Page 2 of 3 FirstFirst 123 LastLast
Results 17 to 32 of 35

Thread: Ebay/Hotmail hacking

  1. #17
    Va Va Voom Lowe's Avatar
    Join Date
    Jul 2003
    Location
    Newcastle Under Lyme
    Posts
    6,748
    Thanks
    323
    Thanked
    359 times in 267 posts
    • Lowe's system
      • Motherboard:
      • Gigabyte Z97MX Gaming 5
      • CPU:
      • Intel i5 4690K
      • Memory:
      • 16GB Crucial Ballistix Tactical
      • Storage:
      • Crucial M550 256GB and 1TB spindle drive
      • Graphics card(s):
      • Palit Geforce GTX1080 Jetstream
      • PSU:
      • EVGA 600w
      • Case:
      • Coolermaster Silencio 352 m-ATX
      • Operating System:
      • Win 7/Mac OSX
      • Monitor(s):
      • 27" 1080p AOC, Oculus Rift CV1
      • Internet:
      • 200mb Virgin VIVID

    Re: Ebay/Hotmail hacking

    Right TDSS didn't find anything so that's one down. Got rid of MSE and have now installed Comodo, cor 'eck lots of options that mean nothing to me lol!

    Still, it's running a scan and now has picked up 1 threat so far: Heur.Packed.Unknown@-1

    Dunno if that's real or a false positive but we'll see. SuperAntispyware and Malwarebytes are running too, nothing so far.

  2. #18
    Get in the van. Fraz's Avatar
    Join Date
    Aug 2007
    Location
    Bristol
    Posts
    2,919
    Thanks
    284
    Thanked
    397 times in 231 posts
    • Fraz's system
      • Motherboard:
      • Gigabyte X58A-UD5
      • CPU:
      • Watercooled i7-980X @ 4.2 GHz
      • Memory:
      • 24GB Crucial DDR3-1333
      • Storage:
      • 240 GB Vertex2E + 2 TB of Disk
      • Graphics card(s):
      • Water-cooled Sapphire 7970 @ 1175/1625
      • PSU:
      • Enermax Modu87+
      • Case:
      • Corsair 700D
      • Operating System:
      • Linux Mint 12 / Windows 7
      • Monitor(s):
      • Dell 30" 3008WFP and two Dell 24" 2412M
      • Internet:
      • Virgin Media 60 Mbps

    Re: Ebay/Hotmail hacking

    "Nuke the entire site from orbit. It's the only way to be sure."

    -- Ripley (Aliens)

  3. Received thanks from:

    ik9000 (13-04-2011)

  4. #19
    Va Va Voom Lowe's Avatar
    Join Date
    Jul 2003
    Location
    Newcastle Under Lyme
    Posts
    6,748
    Thanks
    323
    Thanked
    359 times in 267 posts
    • Lowe's system
      • Motherboard:
      • Gigabyte Z97MX Gaming 5
      • CPU:
      • Intel i5 4690K
      • Memory:
      • 16GB Crucial Ballistix Tactical
      • Storage:
      • Crucial M550 256GB and 1TB spindle drive
      • Graphics card(s):
      • Palit Geforce GTX1080 Jetstream
      • PSU:
      • EVGA 600w
      • Case:
      • Coolermaster Silencio 352 m-ATX
      • Operating System:
      • Win 7/Mac OSX
      • Monitor(s):
      • 27" 1080p AOC, Oculus Rift CV1
      • Internet:
      • 200mb Virgin VIVID

    Re: Ebay/Hotmail hacking

    Right - I've nuked it into quarantine for now, submitted it for analysis too. I'm not convinced it's dodgy but we'll see.

    Superspyware has found some tracking cookies and is still scanning but I didn't think those would be of a keylogging variety.

    So... I'm more and more convinced that it's not the computer after all. This is bloody weird. :S Still, going through Malwarebytes now to see if that picks anything up. I'm wondering if they've somehow got into Hotmail by guessing or brute forcing, then have simply been using the 'forgot password' gubbins on the other sites to get into those. Argh!

