Just got hacked need advice

[xendrome]

Well it "I" requested a password reset for most of my accounts which then the password was changed to something else.

I have not logged on to any public network.

So they got into one e-mail account then used that account to reset pass/e-mails on other items connected to it, so really only (1) item was broken into technically. The others fell because of the loss of the first. Your password was probably weak, or you used a public computer and someone logged your password or you forgot to log off?

[+Warwagon MVC]

First off how could you tell you were "hacked"?

As far as how you can prevent this from happening again.

Do your windows updates

Update your 3rd party applications ( I use patchmypc http://www.patchmypc.net)

Update or remove java if you don't need it

don't click on links in emails

don't use dictionary passwords.

Use a password manager which generates random garbage as your password and then remembers it for you

Turn on two-factor authentication if your email account supports it

Lie on your security questions. Most websites only give you a handfull of questions to choose from without giving you the options to create your own. These default questions are also very easy to look up on line if they know who you are. So the best advice would be to use a password manager like roboform (the one I use) or lastpass. Add the security questions and the answers you used to that card. Personally for the answers I just let the password manager generate some gibberish and I use that.

Don't use yahoo mail.

If you let firefox remember your passwords, create a password for firefox otherwise it will display your passwords in plain text.

Use Antivirus software

One thing that goes even further would be to use sandboxing software like sandboxie to sandbox your internet activity. (I sand box ALL of my web browsing activity)Then generally won't prevent a password from being stolen but it will prevent malware from getting permanently installed on your machine. Unless of course you let it out of the sandbox and run it.

[DrakeN2k]

I found the Ip address of the person who tried to brake into one of the games i play, I wonder what you can do with it?, apart from block him.

[MidnightDevil]

No one gets 'hacked' nowadays, it's not possible. Phished, malwared, social engineered, yes.

Enable 2-factor authentication after you've reset everything, check your logs (gmail), sent items, trash etc.

No one gets hacked nowadays? Are you serious? Have you got any idea of what you're talking about? lol

A 2 step auth for gmail is recommended yes, also complex passwords with letters, uppercase and downcase, characters and numbers, something like ne0w1n.N3! should do the trick.

A format is usually recommended, but not sure how helpful it is in extreme cases of rootkit infections. Maybe deleting the partition and creating a new one in order to overwrite MBR and such.

Also make sure your computer is relatively protected in terms of updated AV and firewall. Check the firewall rules and logs for access and eventviewer to see if there's any logged security audit.

You can also check msconfig and check which processes are loading on boot, make sure what's enable you know what it is.

I found the Ip address of the person who tried to brake into one of the games i play, I wonder what you can do with it?, apart from block him.

If you have logs (like firewall logs) with that information you can submit to a [email protected] (or any address which concerns to security of the network you're in).

[leesmithg]

I woke up this morning to discover my Uni email , and two other personal emails were hacked what I have lost I cant tell. each email had different passwords. I have reset all three and changed passwords to brand new ones. Other passwords to games have be also hacked and im going though them , Can you give any advice about how this could have happened, and the best way about not letting it happen again?

Well you never got hacked, you got ''cracked''.

You probably have a Trojan horse recording all your key strokes.

I suggest getting an application like or the same as I use.

Keyscrambler at http://www.qfxsoftwa...eyscrambler.htm

I purchased the premium version, they also offer pro and for free, yes a free version.

I also suggest a full system scan with your anti virus and maybe investing in zemana anti logger.

Use the trial then wait for them to release a free key, they seem to release free keys minimum of 10 times a year, in 4 years I have never paid for it.

They also offer a free version now: http://www.zemana.com/support/antilogger-free/

[Kami-]

lulz.

[dancedar]

No one gets hacked nowadays? Are you serious? Have you got any idea of what you're talking about? lol

Yep. Cracked, reverse engineered, whatever, yes. Someone found a vulnerability in the email account/server of the OP and used an exploit to gain access? No.

I really wish people would stop referring to 'being hacked' as someone just resetting their password or guessing their security questions for email/phones. Website/server exploit: hack. Guessing your first pet's name? Not hack. Unless you're a gov agency it's unlikely you're a target of anything more than phishing/spyware and/or someone you know wanting access. I see this on FB all the time; really, someone cracked some fbphp code and gained access to your account? Or have you installed some crud and/or people have googled your info and got in? /rant

[leesmithg]

Yep. Cracked, reverse engineered, whatever, yes. Someone found a vulnerability in the email account/server of the OP and used an exploit to gain access? No.

I really wish people would stop referring to 'being hacked' as someone just resetting their password or guessing their security questions for email/phones. Website/server exploit: hack. Guessing your first pet's name? Not hack. Unless you're a gov agency it's unlikely you're a target of anything more than phishing/spyware and/or someone you know wanting access. I see this on FB all the time; really, someone cracked some fbphp code and gained access to your account? Or have you installed some crud and/or people have googled your info and got in? /rant

Reverse engineering isn't hacking nor cracking.

[MidnightDevil]

Yep. Cracked, reverse engineered, whatever, yes. Someone found a vulnerability in the email account/server of the OP and used an exploit to gain access? No.

I really wish people would stop referring to 'being hacked' as someone just resetting their password or guessing their security questions for email/phones. Website/server exploit: hack. Guessing your first pet's name? Not hack. Unless you're a gov agency it's unlikely you're a target of anything more than phishing/spyware and/or someone you know wanting access. I see this on FB all the time; really, someone cracked some fbphp code and gained access to your account? Or have you installed some crud and/or people have googled your info and got in? /rant

I get that and I understand (and agree), I was just referring to the "doesn't happen nowadays". I'm a security auditor and part of my job is exactly that. So hacking does happen a lot, so does cracking and everything else related. Security is more tight nowadays generally speaking (at least most companies have a notion about their security, or lack of), but it does happen and a lot more frequently then the past.

[majortom1981]

I woke up this morning to discover my Uni email , and two other personal emails were hacked what I have lost I cant tell. each email had different passwords. I have reset all three and changed passwords to brand new ones. Other passwords to games have be also hacked and im going though them , Can you give any advice about how this could have happened, and the best way about not letting it happen again?

I was hacked also. I think it might have been due to the ddos from yesterday. I had no Trojans or virus on any of my pc's . I used 3 different virus scans . they all found nothing. I also got a mail from google stating somebody was trying to use software in Vietnam to get into my email.

[ShareShiz]

Can you give any advice about how this could have happened, and the best way about not letting it happen again?

keylogged or pished if your password was easy and the same all the time.

dont visit un-reliable places on the net. use a password encrypting program. and if you use the same password everywhere, change it every week or 2.

[Kami-]

I was hacked also. I think it might have been due to the ddos from yesterday. I had no Trojans or virus on any of my pc's . I used 3 different virus scans . they all found nothing. I also got a mail from google stating somebody was trying to use software in Vietnam to get into my email.

I don't think you fully understand what a DDoS is and how it affects (or in this case doesn't) you.

The more likely explanation is either:

1) The email is a fake / phishing attempt to get you to 'verify' your information in a fake webpage.

2) A legit email, because someone in Vietnam is trying to access your account and failing miserably.

[majortom1981]

I don't think you fully understand what a DDoS is and how it affects (or in this case doesn't) you.

The more likely explanation is either:

1) The email is a fake / phishing attempt to get you to 'verify' your information in a fake webpage.

2) A legit email, because someone in Vietnam is trying to access your account and failing miserably.

I know what a ddos is . Doesn't mean they couldn't have used it as a cover for something else.

I know what a ddos is. D

[majortom1981]

Also the ddos was against a security firm that was helping to fight spam. I do not think it was just a coincidence.

[fusi0n]

Actually.. according to the law.. gaining unauthorized access to a computer is considered hacking..

Even if you hear your mom tell your dad her password and you use it.. you are considered a hacker..

Are you a considered a hacker among computer guys? no

[leesmithg]

Actually.. according to the law.. gaining unauthorized access to a computer is considered hacking..

Even if you hear your mom tell your dad her password and you use it.. you are considered a hacker..

Are you a considered a hacker among computer guys? no

Is this laws created by morons that don't know what they're talking about?

Why do you ask the lobby a question then answer it yourself, with respect to

''Are you a considered a hacker among computer guys? no''

[fusi0n]

Is this laws created by morons that don't know what they're talking about?

Why do you ask the lobby a question then answer it yourself, with respect to

''Are you a considered a hacker among computer guys? no''

if you tell your tech savvy friends that you hacked someone and stole their data and when you explain you just over heard someone giving their password to someone they are going to laugh at you. Yes, most tech laws are made by morons they have no idea what they are talking about.. look at the bill for SOPA..someone in the US is trying to put an email tax..

Did that satisfy you sir?

[NightScreams]

Passwords mean nothing when the servers get hacked and the passwords stolen. Happened to me before. That's why all the Steam users and PSN users had to change their stuff a while back, unfortunately a lot of companies act like nothing happened.

I used to use Linux and had 16 alpha num passwords and yet within 4 months all 3 of my Gmail accounts were used to send out spam more than 3 accasions despite changing pass, yet Google denied and made it a pain for me, so i ditched them.

[Roger H. Veteran]

I don't even waste time anymore. As soon as I suspect anything fishy,

NUCLEAR BOMB IT!!

Drastic I know but i'll never EVER trust a machine that was once compromised no matter how much "cleaning" I did.

So yeah, nuke and then change passwords right away.

[no947a]

Check your log file.

(Windows 7)

Start button>type eventvwr, or event viewer>Click on "event viewer" that pulls up>In the left pane, click on windows logs for a drop down menu.

In "system", I looked for a gap in the recorded date sequence. It seems that many hackers go into this log and delete any record of their activities. There was a huge gap in mine, THAT ENDED ON THE DATE THAT I REC'D A SMART-A**ED CALL FROM THE CREEP! After he hung up, I realized that he'd gotten my cell # from an online job app I'd been filling out at the time. I looked up his own # on my cell phone call log, then tried to look his # up on spokeo.com. No luck. The spokeo CSR said that he had probably created a ph' # using skype to protect his location.

And yes...do stay away from those, "dodgy" sites....

[no947a]

BTW, SHoTTa35, I share your "Just Nuke It" sentiment. That greatly minimizes your worries (except from wondering what he might do w/ the stolen info).

If you can direct me to some in-depth info on how best to do this, I'd greatly appreciate it.

+ how to clean, store, and restore any must-keep files.

BTW, SHoTTa35, I share your "Just Nuke It" sentiment. That greatly minimizes your worries (except from wondering what he might do w/ the stolen info).

If you can direct me to some in-depth info on how best to do this, I'd greatly appreciate it.

+ how to clean, store, and restore any must-keep files.