Have you ever been hacked

I'm studying hacking and forensics and just wondering who on here has been hacked.

This could be one of your social media accounts, a device etc.

Have you ever fallen for a phone or email phishing attack?

Did you find the cause for being hacked?

Raging_Ninja

https://haveibeenpwned.com

Type your email In there to find out.

If you use LinkedIn or any number of other websites, then almost certainly yes.

endacl

I had an old hotmail account that was taken over. Microsoft were useless in getting it sorted, so I moved on. So, I suppose I've been hacked?

Raging_Ninja

Raging_Ninja wrote: »

https://haveibeenpwned.com

Type your email In there to find out.

If you use LinkedIn or any number of other websites, then almost certainly yes.

Yeah aware of that site and no results for my address.

Actually you just reminded me I need my next scheduled check on it next week

endacl

endacl wrote: »

I had an old hotmail account that was taken over. Microsoft were useless in getting it sorted, so I moved on. So, I suppose I've been hacked?

It would qualify as the account was taken over.

Raging_Ninja

DubInMeath wrote: »

Yeah aware of that site and no results for my address.

LinkedIn got me.

Also had a scare recently where OnePlus had some rogue JavaScript inserted into their purchase page for a few months which would for a certain frequency of purchases forward the credit card details to the hackers that carried out the breach (the random number was to add some uncertainty into where the breach was occuring).

When the first articles into a possible breach came up, I couldn't remember if I used my card or my PayPal to pay for the phone (PayPal purchases were not affected), so erred on the side of caution and cancelled the card immediately.

Raging_Ninja

Raging_Ninja wrote: »

LinkedIn got me.

Also had a scare recently where OnePlus had some rogue JavaScript inserted into their purchase page for a few months which would every for a certain frequency umber of purchases forward the credit card details to the hackers that carried out the breach (the random number was to add some uncertainty into where the breach was occuring).

Haven't read anything about this one (don't use that service) but I'll certainly loo it up

Doctors room ghost

Raging_Ninja wrote: »

https://haveibeenpwned.com

Type your email In there to find out.

If you use LinkedIn or any number of other websites, then almost certainly yes.

Have a care would you do that.there was one last year,enter your bank account number here to see have you been hacked.plenty of people caught with it.the Nigerian prince made a few more million that day.

Raging_Ninja

Doctors room ghost wrote: »

Have a care would you do that.there was one last year,enter your bank account number here to see have you been hacked.plenty of people caught with it.the Nigerian prince made a few more million that day.

This is legit though, run by a well-respected security researcher using the hacked databases that have been made publicly available. And all you enter is the email address, which is probably already known to many third parties.

Always have 2 factor authentication set up on all of your services.

pleas advice

no, but I forgot the password to my last Boards account

pleas advice

pleas advice wrote: »

no, but I forgot the password to my last Boards account

Should have used the forgot password function then. Unless you lost access to the email you registered the account with.

Donald Trump

Yeah

I played soccerball against the Legend that is Johnny Giles back in the day

corks finest

DubInMeath wrote: »

I'm studying hacking and forensics and just wondering who on here has been hacked.

This could be one of your social media accounts, a device etc.

Have you ever fallen for a phone or email phishing attack?

Did you find the cause for being hacked?

Yes,on a chat site(IRC) years ago, lambasting USA ref Iraq(pints involved) after a few sessions the questions supposedly coming from me weren't,and obviously replies I got were heated no matter what I tried,could see questions as I sat there being typed up,banned,,,in he end up had to reinstall total system,get rid of my Hotmail account,and stayed away from chat sites after Beamish, definitely the good ol' boys hacked me at the time(btw still think USA had/have no right to invade any sovereign state)

ebbsy

I woz hacked by Russia once. I always blame them for everything cos I want to hide my own stupidity.

OldMrBrennan83

This post has been deleted.

OldMrBrennan83

This post has been deleted.

Irish Guitarist

A couple of weeks ago I couldn't use my debit card to buy some food on Just Eat. I thought it was a problem with the site until I tried Dominos and the same thing happened.

