feeds from the wireless setup so switching it off would be felt. As I said before the router has a 24 character password which I had hoped would be safe.

Caley.

Lost a Pet?
Remember them forever at
Caley's Pet Remembrance Tributes
www.petremembrance.co.uk
Standard User 10forcash
(learned) Mon 20-Jun-16 23:03:37
Print Post

Re: Have I been Hacked?


[re: caley] [link to this post]
 
'If' 'they' have access to your internal network and can for instance initiate RDP, then any autostored passwords are not 'safe'. In the first instance, I would request a new I.P address or request dynamic I.P. unless there's good reason for a fixed I.P. - are there any internet facing services hosted within your LAN?
As I said before, consider every networked device an attack vector, secure them one at a time, disconnected from the other devices preferably, I really do think you should consider some sort of traffic analysis and try and identify any known capable acquaintances or (ex) colleagues as the source. Note that 'smart' TV's can also be an attack vector, especially with a fixed I.P.
Edited to add:-
When you got the laptop & tablet, were they from retailers? Did anyone 'help you to set them up'? Have you ever had anyone request that you install Teamviewer or similar to help resolve any issues? Most security issues are due to behavioural weaknesses allowing 'social engineering' attacks - not saying you're weak, it's very hard to change natural human behaviour and teach people to not have implicit trust in each other.

Edited by 10forcash (Mon 20-Jun-16 23:26:35)

Standard User ukhardy07
(knowledge is power) Tue 21-Jun-16 00:38:19
Print Post

Re: Have I been Hacked?


[re: caley] [link to this post]
 
In reply to a post by caley:
Thanks for responding. I have a 24 character password which I have changed numerous times over the past 18 months but still this goes on.

Caley.


Is WPS enabled though? Also is it WPA2-PSK?

You crack WPS, it gives you the password, if I had a 63 digit password, I could break WPS in 30 minutes and have the 63 digit password. It does not matter.

I am telling you, WiFi is compromised over WPS in 90% of cases.
Standard User caffn8me
(knowledge is power) Tue 21-Jun-16 02:04:55
Print Post

Re: Have I been Hacked?


[re: caley] [link to this post]
 
I think you need to run a scan of your computer that doesn't depend on booting into Windows 7.

If you do have malware installed, it may very well be able to evade detection by other Windows programmes.

Have a look at ESET Sysrescue for a start.

Norton's bootable recovery tool is at https://security.symantec.com/nbrt/nbrt.aspx

Running within Windows but designed to find and delete threats which many antivirus products can't is Norton's Power Eraser.

All these tools are free to use.

Sarah

--
If I can't drink my bowl of coffee three times daily, then in my torment, I will shrivel up like a piece of roast goat

Spiders on coffee - Badass spiders on drugs
Standard User AdrianPH
(member) Tue 21-Jun-16 06:05:53
Print Post

Re: Have I been Hacked?


[re: caley] [link to this post]
 
You need to make sure you are using the WPA2-PSK AES security method for your WiFi.

You have Malwarebytes, look in the MBAM folder in your start menu, find CHAMELEON and run that.

It uses different methods to find malware , infections can't hide from it.

Standard User caley
(member) Tue 21-Jun-16 07:58:57
Print Post

Re: Have I been Hacked?


[re: ukhardy07] [link to this post]
 
I don't know what WPS is. There doesn't seem to be a security option selected, at least I can't see a selection but I'm not a computer expert. There's definitely something odd happening here, had adwcleaner installed yesterday today it's nowhere to be found. Checked everywhere. Think the answer is either get my new computer now or format the hard drive. Could anything be stored surreptitiously in my router or modem? Don't know if there are storage spaces in them that something could be uploaded to.

Caley.

Lost a Pet?
Remember them forever at
Caley's Pet Remembrance Tributes
www.petremembrance.co.uk
Standard User AdrianPH
(member) Tue 21-Jun-16 09:42:08
Print Post

Re: Have I been Hacked?


[re: caley] [link to this post]
 
WPS = Wi-Fi Protected Setup.

ADW Cleaner is an executable , it does not install in your system so you won't see it anywhere. It runs only when you execute the file you downloaded.

It is possible you have a hidden rootkit on your PC which is why I said you should run Malwarebytes Cameleon , it is designed to deal with situations like this.

NETGEAR ROUTER MANUAL

WiFi security page 35

WPS settings page 26

Edited by AdrianPH (Tue 21-Jun-16 09:49:50)

Standard User ukhardy07
(knowledge is power) Tue 21-Jun-16 09:42:32
Print Post

Re: Have I been Hacked?


