Page 2 of 2 [ 23 posts ]  Go to page Previous  1, 2

CloudLayer
Deinonychus
Deinonychus

User avatar

Joined: 27 Mar 2012
Age: 40
Gender: Female
Posts: 308

03 Apr 2012, 6:40 pm

Ok.

There are a few numbers on there I don't recognize. The random day in June's ones are below and they're different from almost all the rest, which are my own IP.

XXXXXXXXXXXXXXXXXXXXXXXXXX

Looked it up and it appears to be Comcast, my ISP's headquarters of some sort in Massachusetts. Not sure what they would be doing in my account but.

XXXXXXXXXXXXX <-- this is one of the last numbers and not sure if it's the number of helpcenter technician. They never answered my q asking if it was.

No, I've asked them repeatedly what the alert is about and they're being supremely unhelpful. Ignoring that q completely. I also cannot imagine that every of the unopened/reclosed emails I saw I imagined.. I don't know.

No, no outlook, can't even get into that to start it for some reason. Not sure if gmail does that? Set up a gmail acct a couple months ago but never did anything with it and pretty sure I don't link it to hotmail. Also weird alerts before setting up gmail.

I don't get bad passsword attempts, that's the thing. I have had very little problem getting into my acct, but these frequent error msgs, what I can only think are tampered-w personal emails, and just general suspicion. I don't know.

I guess no way to find out if a keylog is running on my machine? I do remember somehow by mistake bringing up a list of my passwords for all sites in a little grey box, not sure how I got that appear, def. didn't do it on purpose, not sure it was related.

Thank you for your help Jtuk and nat (Joel McHale). Prob. not much to be done huh. I appreciate all the thinking-through help though.



Last edited by CloudLayer on 03 Apr 2012, 7:27 pm, edited 1 time in total.

CloudLayer
Deinonychus
Deinonychus

User avatar

Joined: 27 Mar 2012
Age: 40
Gender: Female
Posts: 308

03 Apr 2012, 6:52 pm

I do wonder though, if someone follows instructions likethis or similar (maybe not this exact way)

XXXXXXXXXXXXX

would it make it so their IP wouldn't show up but they could still see some of my private activity?

I suspect someone with at LEAST moderate hacking skill did this.



Last edited by CloudLayer on 03 Apr 2012, 7:27 pm, edited 1 time in total.

nat4200
Veteran
Veteran

User avatar

Joined: 10 Jan 2011
Gender: Male
Posts: 704
Location: BANNED

03 Apr 2012, 6:57 pm

Redacted



Last edited by nat4200 on 21 Apr 2012, 2:06 am, edited 3 times in total.

nat4200
Veteran
Veteran

User avatar

Joined: 10 Jan 2011
Gender: Male
Posts: 704
Location: BANNED

03 Apr 2012, 7:02 pm

Redacted



Last edited by nat4200 on 21 Apr 2012, 2:07 am, edited 1 time in total.

CloudLayer
Deinonychus
Deinonychus

User avatar

Joined: 27 Mar 2012
Age: 40
Gender: Female
Posts: 308

03 Apr 2012, 7:42 pm

Oh, okay, thank you.

Links and IP numbers deleted.

The site gives step-by-step instructions/screenshots about using this thing.

nameofthing it is an open source penetration testing framework, used for developing and executing attacks against target systems. It has a huge database of exploits, also it can be used to write our own 0-day exploits.

nameofthing ANTI FORENSICS:
nameofthing has a "great" collection of tools for anti forensics, making the forensic analysis of the compromised computer little difficult. They are released as a part of [a specific thing, gives download to one]

Later on: file is created which establishes a remote connection between the victim and hacker, using the meterpreter payload.

(hacker's IP typed into code with target IP)

This all sounds way too complicated honestly, it itself says it's advanced, but I know nothing about who would be prone to use what technique.

I am asking about this because I am trying to get rid of the extreme paranoia that I've had surrounding my suspicion. I am not a paranoid person in general, I'm if anything too loose with my info and not prone to getting upset if there appears to be a virus in my mail or whatever, but the signs in this case are just too weird and I can't for the life of me figure out if there's been a hacking or not. Just unending + growing paranoia from this recent thing.



nat4200
Veteran
Veteran

User avatar

Joined: 10 Jan 2011
Gender: Male
Posts: 704
Location: BANNED

03 Apr 2012, 7:59 pm

Redacted



Last edited by nat4200 on 21 Apr 2012, 2:06 am, edited 1 time in total.

CloudLayer
Deinonychus
Deinonychus

User avatar

Joined: 27 Mar 2012
Age: 40
Gender: Female
Posts: 308

03 Apr 2012, 8:05 pm

Ah ok, gotcha. Thank you very much. Much appreciated. I have a worried feeling I might not figure out what has gone on which is unpleasant to say the least. But very glad to have had an opinion on the matter.