Giving a hacker remote access
Discussion
Just off the phone to my parents. They were on their home pc earlier, and got a security message from their firewall / AntiVirus saying that XXX is trying to access their computer - do you trust them? For reasons I can't imagine, they clicked 'yes'.
Their email account has subsequently re-sent a load of sent messages, and everything in the inbox has been deleted (not in deleted messages either). Could this have been lifted onto another machine?
Is this likely just to have been a kid trying to annoy people in school holidays, or is it possible that they got information they could use from elsewhere in the computer? Mail account wouldn't have much in it apart from passwords to Amazon etc, but again I'm guessing that could only be used for annoyance purposes since only a really stupid hacker would get stuff delivered to their own house...
Would the pc store any information that could give someone access to parents' internet banking? Is it possible that a keylogger or something could have been installed? They've done a full virus scan that found nothing - should that mean nothing to worry about, or is it worth getting a techy friend to have a look at their machine?
Cheers in advance for advice - they're stressing out about it at the moment and going on holiday tomorrow...
Their email account has subsequently re-sent a load of sent messages, and everything in the inbox has been deleted (not in deleted messages either). Could this have been lifted onto another machine?
Is this likely just to have been a kid trying to annoy people in school holidays, or is it possible that they got information they could use from elsewhere in the computer? Mail account wouldn't have much in it apart from passwords to Amazon etc, but again I'm guessing that could only be used for annoyance purposes since only a really stupid hacker would get stuff delivered to their own house...
Would the pc store any information that could give someone access to parents' internet banking? Is it possible that a keylogger or something could have been installed? They've done a full virus scan that found nothing - should that mean nothing to worry about, or is it worth getting a techy friend to have a look at their machine?
Cheers in advance for advice - they're stressing out about it at the moment and going on holiday tomorrow...
Ideally you need to run Spybot or Malwarebytes scanner.
There are a lot of trojan / malware programs that go undetected by conventional A/V scanners.
It's quite likely that if somebody has had control of their PC, that there is indeed some other 'backdoor' software that has been installed. Or possibly a keylogger.
I would in fact now regard the PC as 'untrusted' and reinstall the operating system.
I would also advise them to ensure that the PC is unplugged from the wall before they go on holiday.
There are a lot of trojan / malware programs that go undetected by conventional A/V scanners.
It's quite likely that if somebody has had control of their PC, that there is indeed some other 'backdoor' software that has been installed. Or possibly a keylogger.
I would in fact now regard the PC as 'untrusted' and reinstall the operating system.
I would also advise them to ensure that the PC is unplugged from the wall before they go on holiday.
Edited by TonyRPH on Wednesday 28th July 20:38
mattley said:
I'd also double check home security as if their email has been compromised there is every chance that someone somewhere knows they're on holibobs next week.
Thanks - that one had occurred but they have a pretty decent alarm system and a neighbour in daily to water stuff.vtecstu said:
Cheers guys. Pc will definitely be off while they're away, although more for power saving than security reasons...!
Just to re-iterate.Ensure it is unplugged (or the broadband is unplugged) it's quite possible that software has been installed to "wake it up" (in the event it is left in standby) and 'call home'. (the hackers 'home').
I'm playing devils advocate here, so sorry if this seems a little OTT.
TonyRPH said:
vtecstu said:
Cheers guys. Pc will definitely be off while they're away, although more for power saving than security reasons...!
Just to re-iterate.Ensure it is unplugged (or the broadband is unplugged) it's quite possible that software has been installed to "wake it up" (in the event it is left in standby) and 'call home'. (the hackers 'home').
I'm playing devils advocate here, so sorry if this seems a little OTT.
vtecstu said:
TonyRPH said:
vtecstu said:
Cheers guys. Pc will definitely be off while they're away, although more for power saving than security reasons...!
Just to re-iterate.Ensure it is unplugged (or the broadband is unplugged) it's quite possible that software has been installed to "wake it up" (in the event it is left in standby) and 'call home'. (the hackers 'home').
I'm playing devils advocate here, so sorry if this seems a little OTT.
There is some really, really sneaky malware out there.
Definitely get all their passwords and change them on your PC straight away.
You mention Amazon, do they have their credit card details stored in that for buying stuff?
If someone has got into their machine, personal info like passwords etc will already have been farmed automatically and emailed to an anonymous account. I personally would change any passwords before anyone attempts to use them. ie. now, and not wait till they get back off holiday.
Worst case scenario is they could be left on holiday with no credit on their credit cards.
You mention Amazon, do they have their credit card details stored in that for buying stuff?
If someone has got into their machine, personal info like passwords etc will already have been farmed automatically and emailed to an anonymous account. I personally would change any passwords before anyone attempts to use them. ie. now, and not wait till they get back off holiday.
Worst case scenario is they could be left on holiday with no credit on their credit cards.
Thanks again for everyone's help. Parents now on holiday, but PC has been unplugged and mail and Amazon passwords should have been changed. Hopefully that's limited what could be done while the PC isn't in use...
Think they have some friends more techy than me that can help them copy data off and reformat when they return. Assume it's a case of turning router off (so that PC can't communicate with hacker or vice versa), copying all data to CD or USB stick (they don't have an external HD), and then reformatting and reinstalling? Probably a little beyond me to be honest, but will pass on the knowledge when they're back so they can have the same conversation with someone clever!
Cheers guys!
Think they have some friends more techy than me that can help them copy data off and reformat when they return. Assume it's a case of turning router off (so that PC can't communicate with hacker or vice versa), copying all data to CD or USB stick (they don't have an external HD), and then reformatting and reinstalling? Probably a little beyond me to be honest, but will pass on the knowledge when they're back so they can have the same conversation with someone clever!
Cheers guys!
vtecstu said:
Thanks again for everyone's help. Parents now on holiday, but PC has been unplugged and mail and Amazon passwords should have been changed. Hopefully that's limited what could be done while the PC isn't in use...
Think they have some friends more techy than me that can help them copy data off and reformat when they return. Assume it's a case of turning router off (so that PC can't communicate with hacker or vice versa), copying all data to CD or USB stick (they don't have an external HD), and then reformatting and reinstalling? Probably a little beyond me to be honest, but will pass on the knowledge when they're back so they can have the same conversation with someone clever!
Cheers guys!
That's pretty much it. I recently did a reinstall on my work laptop and it's really not that difficult:Think they have some friends more techy than me that can help them copy data off and reformat when they return. Assume it's a case of turning router off (so that PC can't communicate with hacker or vice versa), copying all data to CD or USB stick (they don't have an external HD), and then reformatting and reinstalling? Probably a little beyond me to be honest, but will pass on the knowledge when they're back so they can have the same conversation with someone clever!
Cheers guys!
Save everything in My Documents
Save their Outlook .pst file (contains their emails, contacts etc) - Outlook will tell you where this is but it is probably in C:\Users\<user name>\AppData\Local\Microsoft\Outlook\Outlook.pst
Save their Internet favourites (probably in c:\users\<user name> Favorites\
This is pretty much all I back up so unless they are advanced users, I'd bet this is all they need to backup too.
Not sure how old the machine is but I'd definitely recommend installing Windows 7 if you can - pop the disk in and you should get an option to format and reinstall. Couldn't be easier.
Good luck!
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff