How can I defeat the hackers?

[MrCinatit]

I just hope the guy's IP address is his own, and the Yahoo account he is using is his own too. He deserves a bit of jail time.
Unfortunately, I have run into instances where some users are able to change their IPs seemingly at will. Further experiences have shown that people who do this are "up to something."

[KalDanielsfan]

I just hope the guy's IP address is his own, and the Yahoo account he is using is his own too. He deserves a bit of jail time.
Unfortunately, I have run into instances where some users are able to change their IPs seemingly at will. Further experiences have shown that people who do this are "up to something."

you are probably right. IP addresses are worthless. He is most likely using a a proxy server or something to hide is real IP.

sorry to hear about your plight Savafan. You seem to be pretty cool about things..i would be losing my head right now

[WebScorpion]

Sava, you need to report it to IC3 as soon as possible. http://www.ic3.gov/ Personally, I'd report it to them, the FBI, Secret Service, Immigration and Customs Enforcement, US Postal Inspection Service, Bureau of Alcohol Tobacco and Firearms, and anyone else who will listen. http://www.cybercrime.gov/reporting.htm The more people you get on the case the better. I'd take that computer offline (physically detach the network cable) and keep it as evidence. I'd buy another computer and make sure it had all the latest MS Security patches loaded and KEEP THEM UPDATED. If you can't afford a new computer, then I'd reformat the one you have but if anyone does decide to investigate the computer is one of their best pieces of evidence. It's not a virus or trojan, although they've probably loaded some of their own on your PC for their use. So you want to have anti-virus and adware protection and keep those updated as well. Good luck and God Bless.

[Puffy]

How much do you wanna bet this is some 13 year old.

[savafan]

The guy is apparently running my fantasy baseball teams on yahoo...anyone care to give me an update on how he's doing?

[TeamBoone]

Sava, please give us an update about what's going on about getting this thing resolved. We're worried about you.

[LoganBuck]

Sava can we get an update on this? Are things working out for you?

[savafan]

Sava can we get an update on this? Are things working out for you?

I got an entirely new hard drive, so everything is good now

[TeamBoone]

OK, Sava... I'm officially confused. How does replacing your hard drive solve all the problems because that just seems like an awfully easy fix for the serious dilemma you described below.

Clearly, someone has access to my PC. My ebay account was hacked for the second time in less than a month, and this time they took over my e-mail account as well. I was able to retrieve my e-mail account, change my password and my security question, but they have somehow managed to hack it again and change my password and security question so that I don't know the answers. This person is pretending to be me, only claiming they are a doctor. They have access to all of my bank and credit card statements via that e-mail account, as well as to all of my family and friends, and I can't get into it to put a stop to it.

It is a hotmail account, but I can't figure out a way to contact hotmail without first needing to login with my e-mail address and password. Any ideas?

I've ran spybot and antivirus everyday, but they still have to be getting my information somehow....I don't get it.

[savafan]

OK, Sava... I'm officially confused. How does replacing your hard drive solve all the problems because that just seems like an awfully easy fix for the serious dilemma you described below.

Well, that was the final solution. I had previously cancelled my ebay and paypal accounts, and never logged into any of my banking or credit card sites from my computer, so I checked them from a friend's house, and they were safe. My old hard drive is sitting here marked as evidence if the Internet Crimes Police ever need it.

The hacker did instant message me and commend me on defeating him, and made me an offer to work together on some scheme. I politely ignored him.

[CrackerJack]

Are you on a broadband connection?


I would very much recommend Avast! Anti-Virus scanner program - it's free and works like a charm - runs in your system tray whenever your PC is running and detects any intrusions or trojan horse programs etc..., and updates itself automatically (with prompt).

Make sure you at least have Windows built-in firewall turned on as well, and any wireless routers secured.

[savafan]

Are you on a broadband connection?


I would very much recommend Avast! Anti-Virus scanner program - it's free and works like a charm - runs in your system tray whenever your PC is running and detects any intrusions or trojan horse programs etc..., and updates itself automatically (with prompt).

Make sure you at least have Windows built-in firewall turned on as well, and any wireless routers secured.

Yep...I have all of that now CJ, thanks for the recommendation though!

[TeamBoone]

Wow! He's a headcase!

I'm surprised that he can't still hack into your bank accounts if the numbers are the same... but then, when it gets into the hard stuff, I know nothing!

Anyway, I'm so glad that things worked out, and I will remember this if anything similar ever happens to me.

[savafan]

Wow! He's a headcase!

I'm surprised that he can't still hack into your bank accounts if the numbers are the same... but then, when it gets into the hard stuff, I no nothing!

Anyway, I'm so glad that things worked out, and I will remember this if anything similar ever happens to me.

He probably could have if I'd have ever logged into my bank accounts while he had control of my computer. I was smarter than that. That's why he wanted me to trade him my bank info for my e-mail account...idiot...

