Did I get hacked?


Recommended Posts

Got home to my computer and a couple of web pages were open. Someone ordered stuff on different credit cards and shipped to Florida. Left pages open and logged out....

Definitely sounds like a hack no? Pretty concerned about my security right now.

Worst case, I was hacked and everything is compromised.

Best case, that was just some virus/spyware that pulled up those pages with no other threat.

I am working on cleaning everything (nothing suspicious)

Only odd behavior is my browsers don't work but I can ping stuff and access updates for anti malware

Link to comment
Share on other sites

Have you called your bank and cancelled your card? That should be your first priority!

 

Yeah, I would spend less time snooping on the computer and more time with your bank ATM. You can sort the who-did-what later.

Link to comment
Share on other sites

Have you checked your online bank/credit card accounts from a different computer to confirm the charges? I would change passwords and be prepared to deal with banks/credit card companies, just in case. 

Link to comment
Share on other sites

Have you checked your online bank/credit card accounts from a different computer to confirm the charges? I would change passwords and be prepared to deal with banks/credit card companies, just in case. 

 

Computer? I'd call. Most times they can see things before they post, which could take days. Calling is the best way to cancel or put the cards on hold and also report fraud use.

 

Different credit cards, were they all yours? It almost sounds like your computter was VNC'd into and used as a hotspot to commit fraud, probably using stolen cards at that, tracing back to your place. I'd call your ISP maybe too after you got any compromised accounts secured. Also check your windows and doors... If VNC didn't happen.

Link to comment
Share on other sites

You usually have a window in which to report such things to your bank/cc company.  As such, stop dicking about with your computer.  Damn geeks failing to see the wood from the trees ;)

 

I'd be the same

Link to comment
Share on other sites

my cards were not used for the purchases.... they used 2 different cards for 2 different websites and sent things to 2 different addresses in FL under two different people's names.. 

 

is there any way to see a log of VNC type activity? was a particular port used? would my ISP or router log something that would help? 

Link to comment
Share on other sites

my cards were not used for the purchases.... they used 2 different cards for 2 different websites and sent things to 2 different addresses in FL under two different people's names.. 

 

is there any way to see a log of VNC type activity? was a particular port used? would my ISP or router log something that would help? 

 

curious if you don't mind answering... what security suite do you use?

Link to comment
Share on other sites

windows security essential along with superantispyware. I am behind an Asus router and windows firewall is also on. 

 

RDP is off but I use teamviewer 

 

does anyone have master remote "control" privileges with your team-viewer account?

Link to comment
Share on other sites

Sounds like psychical access to the machine, if you ask me.

 

Somebody smart enough to totally own your box remotely, wouldn't be so messy/careless. (imo)

 

Some headlocks and noogies are in order, if not a call to the police.

Link to comment
Share on other sites

I know this answer is going to be a bit low tech but what if someone broke in just to use your computer to order stuff?

Damn, now this got me wondering too.

Link to comment
Share on other sites

RDP is off but I use teamviewer

Well why don't you look in the log then and see if any connections were made - unless you turned off logging the info is there.

post-14624-0-55343100-1407594571.png

  • Like 2
Link to comment
Share on other sites

Well why don't you look in the log then and see if any connections were made - unless you turned off logging the info is there.

 

reassuring, thanks. I recognized all the IDs so unless things were deleted, thsi wasn't the point of attack. 

Sounds like psychical access to the machine, if you ask me.

 

Somebody smart enough to totally own your box remotely, wouldn't be so messy/careless. (imo)

 

Some headlocks and noogies are in order, if not a call to the police.

no physical access. there is no way someone would ignore all the tech sitting around and just use this one computer to make purchases that all went to florida... also my building has a concierge and my door is always locked. 

 

think I interrupted them? that's why ###### was just left open? 

Link to comment
Share on other sites

Was the PC left on when you went out? If not, was it powered off via the mains?

We know your router is ASUS, what model is it and which firmware is it running? If you browse to http://192.168.1.1/ login and go to the help or about menu, it should tell you the router model and firmware it's running

Oh god. That's not reassuring.

Having said that I would also recommend you do a scan with shieldsup https://www.grc.com/x/ne.dll?bh0bkyd2 and look for any open ports in your router.

Can you do this and post back the results?

Link to comment
Share on other sites

reassuring, thanks. I recognized all the IDs so unless things were deleted, thsi wasn't the point of attack. 

no physical access. there is no way someone would ignore all the tech sitting around and just use this one computer to make purchases that all went to florida... also my building has a concierge and my door is always locked. 

 

think I interrupted them? that's why ###### was just left open? 

Obviously I have no idea about your living arrangements, but I was thinking far more along the lines of it being somebody you know.

 

Family member, partner, friend etc.

Link to comment
Share on other sites

Moved to Internet, Network & Security

Link to comment
Share on other sites

TBH I think your PC is infected by a fraud botnet. Try to scan using herdProtect.

Link to comment
Share on other sites

reassuring, thanks. I recognized all the IDs so unless things were deleted, thsi wasn't the point of attack. 

no physical access. there is no way someone would ignore all the tech sitting around and just use this one computer to make purchases that all went to florida... also my building has a concierge and my door is always locked. 

 

think I interrupted them? that's why ###### was just left open? 

 

There was no transaction time-stamps?

Link to comment
Share on other sites

  • 3 weeks later...

my cards were not used for the purchases.... they used 2 different cards for 2 different websites and sent things to 2 different addresses in FL under two different people's names.. 

Must have been a pimp. :huh:

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.