  5. #20
    The late but legendary peterb - Onward and Upward peterb's Avatar
    Join Date
    Aug 2005
    Location
    Looking down & checking on swearing
    Posts
    19,378
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts

    Re: Ebay/Hotmail hacking

    Quote Originally Posted by b0redom View Post
    In the mean time, might be worth running your business from a Linux BootCD / HDD. At least you can then be sure you've isolated the OS as a potential attack vector and for most eBay type stuff which is run from a browser anyway, you'll probably not notice the difference.
    Definately good advice. Some distros (knoppix certainly) allow you to run your home directory (and also key environment settings) from an (optionally) encrypted usb stick, so you have the benefit of a persistent environment without a vulnerable hard drive.
    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

  6. #21
    Va Va Voom Lowe's Avatar
    Join Date
    Jul 2003
    Location
    Newcastle Under Lyme
    Posts
    6,748
    Thanks
    323
    Thanked
    359 times in 267 posts
    • Lowe's system
      • Motherboard:
      • Gigabyte Z97MX Gaming 5
      • CPU:
      • Intel i5 4690K
      • Memory:
      • 16GB Crucial Ballistix Tactical
      • Storage:
      • Crucial M550 256GB and 1TB spindle drive
      • Graphics card(s):
      • Palit Geforce GTX1080 Jetstream
      • PSU:
      • EVGA 600w
      • Case:
      • Coolermaster Silencio 352 m-ATX
      • Operating System:
      • Win 7/Mac OSX
      • Monitor(s):
      • 27" 1080p AOC, Oculus Rift CV1
      • Internet:
      • 200mb Virgin VIVID

    Re: Ebay/Hotmail hacking

    Quote Originally Posted by peterb View Post
    Definately good advice. Some distros (knoppix certainly) allow you to run your home directory (and also key environment settings) from an (optionally) encrypted usb stick, so you have the benefit of a persistent environment without a vulnerable hard drive.
    http://forums.hexus.net/help-technic...ml#post2067394

  7. #22
    The late but legendary peterb - Onward and Upward peterb's Avatar
    Join Date
    Aug 2005
    Location
    Looking down & checking on swearing
    Posts
    19,378
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts

    Re: Ebay/Hotmail hacking

    Appreciate that, but it was just as a clean machine to reset all the passwords should your win7 machine prove to be compromised.

    I guess you are using the SmartStamp application. Don't know if that would run under WINE.
    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

  8. #23
    Senior Member
    Join Date
    Feb 2008
    Posts
    925
    Thanks
    4
    Thanked
    161 times in 148 posts
    • smargh's system
      • Motherboard:
      • Gigabyte GA-EP45-UD3P
      • CPU:
      • Xeon E5450 with 775-to-771 Mod
      • Memory:
      • 16GB Crucial
      • Storage:
      • Intel X25-M G2 80GB/Adaptec 3405 4x 2TB Ultrastar RAID1 / 1x 6TB Hitachi He6 / Dying 2TB Samsung
      • Graphics card(s):
      • GTX 750 Ti
      • PSU:
      • Seasonic X-560
      • Case:
      • Lian-Li PC-A71
      • Operating System:
      • Windows 7 Ultimate 64bit
      • Monitor(s):
      • BenQ G2400WD
      • Internet:
      • Really Crap ADSL2 <3Mbit

    Re: Ebay/Hotmail hacking

    You can't really trust AV apps to find the latest malware.

    Use tcpview to identify suspicious connections - try logging on to Ebay with dummy credentials and see if any info is submitted to to unusual IPs. I also use smsniff by Nirsoft as a simple sniffer for this purpose.