I then went to phone the bank. I saw they had already sent me a text message saying my debit card had been put on hold. There was a payment of €1.31 on Amazon made with my card and I had to confirm whether I had made the payment or not. I hadn't bought anything on Amazon that day. I phoned the bank and the man I was talking to read out a few recent transactions and asked if I had made them. I was able to say yes to everything except the €1.31 on Amazon. He said he sees a lot of fraudsters getting card information and they start off by spending really small amounts online. He said he wasn't going to take any chances and would keep my card on hold and send a new one to me.

I still don't know if My Amazon account or if my bank information was hacked or not but I can't explain the €1.31.

Thanks for the responses so far folks.

iRC chats seem to be a popular way to get access to a system, especially back in the day so to speak as the were often just a plugin added to certain sites and not maintained. Plus your more likely to click on something sent in a chat, especially after a few conversing with someone a few times previously.

2 Scoops

Nope but my brother was once that I remember. He downloaded some shady app and a few minutes later the hacker added him to skype and started laughing at him with total control of his computer.

2 Scoops

2 Scoops wrote: »

Nope but my brother was once that I remember. He downloaded some shady app and a few minutes later the hacker added him to skype and started laughing at him with total control of his computer.

Yeah that's a common cause, along with pirated software with an back door or two included.

There is a testing tool that can also be used for illegal hacking purposes, but a legitimate full copy costs a bit. So some hackers have put up pirated copies online that then allow them to hack another hacker

ibstar

My steam got hacked via my email.
They managed to put a password on my spam folder and redirect all emails from steam to spam folder.
Steam was easy to recover, but password on spam folder took a week of emails to support.

I managed to find the hackers Skype and also QIWI account but I think it was all under a fake name since I called him to say I found him and he said that there's nothing I can do and I found posts linked to him posting in hacking forums under 3 different names.

Stigura

My ebay account got hacked, years ago. I started getting PM's on there, asking; " Where's my phone, Elvis? "

Seems I'd suddenly started offering very high end phones which, having been paid for, never arrived.

CalamariFritti

No, I haven't. Unless it was so good that I didn't even notice. Which is unlikely since I'm as boring as the next guy. And I don't do anything obviously stupid like sending money to my Nigerian 'great great uncle' or installing that great free download tool. And I don't use Windows so all that kind of low key bullsh1t typically passes me.
The closest to a hack I ever came was when money was skimmed of my visa card. Which I got back from the bank. Does that count?

NIMAN

Lost money out of my bank account last week. 1st time I was ever scammed/hacked in any way.

All attributed to iTunes. I have never had an iTunes account, owned any Apple device. Obviously someone got my card details.

BoI investigated and got the money back today, thankfully.

Raging_Ninja

CalamariFritti wrote: »

No, I haven't. Unless it was so good that I didn't even notice. Which is unlikely since I'm as boring as the next guy. And I don't do anything obviously stupid like sending money to my Nigerian 'great great uncle' or installing that great free download tool. And I don't use Windows so all that kind of low key bullsh1t typically passes me.
The closest to a hack I ever came was when money was skimmed of my visa card. Which I got back from the bank. Does that count?

If you have used LinkedIn or a myriad of other websites then you have indeed had login credentials stolen, which is the first step in a hack.

Most banks use third party credit-checking services. One of the largest, Equifax, was recently breached and the financial records of tens of millions of people were stolen.

chakotha

I signed up with FB with my eircom email address.

As i can no longer access eircom webmail i tried to assign my gmail as an alternative only to find someone else successfully reged on FB with my gmail on another account

God knows how they verified the rmail address. Probably more a bug than a hack.

Rubberchikken

No. But then ive no presence on social media and my email is so boring it would put any hacker to sleep.

The Backwards Man

As the oul farmer said to the robber, you'll have to start carrying in before you start carrying out.

Raging_Ninja

Rubberchikken wrote: »

No. But then ive no presence on social media and my email is so boring it would put any hacker to sleep.