[Unassisted]

This blog article made me think of this thread.


http://blog.washingtonpost.com/secur...l?nav=rss_blog

Security Pro Admits to Hijacking PCs for Profit

A Los Angeles security professional has admitted to infecting more than a quarter million computers with malicious software and installing spyware that was used to steal personal data and serve victims with online advertisements.

John Kenneth Schiefer, 26, variously known online as "acid" and "acidstorm," agreed to plead guilty to at least four felony charges of fraud and wiretapping, charges punishable by $1.75 million in fines and nearly 60 years in prison.

Investigators say Schiefer and two minors -- identified in the complaint only by their online screen names "pr1me" and "dynamic" -- broke into about 250,000 PCs. On at least 137,000 of those infected systems, Schiefer and his cohorts installed programs that allowed them to control the machines remotely. The malicious "bot" programs also allowed the attackers to steal any user names and passwords that victims had saved in Internet Explorer.

Schiefer is thought to be the first in the United States to be accused of violating federal wiretapping laws by operating a "botnet" -- the term for a large grouping of hacked, remotely controlled computers -- according to Mark Krause, an assistant U.S. attorney in Los Angeles.

In an exclusive interview with Security Fix, Schiefer said he's been experimenting with computers and writing software in one form or another since 1991, when he first discovered Internet relay chat(IRC) forums, a vast sea of text-based communications networks that predates instant-messaging software. There are tens of thousands of IRC channels all over the world catering to almost every imaginable audience or interest, including quite a few frequented exclusively by hackers, virus writers and loose-knit criminal groups. IRC channels have traditionally been among the most popular means of controlling botnets.

For the past several years, Schiefer has acted as an administrator for "#bottalk" and "#rizon," two of the more active hacker chat rooms on IRC, where the discussion ranges from pop culture to methods for improving the latest bot programs and identifying which Web sites most recently got hacked.

Schiefer said he and his friends spread the bot programs mainly over AOL Instant Messenger (AIM). By using malicious "spreader" programs such as Niteaim and AIM Exploiter, Schiefer and his co-conspirators spammed out messages inviting recipients to click on a link. Anyone who took the bait had a "Trojan horse" program downloaded to their machine, an invader that then tried to fetch the malicious bot program.

Schiefer admits he and friends used several hjacked PayPal accounts to purchase Web hosting that helped facilitate the spreading of their bot programs.

Schiefer's employer -- Los Angeles-based Internet telephony provider 3G Communications -- let him go in March 2006 after he filed a series of disability claims. His job at the time was to help secure communications networks for businesses.

Schiefer claims that he stopped all of the malicious activity in early January 2006.

"Ever since then, I've been more trying to create a positive thing and trying to prevent crap like this happening," he said. "I kind of saw the error of my ways and decided I'd had enough."

Later that month, federal agents raided his home, seizing computer equipment and other evidence.

Schiefer also said he had installed adware on machines he and his friends controlled, making a 20 cent commission each time they installed a piece of software from TopConverting, a now defunct adware company formerly owned by Simpel Internet, a marketing company based in the Netherlands.

Schiefer acknowledged that in mid-2005, he made more than $19,000 in commissions from TopConverting by installing to hijacked computers. The government claims he made the money installing adware over a period of a month in June 2005. Schiefer said he earned that sum in less than one week's time.

Schiefer admitted that he spent most of that week's earnings the following month entertaining himself and friends at DefCon, a massive hacker and security research conference held annually in Las Vegas.

Interestingly, I featured TopConverting in a February 2006 story I wrote for The Washington Post Magazine, which chronicled the exploits of "0x80," a hacker who -- like Schiefer -- made thousands of dollars a month installing adware on machines he had seeded with bot programs.

From that story: "Majy says TopConverting, which did not respond to requests for comment for this article, paid him an average of $2,400 every two weeks for installing its programs. He got 20 cents per install for computers in the United States and five cents per install for PCs in 16 other countries, including France, Germany and the United Kingdom. A nickel per install doesn't sound like much, unless you control a botnet of tens of thousands of computers."

According to an FBI informant who asked not to be named, Schiefer was a member of Defonic, a hacker group that included the individuals identified in the paragraph above as Zach "Majy" Mann, as well as "0x80". Another member of Defonic --- Cameron "cam0" LaCroix -- earned his reputation after breaking into Paris Hilton's cell phone account and later leading the group in breaching data giant LexisNexis, a stunt in which cam0 and several others pulled sensitive records on more than 310,000 people, including a number of Hollywood celebrities.

Most former members of the Defonic crew are now either in jail or have only recently been released from prison.

Schiefer said he regrets his actions, and hopes that the cooperation he has shown with law enforcement in the case so far will lighten his sentence.

"I don't think anyone should feel sorry for me," Schiefer said. "What I was doing was wrong [and] stupid, and I got caught."