[re: caley] [link to this post]
 
Just format the laptop. What make and model is it, often they have the option to set it to factory settings built right in, and it often takes around only 30 minutes!

What router do you have, chances are it will have WPS, most home routers do. Using WPS and not using WPA2 is basically making you open, even with a long password as you mentioned.

WPS is basically the push button setup, you press a button on the router, then press a button on say a Sky TV box, and boom your Sky TV box is now on the WiFi without typing a password. Whilst it makes setup of things like Sky boxes, Smart TVs etc easy, it is very weak security.

There are even 15 minute tutorials on youtube of how to break into a network using WPS.
Standard User 10forcash
(learned) Tue 21-Jun-16 18:22:54
Print Post

Re: Have I been Hacked?


[re: ukhardy07] [link to this post]
 
Sorry but 'scattergun' tactics won't work. Many modern spyware and malware installations (if indeed that is the source of the issues) will survive a 'wipe and reinstall'. You really do need to determine the source of the problem before deciding on the best course of action. If you have been 'socially engineered', then no amount of reinstalling with the same files, programmes and username / password combinations will resolve anything. Try and logically secure, clean and verify each device, one at a time - ideally offline, keeping it offline until you can be sure that your network is no longer compromised. Remember, the only way to measure the effect of something is to change only one variable at a time, doing half a job and then going back online 'just to see' will resolve nothing and only put you back to the beginning.
Standard User Pipexer
(eat-sleep-adslguide) Tue 21-Jun-16 19:12:11
Print Post

Re: Have I been Hacked?


[re: 10forcash] [link to this post]
 
No, no modern spyware and malware installation will survive a reformat.

Reformatting and reinstalling Windows is the best course of action, and the only way to ensure whatever it is (which seems dodgy either way) is removed. Peace of mind then and no uncertainity.

ZeN Fibre Unlimited 2
Standard User 10forcash
(learned) Tue 21-Jun-16 21:27:44
Print Post

Re: Have I been Hacked?


[re: Pipexer] [link to this post]
 
In reply to a post by Pipexer:
No, no modern spyware and malware installation will survive a reformat.
Really? I suggest you might want to actually verify that opinion...
Try researching MBR malware, drive firmware virii, BIOS malware, of course good old rootkits (thanks Sony!) oh, and the hackers friend, USB drives - some of which can emulate keyboards and run scripts directly. At the leading edge of industrial espionage, it has been shown that it's possible for malware to infect air-gapped systems by using magnetic resonation, very difficult to do, and very specifically targetted but possible all the same, especially if the costs and resources are state sponsored. By way of an example, I've personally seen data recovered from a hard drive that's been subjected to a 'government wipe'. Yes, it took a while, was expensive to do but is the reason why HMG and it's disposal contractors no longer recycle HDD's. Banks never have.
So if you suspect of confirm malware is resident on your system, take the opportunity to upgrade your hard drive, just find out where it came from first so you don't make the same mistake again.
Standard User Pipexer
(eat-sleep-adslguide) Tue 21-Jun-16 21:34:13
Print Post

Re: Have I been Hacked?


[re: 10forcash] [link to this post]
 
In reply to a post by 10forcash:
In reply to a post by Pipexer:
No, no modern spyware and malware installation will survive a reformat.
Really? I suggest you might want to actually verify that opinion...
Try researching MBR malware, drive firmware virii, BIOS malware, of course good old rootkits (thanks Sony!) oh, and the hackers friend, USB drives - some of which can emulate keyboards and run scripts directly. At the leading edge of industrial espionage, it has been shown that it's possible for malware to infect air-gapped systems by using magnetic resonation, very difficult to do, and very specifically targetted but possible all the same, especially if the costs and resources are state sponsored. By way of an example, I've personally seen data recovered from a hard drive that's been subjected to a 'government wipe'. Yes, it took a while, was expensive to do but is the reason why HMG and it's disposal contractors no longer recycle HDD's. Banks never have.
So if you suspect of confirm malware is resident on your system, take the opportunity to upgrade your hard drive, just find out where it came from first so you don't make the same mistake again.

None of those things are going to be affecting joe moron's computer. The things you listed are so far out that it is not even comprehensible that they will affect the OPs machine. Air-gapped systems using magnetic resonation, or someone sneaked into his house to plug a USB drive in, I mean really?

The only thing you mentioned that would remotely possibly be on his computer is a rootkit - and will not survive a reformat and reinstall of the OS.

You really do need to be careful before posting such far-fetched suggestions (half of which are even beyond the levels of GCHQ and the NSA), it makes less savvy computer users paranoid unnecessarily.