    I once had to deal with the PC of a 'friend of the family' infected with..... well, everything. Out of pure curiosity, and expecting to never fully clean it, I tried cleaning it anyway. When I finished, every AV and anti-malware app I tried was finding nothing, but I knew something was still on the PC because every form I submited in Firefox (not IE) was having the corresponding information sent to a Leaseweb server in the Netherlands. I think it turned out to be a malicious Firefox plugin or extension.

    So, basically monitor & sniff the traffic yourself, and from there look in to what processes, services or add-ons might be causing that traffic.

    Also maybe check for hardware keyloggers?

    In the past few months there have also been some MBR-based malware. GMER and Rootalyzer are useful for these sorts of things.

    edit: Also, PayPal and Ebay offer a Security Key. However, they can be bypassed by an army of cheap labour in Asia and an instant keylogger

  9. #24
    Va Va Voom Lowe's Avatar
    Join Date
    Jul 2003
    Location
    Newcastle Under Lyme
    Posts
    6,748
    Thanks
    323
    Thanked
    359 times in 267 posts
    • Lowe's system
      • Motherboard:
      • Gigabyte Z97MX Gaming 5
      • CPU:
      • Intel i5 4690K
      • Memory:
      • 16GB Crucial Ballistix Tactical
      • Storage:
      • Crucial M550 256GB and 1TB spindle drive
      • Graphics card(s):
      • Palit Geforce GTX1080 Jetstream
      • PSU:
      • EVGA 600w
      • Case:
      • Coolermaster Silencio 352 m-ATX
      • Operating System:
      • Win 7/Mac OSX
      • Monitor(s):
      • 27" 1080p AOC, Oculus Rift CV1
      • Internet:
      • 200mb Virgin VIVID

    Re: Ebay/Hotmail hacking

    Quote Originally Posted by peterb View Post
    Appreciate that, but it was just as a clean machine to reset all the passwords should your win7 machine prove to be compromised.

    I guess you are using the SmartStamp application. Don't know if that would run under WINE.
    Ah right - I brought my Mac home and got the wife to reset everything on that at the in laws house so hopefully that's sorted for now. We're trying to get in contact with eBay to freeze the account as well for the next few weeks, but their phone number isn't working. :/

    Yes she uses Smartstamp. I'm considering ditching the PC altogether and getting a Mac Mini for her, then chuck Parallels or similar on it just for Smartstamp. Might be a whole lot easier!

  10. #25
    Dark side super agent
    Join Date
    Dec 2003
    Location
    Nirvana
    Posts
    1,895
    Thanks
    72
    Thanked
    99 times in 89 posts

    Re: Ebay/Hotmail hacking

    Quote Originally Posted by Lowe View Post
    I'm considering ditching the PC altogether and getting a Mac Mini for her, then chuck Parallels or similar on it just for Smartstamp. Might be a whole lot easier!
    I can't advise you with regards to your problem but I'm in a similar situation where I rely on a Windows only program for my business. I run it through Parallels on my Mac with no issues whatsoever and would recommend it as an option to others.
    An Atlantean Triumvirate, Ghosts of the Past, The Centre Cannot Hold
    The Pillars of Britain, Foundations of the Reich, Cracks in the Pillars.

    My books are available here for Amazon Kindle. Feedback always welcome!

  11. #26
    OilSheikh
    Guest

    Re: Ebay/Hotmail hacking

    What I suggest

    Backup your important files and run a Avast Antivirus or NOD32 scan on them.
    Next, full format your hard drive and reinstall Windows and all apps.

    A bit of a overkill, but much quicker than battling with spyware/malware. Once a machine is infested with spyware, it's a constant battle!

