Page 1 of 2 [ 23 posts ]  Go to page 1, 2  Next

CloudLayer
Deinonychus
Deinonychus

User avatar

Joined: 27 Mar 2012
Age: 40
Gender: Female
Posts: 308

03 Apr 2012, 3:32 pm

Hello.

How current is this hack?

[well I took this out]

I am not a hacker. I wonder if this has been used on me during any period when I was not logged out - in the past I sometimes was "stupid," as the author of these instructions puts it -- I would rather call it "trusting that nobody was bothering to waste their time getting into someone with no money and nothing interesting going on in their life's account" - enough to not log out.



Last edited by CloudLayer on 03 Apr 2012, 7:25 pm, edited 1 time in total.

1000Knives
Veteran
Veteran

User avatar

Joined: 8 Jul 2011
Age: 35
Gender: Male
Posts: 5,036
Location: CT, USA

03 Apr 2012, 3:50 pm

According to archive.org, the earliest version of that page is from March 2002.



CloudLayer
Deinonychus
Deinonychus

User avatar

Joined: 27 Mar 2012
Age: 40
Gender: Female
Posts: 308

03 Apr 2012, 3:52 pm

Ah okay. Thank you very much. I was not aware of archive.org. I wonder if anything's changed since then that makes this hack impossible with the site's current system.



fraac
Veteran
Veteran

User avatar

Joined: 23 Mar 2011
Age: 47
Gender: Male
Posts: 1,865

03 Apr 2012, 3:57 pm

Won't work now. That's really bad that it ever worked. I was doing stuff like that on badly designed websites in the 90s. When did Microsoft buy it? Hmm... 97. That's terrible.



Jtuk
Veteran
Veteran

User avatar

Joined: 21 Jan 2012
Age: 47
Gender: Male
Posts: 732
Location: Wales, UK

03 Apr 2012, 4:40 pm

Personally I think this is a prank. Why would he give list a throwaway hotmail account, then claim that he'll hunt you down if you try to hack it, when it's pretty clear he couldn't have access to your IP.

Also if you actually read it, in step 1 you have to login using the account. Which requires the password. This is really just a session hijack, you couldn't use it against a random hotmail account. A key logger would be much simpler and get you the actual password.

Jason.



CloudLayer
Deinonychus
Deinonychus

User avatar

Joined: 27 Mar 2012
Age: 40
Gender: Female
Posts: 308

03 Apr 2012, 4:49 pm

Interesting... thank you fraac and Jason... how does a keylogger work, do they hack into your actual computer or is it just web-based? Do many hackers know how to do this?

Does anyone by chance know of any websites with good information on how to detect a keylogger?



Jtuk
Veteran
Veteran

User avatar

Joined: 21 Jan 2012
Age: 47
Gender: Male
Posts: 732
Location: Wales, UK

03 Apr 2012, 5:08 pm

CloudLayer wrote:
Interesting... thank you fraac and Jason... how does a keylogger work, do they hack into your actual computer or is it just web-based? Do many hackers know how to do this?

Does anyone by chance know of any websites with good information on how to detect a keylogger?


A key logger can be a hardware device you connect between the keyboard and computer, or a software program you install on the computer. Anti-virus and malware detection can detect key loggers. Observant users can also spot a hardware key logger if they look at their cables.

It's unlikely that a hardware key logger is installed on a laptop.

Googling: detecting key loggers

Should find some relevant up to date info. Covertly using a key logger is most likely illegal in your jurisdiction.

Jason



nat4200
Veteran
Veteran

User avatar

Joined: 10 Jan 2011
Gender: Male
Posts: 704
Location: BANNED

03 Apr 2012, 5:12 pm

Redacted



Last edited by nat4200 on 21 Apr 2012, 2:06 am, edited 2 times in total.

CloudLayer
Deinonychus
Deinonychus

User avatar

Joined: 27 Mar 2012
Age: 40
Gender: Female
Posts: 308

03 Apr 2012, 5:18 pm

Thank you very much. I found an alarming page on Metasploit. I know to be safe I probably shouldn't be detailing my anti-hacking activities publicly but I don't really have the extra energy to deal with being counterspylike at the moment. Hopefully there is some lasting record of any keylog hacking though.



CloudLayer
Deinonychus
Deinonychus

User avatar

Joined: 27 Mar 2012
Age: 40
Gender: Female
Posts: 308

03 Apr 2012, 5:30 pm

Trust me I have no interest in hacking, myself, so I will not be converted to the Dark Side. Well first of all I suspect my hotmail was hacked. Possibly Facebook too. But on hotmail an error message kept coming up saying your account is being accessed from an unauthorized device. Every so often an email reclosed or opened not by me. Spam filter not set to the suspicious one that a spammer would use, no contacts added or deleted, no other signs listed in help center as spammer or virus. Changed my password many times. Security q I realized too late was all along a publicly findable answer. Went through security process, have now been in contact with hotmail on helpcenter site for 11 days straight, they are telling me they provided me full IP logs but they only gave me logs from day of account inception, a random day six months later, and past 2+ months of access (another 6 months after random June day), no signs of unknown access, but they are also telling me IP logs are complete which they clearly are not. Have been quite inconsistent with my security, for months, cause honestly was already too stressed out to even seriously consider that signs of what appeared to be hacking could be true, and do actions to protect against. This [taken out] sounds likely but I have no clue how easy this would be for the avg hacker. Suspect personal contact may have hacked me but I really don't want to get into that, just saying this to explain I there is a good chance it wasn't random/money-motivated etc.



Last edited by CloudLayer on 03 Apr 2012, 7:25 pm, edited 1 time in total.

CloudLayer
Deinonychus
Deinonychus

User avatar

Joined: 27 Mar 2012
Age: 40
Gender: Female
Posts: 308

03 Apr 2012, 5:31 pm

Oh. Whatever they're called it's illegal to get into someone's email without their knowledge and permission though.



Jtuk
Veteran
Veteran

User avatar

Joined: 21 Jan 2012
Age: 47
Gender: Male
Posts: 732
Location: Wales, UK

03 Apr 2012, 5:38 pm

1. Who else has access to your computer?
2. Do you use your hotmail account with a smartphone?
3. Do you access hotmail on any other public computers?
4. You do have a complex password?
5. Do you or have you used these passwords on any other sites?
6. Do you use MSN messenger with an unofficial client?

It might be understandable that they can only provide logs for your last two months of activity, plus your signup.

Jason



CloudLayer
Deinonychus
Deinonychus

User avatar

Joined: 27 Mar 2012
Age: 40
Gender: Female
Posts: 308

03 Apr 2012, 5:50 pm

1. Who else has access to your computer?
Potentially only family members who wouldn't do this.

2. Do you use your hotmail account with a smartphone?
No. I use it with a PC and have accessed it also from alaptop and a Kindle but I have done neither of the following in awhile, and gone through their account recovery after suspected hacking process twice, after which I def. have not used another device but got the "unauthorized access" message as recently as a few days ago repeatedly.

3. Do you access hotmail on any other public computers? Public.... I may have a few times, library etc., but not in a long time and def. not since account recovery process. Months ago accessed it on someone's comp who I can't say wouldn't do this. Not a public comp. though.

4. You do have a complex password? Before, no, I had a series of noncomplex passwords. Have had about 6 password changes in last 11 days, somebefore and some after 2 acct recovery processes. Now listed as "strong" I think but alerts of unauthorized access have occurred since had this one.

5. Do you or have you used these passwords on any other sites?
Yes, some of past ones unfortunately. FB, etc. Not anymore but def. yes in past.

6. Do you use MSN messenger with an unofficial client? I don't know what an unofficial client is I am afraid... messenger I still have but no contacts at this point.

Thank you for your help so far.



questor
Veteran
Veteran

User avatar

Joined: 23 Apr 2011
Age: 66
Gender: Female
Posts: 2,696
Location: Twilight Zone

03 Apr 2012, 5:52 pm

I don't do any financial banking/stocks, etc. online, so no one can steal an account that isn't there. I do have a Walmart card, but I never put huge amounts of money on it. I am also planning on getting a prepaid credit card for non Walmart online purchases, but again, I won't put huge amounts of money on it, so no one can wipe me out, unless they access the computers at the bank. When using the gas pump, as soon as you are done with your at pump transaction, hit the clear key to disengage your account. Other wise some one at the station or elsewhere can still access the account, as it is still online.

I also don't have to worry about anyone getting access to embarrassing photos because I don't take those kind of pix, and if I did, I wouldn't put them online. I also don't put other embarrassing info online. My biz is my biz, not the biz of the www. I cannot for the life of me comprehend why anyone would put that kind of stuff online! What are people thinking--apparently they aren't thinking at all!


_________________
If a man does not keep pace with his companions, perhaps it is because he hears a different drummer.
Let him step to the music which he hears, however measured, or far away.--Henry David Thoreau


nat4200
Veteran
Veteran

User avatar

Joined: 10 Jan 2011
Gender: Male
Posts: 704
Location: BANNED

03 Apr 2012, 5:54 pm

Redacted



Last edited by nat4200 on 21 Apr 2012, 2:06 am, edited 1 time in total.

Jtuk
Veteran
Veteran

User avatar

Joined: 21 Jan 2012
Age: 47
Gender: Male
Posts: 732
Location: Wales, UK

03 Apr 2012, 5:59 pm

Has hotmail explained what this unauthorized access message is about? A screenshot of the message might give us some more clues.

Oh one other thought, have you got outlook or any other e-mail client setup to use hotmail from your computer? its possible it's got stuck with an old password, which keeps generating bad password attempts, It might be worth clearing any of this stuff off you kindle / laptop etc.

It's quite possible this is just hotmail going a bit nuts and nothing is really wrong.

Jason