ZeN Fibre Unlimited 2

Edited by Pipexer (Tue 21-Jun-16 21:40:14)

Standard User 10forcash
(learned) Tue 21-Jun-16 21:49:42
Print Post

Re: Have I been Hacked?


[re: Pipexer] [link to this post]
 
Clearly I wasn't suggesting that the cause of the issues detailed in the original message were due to industrial espionage, I was pointing out that it is no longer safe to assume that a 'wipe and reinstall' is the panacea to all 'computer problems'. Indeed, it has not been verified that the laptop in question is the source of the concern so it's at best a waste of time and at worst an expensive waste of time to 'wipe and reinstall' without confirming the source of the issue and also confirming that the reinstallation source is clean, along with any backup files to be restored. And as to how this relates to the average user, it's more pertinent than you think.
Edited to add a simple example
http://www.theregister.co.uk/2016/04/11/half_plug_in...
Oh, and those rootkits that can't survive a reformat? From way back in 2009...
http://www.theregister.co.uk/2009/03/24/persistent_b...

Edited by 10forcash (Tue 21-Jun-16 22:06:01)

Standard User flippery
(experienced) Wed 22-Jun-16 08:23:02
Print Post

Re: Have I been Hacked?


[re: Pipexer] [link to this post]
 
Does seem more like pranks than malicious. To try and rule out former.
1) Right click this computer/properties and un click Remote Access option, if present.
2) if you are not going to power down computer when not in use
a) Set computer power option to sleep after 10 minutes and require password to log back in.
3) Disable Ethernet in Network when not in use.
4) Check programs installed match what you expect.
Standard User eckiedoo
(experienced) Wed 22-Jun-16 10:42:39
Print Post

Re: Have I been Hacked?


[re: caley] [link to this post]
 
Caley

I don't know if it is involved, having no experience in that area; but I wonder if your Pet Remembrance site is being run on the same PC, thus giving very remote access to it?
Standard User AdrianPH
(member) Wed 22-Jun-16 10:46:38
Print Post

Re: Have I been Hacked?


[re: eckiedoo] [link to this post]
 
In reply to a post by eckiedoo:
Caley

I don't know if it is involved, having no experience in that area; but I wonder if your Pet Remembrance site is being run on the same PC, thus giving very remote access to it?


the site is on an Apache server in Germany run by Heart Internet.

Standard User eckiedoo
(experienced) Wed 22-Jun-16 11:01:35
Print Post

Re: Have I been Hacked?


[re: AdrianPH] [link to this post]
 
Thanks Adrian, for that quick answer.
Standard User broadband66
(fountain of knowledge) Wed 22-Jun-16 11:47:18
Print Post

Re: Have I been Hacked?


[re: 10forcash] [link to this post]
 
Seems like a lot of hassle to annoy someone.

Was Eclipse Home Option 1, VM 2Mb & O2 Standard
Now Utility Warehouse (up to 16mbps) via Talk Talk
Standard User thebomberman
(newbie) Wed 22-Jun-16 13:33:36
Print Post

Re: Have I been Hacked?


[re: broadband66] [link to this post]
 
It is. He's not been hacked, given that it's over a year now and nothing costly has happened. Unless some of you think it's a looooooooong con. I suspect all his problems will go away with a reformat and reinstall, and it's got nothing to do with malign external influence laugh
Standard User ggremlin
(experienced) Wed 22-Jun-16 20:20:22
Print Post

Re: Have I been Hacked?


[re: caffn8me] [link to this post]
 
also worth looking for a surreptitiously installed version of teamviewer. entirely legitimate software, but may be used maliciously.
Standard User 10forcash
(learned) Wed 22-Jun-16 20:23:39
Print Post

Re: Have I been Hacked?


[re: thebomberman] [link to this post]
 
Absolutely the wrong advice to give. it's partly due to 'truisms' like this that allows botnets to exist at all.
1. there is no evidence to suggest there is any malware involved.
2. there is no evidence to suggest the PC is the source of the problem.
3. there is no evidence to suggest malign or benign external influence is causing the reported behaviour.
4. There has been no mention of any methodical diagnosis of the problem.
If you actually read my advice and suggestions - and indeed the whole thread, rather than trotting out your well-worn 'fix' you'll note the following:-
There has been no determination of the cause of the symptoms, there has been no determination as to which device is causing the symptoms, there has been no documented effort to isolate the suspected device to determine if the symptoms are network or device induced.
Again, if you actually read my comments, you'll note that I suggest the issue COULD be due to a faulty or damaged trackpad or keyboard - amongst other causes. Until some effort is made to determine the cause, then any and all possibilities are equally valid - hell, for all I know, it could be an errant cat walking across the keyboard and moving the mouse... until some effort is made to rule out possible causes, it's just as possible as anything else.
So PLEASE, stop trotting out your own pet fixes, they do nothing to help without any evidence based diagnostics.
As to the comment from 'bomberman', if you care to educate yourself a bit, you'll find out that some of the best hacks have resided inside commercial and governmental systems for years without detection. Just because there is no visible 'cost' does not mean there is no intrusion.
Good advice from 'flippery' and 'ggremlin' in my opinion.