People think it will end with reading emails. That's only the first step. The next is using details gleaned from there to get personal information, then socially engineering their way into getting an electricity bill as proof of address and before long you're dealing with full on identity theft and an empty bank account.

Outlaw Pete

Was hacked on Twitter years ago and everyone that followed me was sent a message about them looking fatter than usual and recommending some weight loss supplement. Got a few replies from friends saying that they had been similarly hacked the week before which but my mind at rest but there was one or two people who I knew that felt that I had deliberately sent the message myself. One was my sister in law and there has been a tension there everytime I have met them since. Yikes.

Snickers Man

You can read about my experience with Amazon/Amazon Prime here

In a nutshell, somebody got on to my account and, using an email address that wasn't mine, requested the Amazon Prime service. I paid for it by direct debit for three months until a chance perusal of my bank statements revealed it to me.
Amazon responded promptly and told me my bank would reimburse me (they did) but they wouldn't tell me what e-mail address ordered the service, which I find incredibly frustrating.

I also got scammed on ebay. Somebody gained access to my account, sold something and then didn't deliver the goods. I became aware of this when I started getting threatening mails from ebay telling me to deliver the goods and pay my sellers fees or else. My account was then suspended. Many phone calls to various support sites around the world ensued following which they accepted my claim that I had not put anything up for sale, promised to stop sending me threatening mails, and rescind the suspension.

I'm still suspended.

I also don't use Amazon for purchases any more.

So that's two websites that I don't use any more. I don't feel bereft.

Stigura

Snickers Man wrote: »

I also got scammed on ebay. Somebody gained access to my account, sold something and then didn't deliver the goods .....

I'm still suspended.

Yep. See my post. #22, above. Bastards still owe me £44.00 that they lifted from my bank account, as " Sellers Fees " on the phone sales I had nothing to do with :mad:

branie2

No

Capt'n Midnight

scamalert

another nice site is pipl.com will dig up anyone on linkedin,facebook etc. but real gem in it is anyone living in US digs up a lot off stuff phone numbers etc quite scary.

did sms spoofing on family and have to say some stuff accessible online nowadays could cause someone a stroke easily if not done in controlled environment.

people are more aware of not to press links or attachments from dodgy email letters, so social engineering is doing its way in nowadays, as cuts out a lot of work.

only bait ive gotten and not sure but got whatsupp app instead of app ,and for last 6 months been haunted by call's from Somalia to man of isle and any country that can get voip, which isnt a hack per say but proper pain in the a$$ when getting random calls each day, where they want you to ring back that will drain your phone account, thou again not real hacking, phishing at best.

myhorse

Irish Guitarist wrote: »

A couple of weeks ago I couldn't use my debit card to buy some food on Just Eat. I thought it was a problem with the site until I tried Dominos and the same thing happened.

I then went to phone the bank. I saw they had already sent me a text message saying my debit card had been put on hold. There was a payment of €1.31 on Amazon made with my card and I had to confirm whether I had made the payment or not. I hadn't bought anything on Amazon that day. I phoned the bank and the man I was talking to read out a few recent transactions and asked if I had made them. I was able to say yes to everything except the €1.31 on Amazon. He said he sees a lot of fraudsters getting card information and they start off by spending really small amounts online. He said he wasn't going to take any chances and would keep my card on hold and send a new one to me.

I still don't know if My Amazon account or if my bank information was hacked or not but I can't explain the €1.31.

It was probably Amazon testing the card is actually valid. They request a small payment - if it goes through they cancel it. Never appears on your statement (also no money taken out). They are verifying that the card is valid

check the posts at the bottom here (4th last post down) similar but for apple
https://www.reddit.com/r/apple/comments/2sxp8m/odd_1_charges_from_itunes_store_showing_up_in_my/

Does the debit appear on your statement? am guessing not

Snickers Man

Stigura wrote: »

Yep. See my post. #22, above. Bastards still owe me £44.00 that they lifted from my bank account, as " Sellers Fees " on the phone sales I had nothing to do with :mad:

Complete bastards!

I had to get a new debit card issued and it was also recommended I change my email password, which I hadn't done for years as it is hardwired into my mail client application.

