I recently got hacked (I believe) and am wondering how likely it is the virus spread over my network
Hi everyone,
Recently I found out I had been hacked because I got emails about transactions being authorized successfully. I was like what the hell is this, I must have subscribed to some weird thing which bills me annually or something.
Turns out I had somehow been hacked and they seem to have access my G2A website and paypal account from my own IP address. I realised this when I logged into G2A and checked login history, thinking it would be a foreign IP that showed up (because I thought they just got my G2A login details), however it was my own IP (I have a static IP which I know off by heart) and the transactions happened a few hours prior, and there was a login history from a few hours previously when I wasn't even home)
I checked my chrome history and they'd been on paypal, amazon, and G2A at like 3AM. They had bought gift cards successfully on G2A, and had sent money from my paypal balance to another paypal account.
From what I can see they had access for about 4 days, atleast that is when the first transaction went through on paypal, and also coincides with a google chrome history log of accessing paypal website. I have ran malwarebytes and it found like 50 infections. I quarantined the PC and then took a few important files off (only TXT files) and freshly installed windows on the PC.
I found some strange Task scheduler tasks too. One of them was named 'Nafifas' and would run utorrent, I know utorrent is legit but they could have created a fake utorrent.exe file which is actually malicious. Looking for nafifas on google led me to this website which shows a similar startup task which is a RAT
How likely is it that the virus has spread to other PCs on my network? Is this a common thing that could happen?
Thank you for any help you can give
[link] [comments]
from hacking: security in practice https://ift.tt/Q0Jwasb
Comments
Post a Comment