Edited by 10forcash (Wed 22-Jun-16 20:26:34)

Standard User thebomberman
(newbie) Thu 23-Jun-16 10:58:46
Print Post

Re: Have I been Hacked?


[re: 10forcash] [link to this post]
 
In reply to a post by 10forcash:
As to the comment from 'bomberman', if you care to educate yourself a bit, you'll find out that some of the best hacks have resided inside commercial and governmental systems for years without detection. Just because there is no visible 'cost' does not mean there is no intrusion.

Ok sure, somebody is spending a lot of time and effort to do absolutely nothing bar open a webpage every now and then on a non-commercial, non-governmental, super low value target. Of course they are. I know what's possible (believe me or not I'm doing security in an HO environment right now), and I know what's wildly unlikely and paranoiac. The OP can simply reformat and start again within hours with minimal disruption and then the answer will be pretty clear.
Do you tape over your webcam?
Standard User broadband66
(fountain of knowledge) Thu 23-Jun-16 13:36:24
Print Post

Re: Have I been Hacked?


[re: 10forcash] [link to this post]
 
The OP hasn't posted anything about trying to fix the issue so it can't be too much of a problem.

Scaremongering is of no use either!

Was Eclipse Home Option 1, VM 2Mb & O2 Standard
Now Utility Warehouse (up to 16mbps) via Talk Talk
Standard User 10forcash
(learned) Thu 23-Jun-16 18:41:49
Print Post

Re: Have I been Hacked?


[re: thebomberman] [link to this post]
 
In reply to a post by thebomberman:
. I know what's possible (believe me or not I'm doing security in an HO environment right now)

Let me guess, there's a green button that makes the barrier go up, and a red one that makes it go down - and absolutely nobody gets in without a pass....
In reply to a post by thebomberman:
Do you tape over your webcam?

The only device with a webcam and microphone has a hardware switch to disconnect them, so no, I don't need to tape over either.
Standard User caley
(member) Thu 23-Jun-16 21:27:26
Print Post

Re: Have I been Hacked?


[re: broadband66] [link to this post]
 
The reason I've not posted is I've been taking onboard all the information and advice given in this forum and tried a few of them but at around 1.30am my connection went down and I've spent sometime getting things together again. Connection was down for a while I think. I don't know if it was outside influence that pulled the plug but I got fed up with it all. I've had a long time of worry about this. Today I got my hard drive formatted by a friend who helped me get everything reinstalled etc. All my connections are ok now and everything seems calm but I'm not holding my breath.


Caley.

Lost a Pet?
Remember them forever at
Caley's Pet Remembrance Tributes
www.petremembrance.co.uk
Standard User longedge
(committed) Thu 23-Jun-16 22:27:09
Print Post

Re: Have I been Hacked?


[re: caley] [link to this post]
 
?? Just fwiw - I was reading this post and my pointer passed over the petremebrance link in your sig. It immediately provoked a 'Malicious Website Blocked' message from MalwareBytes. I *had not* clicked on it just moved my pointer across it so it must just be some sort of pre-emptive checking that is going on on my system.
Standard User AdrianPH
(member) Fri 24-Jun-16 04:53:07
Print Post

Re: Have I been Hacked?


[re: longedge] [link to this post]
 
You can discount what Malwarebytes site blocker tells you . That part of MBAM has always been useless.

Scan the site with VirusTotal and other professional tools, there is no issue, it is 100% clean.

Standard User longedge
(committed) Fri 24-Jun-16 06:54:13
Print Post

Re: Have I been Hacked?


[re: AdrianPH] [link to this post]
 
In reply to a post by AdrianPH:
You can discount what Malwarebytes site blocker tells you.


In the context of this thread it just seemed suspicious to me.
Standard User caley
(member) Fri 24-Jun-16 07:50:21
Print Post

Re: Have I been Hacked?