Pain in the hole.

pxdf9i5cmoavkz

DubInMeath wrote: »

I'm studying hacking and forensics and just wondering who on here has been hacked.

This could be one of your social media accounts, a device etc.

Have you ever fallen for a phone or email phishing attack?

Did you find the cause for being hacked?

My home system got hacked last year September.

I have an Internet facing box with only two ports open. The one port belongs to the camera security software and the other to Microsoft Remote Desktop. I'm guessing they managed to brute force the password to gain access to the system. I will concede that my password was not the strongest password consisting of only 6 character.

I would routinely log into my system to manage my Linux ISO :pac: downloads and sometimes when I logged in I noticed that my firewall log window was open. At the time I thought nothing of it and just brushed it off (idiot).

About a week later I logged into my system and I noticed a open window on the desktop

I forget the programs exact name but it's purpose was to send a whole bunch of emails. The email content was about a security breach at a popular American bank and requests the user to "Click here" to reset their password or risk having the account closed. The usual crap.

Following the link and doing some digging I discovered that it is hosted in Brazil, so my guess is that Brazilians managed to compromise my system.

There was also another piece of software that when run would lock the desktop until a password is typed in. I purposefully ran this software just to see what it does

To avoid further exposure I shutdown the laptop and did a zero fill on the hdd. I chose not to do any backups for fear of a virus.

Since then

• Password length has been significantly increased (from 6 to 25).
• Script put in place that emails me if a remote login takes place.
• Firewall and anti-virus are now password protected, and yes, different passwords for both.
• File audit application. (Basically keeps track of files that were accessed or changed).
• Most folders password locked and open folders have the anti-virus scan all files regardless of its size.

Mr. CooL ICE

My sister's Facebook account was hacked before where her account posted pics of deals on fake Raybans and all the posts tagged everybody on her friends list. She got it sorted withing a few hours.

However, she got a message from an old friend of hers a few weeks later that didn't know she was hacked. This friend went to the linked site, purchased a pair of Raybans, and they had arrived and were actually really good!

scamalert

Dole Scrounging Vegan Crossfitter wrote: »

My sister's Facebook account was hacked before where her account posted pics of deals on fake Raybans and all the posts tagged everybody on her friends list. She got it sorted withing a few hours.

However, she got a message from an old friend of hers a few weeks later that didn't know she was hacked. This friend went to the linked site, purchased a pair of Raybans, and they had arrived and were actually really good!

Online marketing by means of pharming

_Kaiser_

Many years ago I got a call from a mate one day wondering if I was ok.

This was a bit surprising as I was grand and in a meeting with a supplier at the time, but according to Facebook, I was stranded in London with no money to get home having been mugged and asking friends to help

So I logged on and yep, status changed, and the chat going like mad begging for cash.

To be fair to Facebook, they sorted it within 30 minutes but it was the trigger that finally made me just lock it all down and give up on it as I wasn't using it at that stage anyway and had no interest in people's Farms, attention-seeking, or the ridiculous nonsense posted by people I used to think were pretty intelligent and copped on.


Another time I got a call from my credit card company because transactions had shown up in the UK and had triggered the limit because of various taxi fares and a hotel booking - again this was a surprise to me as I was in the pub in Dublin at the time, but again it was all sorted and refunded in a few days. Best guess was that my card details had been copied a week or two earlier in a restaurant (these were the days when they'd take the card from you and run it through the machine).

Thanks again for the replies folks some interesting pieces.

Bob Harris

I got this email this morning - made me laugh...

Good morning.

Do not pay attention on my grammar, Im from India.We installed mine virus on your OS.Then I pilfered all confidential data from your OS. Withal I obtained slightly more evidence.The most important compromising which I stole- its a videotape with your ****.I set malware on a porn web site and then you downloaded it. The moment you chose the video and tapped on a play, my malicious software immediately adjusted on your device.

After loading, your camera made the video with you self-abusing, furthermore malware saved precisely the porn video you chose. In next week my deleterious soft found all your social media and email contacts.

If you desire to delete the videotape- pay me 540 euro in Bitcoins.
Here is my Btc wallet address - 1Kd9WcrczDUfywfrZwUuv7HyCtJzXPgi6e

You have 22 h. after reading. When I get transaction I will erase the compromising forever. Otherwise I will forward the video to all your friends.

BabysCoffee

My original facebook was hacked. A worm instantly changed my password each time I got sent one to my email. Whoever hacked my account sent messages to a few friends saying I was held up by knife point in London and needed money.

RockDesk

My Spotify account was taken over earlier this year. I got onto Spotify who had it back in my name within 30 minutes. Still had the hassle of changing all passwords as a precaution (they weren't the same, I just got paranoid)

pxdf9i5cmoavkz

Bob Harris wrote: »

I got this email this morning - made me laugh...

Good morning.

Do not pay attention on my grammar, Im from India.We installed mine virus on your OS.Then I pilfered all confidential data from your OS. Withal I obtained slightly more evidence.The most important compromising which I stole- its a videotape with your ****.I set malware on a porn web site and then you downloaded it. The moment you chose the video and tapped on a play, my malicious software immediately adjusted on your device.

After loading, your camera made the video with you self-abusing, furthermore malware saved precisely the porn video you chose. In next week my deleterious soft found all your social media and email contacts.

If you desire to delete the videotape- pay me 540 euro in Bitcoins.
Here is my Btc wallet address - 1Kd9WcrczDUfywfrZwUuv7HyCtJzXPgi6e

You have 22 h. after reading. When I get transaction I will erase the compromising forever. Otherwise I will forward the video to all your friends.

Remember to ask your friends to rate your performance!

King George VI

Mate of mine managed to get into my webcam remotely a few years ago, and sent me pics he took of me eating lasagna while watching old Simpsons episodes (you can see homer in the reflection of my glasses lol). Thankfully I wasn't watching porn at the time. Made me put duct tape over the camera lens that's been there for years.

Mackerel and Avocado Sandwich

I'd say it was about 2003 but a trojan virus on my computer stole my credit card and spent 800 euros in an opticians in Kazakhstan! I got it all back though fairly quickly when BOI realised it wasn't me.

Thanks folks.

Regarding the 'self abuse' video email, I don't have a web cam, but even if I did my response would be sure go ahead I've enough dirt on my friends and sure you never know I might get famous from it like a few z list celebs and take up reality tv etc instead of a real job :-)


Regarding the Trojan infections etc, was the solution reformatting, having a service person remove it, or did your av eventually get rid of it?
Have delt with some nasty ones that prevent av being updated etc to get rid of them. Solution has often been to use a live Linux disk with av installed to get rid of them.

JohnnyFlash

One of my former employees managed to download one of those ransomeware viruses onto the main work PC. Happened while he was browsing porn while I was out of the office. The IT nerd I hired says he was looking at some pretty hardcore stuff. Anyway, had a backup taken so got rid of it. Got rid of the office onanist as well. Pulling the flute off himself while on the clock is a sackable offence.

JohnnyFlash

JohnnyFlash wrote: »

One of my former employees managed to download one of those ransomeware viruses onto the main work PC. Happened while he was browsing porn while I was out of the office. The IT nerd I hired says he was looking at some pretty hardcore stuff. Anyway, had a backup taken so got rid of it. Got rid of the office onanist as well. Pulling the flute off himself while on the clock is a sackable offence.

The last place I worked for, I got called out to a customer (right wanker in more ways than one) who said the new pc we sold and set up for him a month before was slow, crashing and he was getting rid of our software etc unless we came out and fixed it for free.

Got there and he was hus usual unfriendly self, ignoring him I got to work and the drive was nearly full of porn and had some serious infections.

Had great pleasure explaining to him what the reason for his issues and that because of the infections I'd have to check every other machine in the building and the call was now chargeable by the hour.

He went mental and said it must have been his son that downloaded the stuff etc. while he was ranting away I noticed one of his staff trying her best not to laugh, she eventually told me that the guys son was in Austrailia and had been there over six months.