  12. #27
    Get in the van. Fraz's Avatar
    Join Date
    Aug 2007
    Location
    Bristol
    Posts
    2,919
    Thanks
    284
    Thanked
    397 times in 231 posts
    • Fraz's system
      • Motherboard:
      • Gigabyte X58A-UD5
      • CPU:
      • Watercooled i7-980X @ 4.2 GHz
      • Memory:
      • 24GB Crucial DDR3-1333
      • Storage:
      • 240 GB Vertex2E + 2 TB of Disk
      • Graphics card(s):
      • Water-cooled Sapphire 7970 @ 1175/1625
      • PSU:
      • Enermax Modu87+
      • Case:
      • Corsair 700D
      • Operating System:
      • Linux Mint 12 / Windows 7
      • Monitor(s):
      • Dell 30" 3008WFP and two Dell 24" 2412M
      • Internet:
      • Virgin Media 60 Mbps

    Re: Ebay/Hotmail hacking

    Yes indeed - I'm surprised you're battling this with AV. Only way to be sure is to do a complete reinstall. Well worth the peace of mind, even if it is a tedious task.

  13. #28
    aka .:iGi:. Calcutter DannyM's Avatar
    Join Date
    Feb 2007
    Location
    Location Location!
    Posts
    915
    Thanks
    111
    Thanked
    125 times in 97 posts
    • DannyM's system
      • Motherboard:
      • Gigabyte Z68MA-D2H-B3
      • CPU:
      • Intel Core i5-2400
      • Memory:
      • 8GB Corsair Vengeance DDR3 - PC-12800
      • Storage:
      • 120GB A-Data SSD
      • Graphics card(s):
      • 1GB Nvidia ASUS 560Ti DirectuII
      • PSU:
      • Corsair 620W HX Modular PSU
      • Case:
      • Fractal Design Define Mini
      • Operating System:
      • Windows 7 Pro 64bit
      • Monitor(s):
      • 23" Dell UltraSharp U2311H
      • Internet:
      • 50Mb Virgin Media Cable Broadband

    Re: Ebay/Hotmail hacking

    Lowe - if you have something you have to ask where it has come from, in my experience of repairing computers, such malicious software doesn't appear out of thin air.

    I definitely recommend a run of hijack this, get your mac out and google any unfamiliar processes.

    Do you keep your OS/Browser/Flash/Java up to date? For the sakes of saving time and hassle, I'd do a safe mode boot, back up any files you need to an empty drive, maybe scan the drive if you have the resources to do so, but don't do it on the same computer. Then fresh install Windows.

    If it's possible, maybe you should consider running weekly backups of Windows as I do, just in case anything does ever happen again.

    Also, with regards to password (I'm sure your clued up already): http://www.businessweek.com/magazine...4036460585.htm

    I had to repair a similar issue a while back, where the 'client' had logged in to online banking to make some changes, only to find a few days later £2,500 had gone missing from her account. After digging around it was a Java exploit, MSE found the issue and repaired it, I also cleaned up some files and examined processes after. It seemed the original exploit was obtained through a pron website her husband was visiting, ofc I didn't tell her that

  14. #29
    Senior Member oolon's Avatar
    Join Date
    Mar 2007
    Location
    London
    Posts
    2,294
    Thanks
    150
    Thanked
    302 times in 248 posts
    • oolon's system
      • Motherboard:
      • Asus P6T6
      • CPU:
      • Xeon w3680
      • Memory:
      • 3*4GB Kingston ECC
      • Storage:
      • 160GB Intel G2 SSD
      • Graphics card(s):
      • XFX HD6970 2GB
      • PSU:
      • Corsair HX850
      • Case:
      • Antec P183
      • Operating System:
      • Windows 7 Ultimate and Centos 5
      • Monitor(s):
      • Dell 2408WFP
      • Internet:
      • Be* Unlimied 6 down/1.2 up

    Re: Ebay/Hotmail hacking

    Personally, I would copy my data onto usb key/another computer. Then Nuke the computer doing a complete reinstall, its the only way to be sure. You can never fully trust a compromised computer again, nuke it.