[re: longedge] [link to this post]
 
Don't understand why that happened and I can assure you that my Petremembrance site is not a malicious site. For the past couple of day's I've been in the process of moving sites to another webspace provider and Petremembrance has been setup and removed and setup again because of script problems. Still not got the database working correctly yet. Perhaps that had something to do with what Malwarebytes site blocker reported. Just to update since the update of windows on my computers, I've had no problems of a sinister nature at all (yet). Everything has behaved itself as it should. My laptop has been moved over to Linux, although I don't know a thing about Linux I'm prepared to learn, the other computer has had windows reinstalled too so hopefully everything will remain uneventful.

Caley.

Lost a Pet?
Remember them forever at
Caley's Pet Remembrance Tributes
www.petremembrance.co.uk
Standard User longedge
(committed) Fri 24-Jun-16 08:53:16
Print Post

Re: Have I been Hacked?


[re: caley] [link to this post]
 
In reply to a post by caley:
Don't understand why that happened and I can assure you that my Petremembrance site is not a malicious site.


No 3rd party adverts or links? I wasn't casting any aspersions just a query and as I said f.w.i.w. 8^)
Standard User ukhardy07
(knowledge is power) Fri 24-Jun-16 09:59:50
Print Post

Re: Have I been Hacked?


[re: caley] [link to this post]
 
Please for goodness sake tell me you have disabled WPS... I highly highly doubt your pc was hacked, and somebody then decided it was a good idea to login to your router and break your internet access. That makes NO sense, since they would be disabling their own malware from being remotely accessible.

This is more likely somebody hacking the wifi over WPS, and changing your details to be a troll.
Standard User caley
(member) Fri 24-Jun-16 20:32:46
Print Post

Re: Have I been Hacked?


[re: ukhardy07] [link to this post]
 
I've no idea what WPS is but the friend that formatted the hard drive and reinstalled windows for me checked all the connection setup, antivirus and the like said everything was safe so I presume he must have checked WPS and made it safe too. Whatever the problem was somebody was up to no good with my net connection I'm sure of that.


Caley.

Lost a Pet?
Remember them forever at
Caley's Pet Remembrance Tributes
www.petremembrance.co.uk
Standard User micksharpe
(legend) Fri 24-Jun-16 21:58:10
Print Post

Re: Have I been Hacked?


[re: caley] [link to this post]
 
WPS (Wi-Fi Protected Setup) is a facility provided by modern wireless routers to make is easy to connect wireless devices such as printers. Unfortunately, WPS is not very secure and it can be subverted in order to gain access to routers that are in theory protected by strong encryption.

From what you have already told us, it appears that your wireless router has been hacked by someone who has either guessed the password or has defeated a weak encryption protocol such as WEP, or maybe even WPS. You should certainly be using WPA2-PSK (AES) encryption as ukhardy07 has advised and it would probably also be a good idea to disable WPS if your router supports it. Of course, you could just do nothing and wait to be hacked again.

Edited by micksharpe (Fri 24-Jun-16 23:00:51)

Standard User AdrianPH
(member) Sat 25-Jun-16 04:46:07
Print Post

Re: Have I been Hacked?


[re: caley] [link to this post]
 
In reply to a post by caley:
I've no idea what WPS is but the friend that formatted the hard drive and reinstalled windows for me checked all the connection setup, antivirus and the like said everything was safe so I presume he must have checked WPS and made it safe too. Whatever the problem was somebody was up to no good with my net connection I'm sure of that.


Caley.


WPS was explained to you at least twice in this thread. I posted the link to the user manual for you router and even gave you the page numbers for the WPS and WiFi security settings .

Standard User caley
(member) Sat 25-Jun-16 07:55:34
Print Post

Re: Have I been Hacked?


[re: micksharpe] [link to this post]
 
Thank you for the explanation and after asking for help from a friend it seems that the WPS is switched off if it was ever switched on and encyption is set to advised settings. I'm not technically minded so these things go over my head but I have many friends who help and the advice here is excellent, that's why I come back when I have a problem. Most forum members take the time to help a dumbo like me. I'm unsure of why and how all these intrusions occured but I hope that's an end to them.

Caley.

Lost a Pet?
Remember them forever at
Caley's Pet Remembrance Tributes
www.petremembrance.co.uk
Standard User Davis11
(newbie) Thu 22-Sep-16 08:23:02
Print Post

Re: Have I been Hacked? *DELETED*


[re: caley] [link to this post]
 
Post deleted by MrSaffron
Administrator MrSaffron
(staff) Thu 22-Sep-16 11:11:25
Print Post

Re: Have I been Hacked? *DELETED*


[re: Davis11] [link to this post]
 
Spammy blog promotion post deleted

The author of the above post is a thinkbroadband staff member. It may not constitute an official statement on behalf of thinkbroadband.
Pages in this thread: 1 | 2 | 3 | 4 | 5 | (show all)   Print Thread

Jump to