I got hacked! Click on no links!

Search
Go

Discussion Topic

Return to Forum List
Post a Reply
Messages 41 - 60 of total 66 in this topic << First  |  < Previous  |  Show All  |  Next >  |  Last >>
kunlun_shan

Mountain climber
SF, CA
Dec 27, 2012 - 06:03pm PT
How come nobody ever hacks me? What, am I chopped liver?

Just sent you a pm bvb, click on the link.
Crimpergirl

Sport climber
Boulder, Colorado!
Topic Author's Reply - Dec 27, 2012 - 06:13pm PT
I knew you wouldn't email me on purpose =)

Boo on that Burchey. I definitely don't feel that way at all. For the record, there is only one person in all my years here on the taco that I would never communicate with. That certainly is not you!

Interesting though that you got it - I assumed it lifted addresses from gmail (which I know it did) but maybe it got them through the taco too? A mystery.
Mighty Hiker

climber
Vancouver, B.C.
Dec 27, 2012 - 06:17pm PT
I blame the parrots, but Pente was probably the mastermind.

Anyway, about our date on Saturday night...
Crimpergirl

Sport climber
Boulder, Colorado!
Topic Author's Reply - Dec 27, 2012 - 06:26pm PT
My angel parrots were all napping. Pente on the other hand... Unlike birds, cats are post-fall creatures you know.

Haha!
khanom

Trad climber
Greeley Hill
Dec 27, 2012 - 07:36pm PT
My girlfriend ran into a cross-site scripting vulnerability with Yahoo Mail. Clicking on the link would grab your session data and compromise your account. Interestingly Gmail flagged the ensuing spam, but Yahoo Mail did not.

Basically re-iterated the point that if you are going to check out a suspicious link do so in a browser with no cookies and not on Windows (e.g. incognito window in Chrome). Could also go through an anonymizing service.
Timid TopRope

Social climber
'used to be Paradise, CA
Dec 27, 2012 - 07:55pm PT
Hey Crimpergirl, I just sent you the thousand dollars you were asking for to get you out of that Moroccan jail after having your money and passport stolen. Hope that helps.
WBraun

climber
Dec 27, 2012 - 08:39pm PT
Run ComboFix and run it.

http://combofix.net/
hobo_dan

Social climber
Minnesota
Dec 27, 2012 - 08:49pm PT
I also received a hacked email from lynne leicthfuss. I clicked it and then deleted it--It then proceeded to send out random emails from me to others. They used the title RE: Hey (your name here). So this might be a supertopo thing. This was about a week ago and I have not had any more replies
froodish

Social climber
Portland, Oregon
Dec 27, 2012 - 10:41pm PT
XP? Good lord. 11 years old now - only 15 months until MS end-of-lifes it. I hope at least it's got service pack 3 on it.

Tell the uni IT department to give you a Win7 boxxen.

Oh, and Riley, why are you giving the spammers free column space? Remove that crap.
zBrown

Ice climber
chingadero de chula vista
Dec 27, 2012 - 10:44pm PT
OK now for some remediation. Though it is advised by some not to run this unless instructed to by an expert, I would download and run ComboFix.

Run ComboFix and run it.

http://combofix.net/

Got yer expert instruction now Crimpie. Damn! those Brauns think alike.


just saw this, very likely you're OK (Well certainly more than OK, IMO)

Ran the root kit thingy and malwarebytes and all came up clean. What a pain.

Crimpergirl

Sport climber
Boulder, Colorado!
Topic Author's Reply - Dec 28, 2012 - 01:52am PT
Thanks Werner and others - combofix in the morning it is!
Patrick Sawyer

climber
Originally California now Ireland
Dec 28, 2012 - 02:49am PT
Yeah Karl, with the increasing popularity of Apple products, the scumbags will start targeting them more.

What's a good protection for a Mac? No jokes please.
matisse

climber
Dec 28, 2012 - 02:51am PT
I got one too. I feel special.
froodish

Social climber
Portland, Oregon
Dec 28, 2012 - 04:18am PT

Yeah Karl, with the increasing popularity of Apple products, the scumbags will start targeting them more.

What's a good protection for a Mac? No jokes please.

There was a good thread on this over at TidBITS recently:

http://talk.tidbits.com/Anti-Virus-Comparison-Test-td4657102.html

But honestly, I haven't run A/V software on a Mac since the days of John Norstad's Disinfectant.

Keep your Mac system software and browsers up to date, don't install Flash (use Google Chrome's built in Flash if you really need to view one of the dwindling Flash sites) or Acrobat, disable Java in your browser and don't 2-click suspicious files. That'll pretty much take care of things.
murcy

Gym climber
sanfrancisco
Dec 28, 2012 - 06:39am PT
I think it clearly originated from my machine as I got a zillion 'out of office' replies and tons of 'failure to deliver' (old email addresses I guess).

You get replies, which only means that the "From:", "Return path:" and/or "Reply to:" email addresses are yours, which is exactly happens with spoofing. A better test is whether some of those replies come from email addresses you don't recognize.

http://en.wikipedia.org/wiki/Email_spoofing

The basic idea of short emails with a link to the virus is the strategy of the old "Netsky" worm, which used spoofing. So anyway, if the scans come up clean, you may actually be clean.
SteveW

Trad climber
The state of confusion
Dec 28, 2012 - 09:45am PT

Hey Timid--I'm in jail in Nigeria and they're askin' for $500 bail!!!!


hee hee hee. . .
Crimpergirl

Sport climber
Boulder, Colorado!
Topic Author's Reply - Dec 28, 2012 - 10:07am PT
Interesting Murcy. There were addresses I did not recognize. And there were many that are not in my address book but are places I sent a single email to...sometimes a year or more ago. Bizarre. Wonder if I can figure out more looking at all the returned emails I got.
Ron Anderson

Trad climber
Soon to be Nipple suckling Liberal
Dec 28, 2012 - 12:02pm PT
i did find out last night that there are TONS of viruses being sent out from places like Africa, and the ME. Some sort of cyber war going on i would imagine.
zBrown

Ice climber
chingadero de chula vista
Dec 28, 2012 - 12:04pm PT
Graphically speaking, the idea is to keep all the bad stuff, portrayed here by Tinkerbell, from entering your private domain.

froodish

Social climber
Portland, Oregon
Dec 28, 2012 - 12:32pm PT
^^ Oh those Disney animators ;-)

As others noted email is easily spoofed but if you have a copy with the complete headers SpamCop is pretty good about determining the actual source:

http://spamcop.net

Was it a web mail account?

Messages 41 - 60 of total 66 in this topic << First  |  < Previous  |  Show All  |  Next >  |  Last >>
Return to Forum List
Post a Reply
 
Our Guidebooks
Check 'em out!
SuperTopo Guidebooks


Try a free sample topo!

 
SuperTopo on the Web

Review Categories
Recent Trip Report and Articles
Recent Route Beta
Recent Gear Reviews