    If you did want to use a linux system as it would be harder to break, you could run a windows VM for the postage program. You could end make a copy of the windows VM and run it via a snap shot so every time you boot it, the disk reverts to the orginal image!
    (\__/) All I wanted in the end was world domination and a whole lot of money to spend. - NMA
    (='.*=)
    (")_(*)

  15. #30
    Senior Member
    Join Date
    Jul 2003
    Posts
    12,113
    Thanks
    906
    Thanked
    580 times in 405 posts

    Re: Ebay/Hotmail hacking

    Quote Originally Posted by Lowe View Post
    Yes she uses Smartstamp. I'm considering ditching the PC altogether and getting a Mac Mini for her, then chuck Parallels or similar on it just for Smartstamp. Might be a whole lot easier!

    Might I suggest looking at her facebook account, there are lots of things on there that could be a potential mine field as far as dodgyness goes, like on like this that and the other to view pictures and various other random "apps" that are installed on the front of facebook and tie into your email/social media lifelines..
    Ditching a PC for a Mac is hardly a solution though, I thought higher of you

  16. #31
    RIP Peterb ik9000's Avatar
    Join Date
    Nov 2009
    Posts
    7,701
    Thanks
    1,839
    Thanked
    1,434 times in 1,057 posts
    • ik9000's system
      • Motherboard:
      • Asus P7H55-M/USB3
      • CPU:
      • i7-870, Prolimatech Megahalems, 2x Akasa Apache 120mm
      • Memory:
      • 4x4GB Corsair Vengeance 2133 11-11-11-27
      • Storage:
      • 2x256GB Samsung 840-Pro, 1TB Seagate 7200.12, 1TB Seagate ES.2
      • Graphics card(s):
      • Gigabyte GTX 460 1GB SuperOverClocked
      • PSU:
      • NZXT Hale 90 750w
      • Case:
      • BitFenix Survivor + Bitfenix spectre LED fans, LG BluRay R/W optical drive
      • Operating System:
      • Windows 7 Professional
      • Monitor(s):
      • Dell U2414h, U2311h 1920x1080
      • Internet:
      • 200Mb/s Fibre and 4G wifi

    Re: Ebay/Hotmail hacking

    Quote Originally Posted by DannyM View Post
    It seemed the original exploit was obtained through a pron website her husband was visiting, ofc I didn't tell her that
    You assume it was the husband... or were you able to tell by the login?

  17. #32
    ɯʎɔɐɹsɐʌʍ mycarsavw's Avatar
    Join Date
    Feb 2007
    Posts
    4,945
    Thanks
    1,097
    Thanked
    653 times in 482 posts
    • mycarsavw's system
      • Motherboard:
      • P8H77-M Pro
      • CPU:
      • i5 3350P
      • Memory:
      • 16Gb
      • Storage:
      • Lots
      • Graphics card(s):
      • R9 285
      • PSU:
      • HX 620w
      • Case:
      • FD Define Mini
      • Operating System:
      • W10
      • Monitor(s):
      • BenQ G2420HDBL + GL2450HT
      • Internet:
      • Sky

    Re: Ebay/Hotmail hacking

    Quote Originally Posted by ik9000 View Post
    You assume it was the husband... or were you able to tell by the login?
    You fell for that story, come on, it was Danny's laptop and Danny's porn
    |Kata: "Read title as 'fisting'. Not sure why I clicked. Relieved, really."|
    |TAKTAK: "It was so small that mine wouldn't fit into it"|

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Nanobyte Online (Hacking Simulation)
    By ADM in forum Gaming
    Replies: 8
    Last Post: 16-05-2006, 07:32 PM
  2. The Xbox 360 hacking video
    By Steven W in forum HEXUS News
    Replies: 1
    Last Post: 20-03-2006, 03:16 PM
  3. Cross-party support for tougher UK hacking law
    By Bob Crabtree in forum HEXUS News
    Replies: 0
    Last Post: 08-03-2006, 11:29 AM
  4. Is hacking any worse than Piracy
    By TiG in forum Question Time
    Replies: 16
    Last Post: 26-07-2003, 03:51 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •