Amateur Poker Association & Tour
Poker Forum => General Discussion => Topic started by: Foggy on December 29, 2011, 16:24:03 PM
-
I am enquiring as to whether any other members have been hacked recently. Over the past week my email, pokerstars account, facebook and paypal accounts have all been hacked.Today I have been contacted by another APAT member who also suffered the same situation,and mentioned that a further APAT member has suffered. In fact a false transaction has taken place on Paypal between us, this account has not been in action for the past 5 years.
On advice I have run several scans and found a worm on my system, this being " btmail(1)gen."
Has anyone suffered?
Please post on here and hopefully we shall be able to find the hacker
Foggy
-
Seems to be very prevalent in a small community Chris, if the fecker is ever found he/she will have no place to hide - advice is run advanced scan NOW.
-
I was, facebook and one email account. No problems anywhere else.
Scans found a programme I deleted. Believe it emanated from facebook
Have changed passwords, security settings everywhere and substantially stopped using the PC where there was a problem
Claw75 (Claire MacGregor) and Fandango (Carl Pilgrim) also affected. Claw has IP info
-
two step security on gMail
Facebook set to https (password changed periodically as well)
All poker sites passwords changed periodically
This Internet thing is so flakey :)
-
Yeah my Facebook, email, paypal, Pokerstars and my barclaycard all hacked. Kudos to barclaycard who rang me to tell me of suspicious transactions.. Paypal contacted me about transaction which was to a fellow APAT member. Also my Facebook was logged into from an IP address in Stoke on Trent, contacted Pokerstars but not been contacted yet so don"t know if account has been cleared out? Was playing on there last night till 11 pm so will have to check to see if any thing occured after then.. Some tossers out there who need their ******** wired up to the mains!!!
-
Happened to me too
-
Some useful info here (http://forumserver.twoplustwo.com/48/computer-technical-help/computer-security-poker-players-videos-659775/)
Edit: Just dawned on me that a link to someplace unknown may seem kinda scary to people given the increased security awareness at this time :-[ :-[
That link is to > http://forumserver.twoplustwo.com/48/computer-technical-help/computer-security-poker-players-videos-659775/
-
Some weird things going on , on my pc and running slow.
Had to input some passwords twice(not a good sign).
Haven"t noticed any monies gone missing, though i have suspected certain times that my hole cards were known although this was in the past on an older pc???
-
Can Claire pm me the IP and I will check to see whether it has ever been used on our forum.
-
PMing now Des. then will post more :)
-
Some weird things going on , on my pc and running slow.
Had to input some passwords twice(not a good sign).
Haven"t noticed any monies gone missing, though i have suspected certain times that my hole cards were known although this was in the past on an older pc???
THIS
On facebook recently it has been prompting to re-input password although i KNOW I have been inputting it correctly first time round.
I"ve been using the https secure browsing for the last few weeks, and have text code verification set up on gmail. Also only have one dedicated email now for just facebook alone.
Bank account was suspended twice around July/August time due to withdrawal attempts, ex husbands was suspended at the same time ... thought it eminated from his side but now wondering if it was a poker related thing because he too was on stars at same time.
-
First realised I"d been hacked just after midday yesterday. Tried to log into facebook and got a message popping up saying my password had been changed a few minutes previously. I requested a password change thingy to be sent to my email addy, then tried to log into my email account. password there had also been changed, so i reset using security question. While I was on there I received an email purporting to be from pokerstars security saying that they believed my account had been hacked. They said that my account had been frozen pending me sending them my card number, security code and expiry date. hmmm.
obv didn"t send the info. I received a few more emails from "pokerstars" over the next hour or so, all trying to get details. I then emailed pokerstars direct telling them what had happened and they arranged for someone to call me back last night. They"re currently looking into the activity that has taken place.
Whilst I was logged on to my email I noticed several times that the account was also being used in another location, which showed the ip address I have PMd to Des. Pokerstars also confirmed that was the IP address that had been playing on my stars account.
For a few hours I had to change my facebook and email passwords several times as they kept getting changed by the hacker. I also did this from a third party computer, but it didn"t seem to help. In fact after that, the hacker even had the bare faced cheek to log into my facebook account and update my status for me.
It appears they also tried to log in to my paypal account. fortunately i"ve not used it for ages so all payment details etc on there are out of date.
I"ve not suffered any real financial loss - i only had a few dollars in stars and they didn"t get hold of my bank/card details. however the whole thing was really inconvenient, and it made me feel sick knowing that someone had access to my personal emails and facebook messages etc.
I"ve spoken to someone else not mentioned here today who is also a member of the poker community. she experienced similar a couple of weeks ago and, similar to what happened between foggy and carl, a paypal payment was made to an account of someone known to us who said that his email had also been hacked, but that he had not experienced any other problems.
-
Advanced scan on all internal and external drives took 4 hours and looks clean, however, compacent I will not be cos this stinks....
-
PMing now Des. then will post more :)
Thanks Claire. Have checked and that IP is not showing as ever having been used on APAT. The whole hacking thing is very worrying. Will be checking my computers later too although not seen any evidence of wrongdoing.
-
It also goes without saying* that if you"re using Internet
Exploder Explorer...you should switch to a much more secure browwer.
*Saying in anyway.
-
Just been alerted to this thread.
I had my msn and xboxlive accounts hacked a week ago, on a day that I posted on facebook I was away for the day in Birmingham. The xboxlive account hacker spent £20 on Fifa2012 downloadable content.
Last night, I posted on facebook that I was away for the evening, "playing poker with some n00bs" at a friends house. This morning I find someone tried to hack my iTunes account last night.
Worrying.
-
Sigh had to change my email password four times already today!!! *******s are still at it,, just checked my email they put an order for 3x $100 UKash with e-currency exchange store think this is poker related? Hope you guys don"t have to go through this crap it"s soooooo tilting!!
-
Hi Carl - The IP you forwarded me isn"t showing as used in forum records either. Personally I"m going to sign out of all of my auto login accounts, do a thorough computer clean and log back in. How is this thing being transferred on Facebook? Are people clicking links? Is there a common link.
-
Hi Carl - The IP you forwarded me isn"t showing as used in forum records either. Personally I"m going to sign out of all of my auto login accounts, do a thorough computer clean and log back in. How is this thing being transferred on Facebook? Are people clicking links? Is there a common link.
obviously a click on a post from a "bogus" mate - this then perpetuates a chain reaction - so everyone chnage your passwords - and seriously change them periodically
-
Reading up a bit about this tonight opinion seems to be that its the email accounts originally hacked and then gained access to poker accounts via re-sets .reminders etc , is there a commmon email service amongst the people that have been hacked?
I have had no problems so far but decided to do a full adavnced scan after reading this thread its been going for four hours and still a while to go so will see.
Have to admit i am the worse for using auto log ins and not changing password for convinience , , but think i may be changing that after reading this thread
-
Hi Carl - The IP you forwarded me isn"t showing as used in forum records either. Personally I"m going to sign out of all of my auto login accounts, do a thorough computer clean and log back in. How is this thing being transferred on Facebook? Are people clicking links? Is there a common link.
I"ve no idea. I"m usually really good about not clicking dodgy links etc, and can"t remember clicking anything yesterday.
-
Problem is you see a funny post you click - no blame attached for doing so the feckers are clever
-
I can advise that my email account is with BT. Also even though I pay £50 odd pounds per year to Norton 360, their scan found nothing, apart from tracking cookies. It was when I did a full scan in SAFE MODE that the worm was revealed
-
whats the best software to use to scan your PC.
-
whats the best software to use to scan your PC.
Hitman Pro in my opinion
-
Scanning now.
Thanks Ger.
-
other steps people might want to take (they all sound pretty obvious in hindsight but wouldn"t have occurred to me before yesterday). create a new email address for facebook use only - that way if anyone does get hold of it it won"t link them to anything else useful). for anything important (paypal, poker sites etc) use a gmail address with 2 step verification set up so that you can only log into your account using a code sent to your phone. Similar can be done on facebook.
-
And again. Facebook hacked at 9.24am this morning. Seems to be happening from Poland
-
And again. Facebook hacked at 9.24am this morning. Seems to be happening from Poland
:(
did you set up login approval George? just wondering if they can bypass that.
-
Full scan done ( I do it everymonth) and look fine. Security is with mcavee, renewed at £41.40.
Without sounding stupid- gmail- googlemail?
So it is Facebook that is the issue? On the https.
Email? Yahoo - don"t change password.
Internet-I do use IE.
-
Mine appears to have been a brute force crack of a weak password (hotmail and xboxlive etc). It sounds like most of the others ITT are accounts that were hacked by a trojan keylogger.
-
Where are they getting the email addresses from ? Has an APAT account been hacked and getting our emails from that ? Is there a issue with the APAT Facebook page ? Going to remove APAT from my Facebook until we know more.
-
huh? there"s no suggestion the problems emanated from APAT, or any other of the several online communities that link the various people in this thread
-
Think about it logically, just because a few APAT/Blonde people have been hacked will not point to it being a forum related problem. We are all friends with people who post on numerous forums and if any one of our friends on facebook have been hacked then the list of the hacked persons friends email addys will be available to the hacker. Changing passwords periodically (and making them "strong") and scanning regularly will of course reduce the risk of infection from whatever source significantly.
If you use Gmail activate the two step security login and apply application specific passwords to all your mobile apps that access gmail.
-
And don"t ever answer those seemingly harmless questions that do the rounds on forums/facebook etc, like: What is your pornstar name? (name of first pet, mother"s maiden name). That"s a phishers paradise! :D
-
Where are they getting the email addresses from ? Has an APAT account been hacked and getting our emails from that ? Is there a issue with the APAT Facebook page ? Going to remove APAT from my Facebook until we know more.
I"d be more inclined to remove anyone from your friends list that you don"t actually know. Plenty of times I"ve accepted a request purely because we had mutual friends in common. That may be a mistake. Very likely the rougue is coming from facebook after thinking back.
The email addy I"ve listed on FB is my "junk" mail account. I use it when I"m concerned I"ll be hit with spam by signing up to a site. I also used it a couple of years ago to sign a non-techy friend up to Poker Stars so she could play "play chip" sit n go"s and freerolls.
I"ve just remembered an email I received from Stars a few weeks ago regarding that friend"s account. It said we"d requested a password change for the account and I was to click on a link to complete this. I didn"t click on it obviously and I didn"t bother the friend with it because she was dealing with a death in their family. Haven"t heard anything since and thought no more of it until these threads popped up.
APAT isn"t the common denominator by everyone. Neither is blonde. Facebook is the one thing we all have in common.
-
The other is Pokerstars, just a shot from the hip, but has anyone been locked out of any other poker site?
-
This has nothing to do with APAT. I saw one of the Chatta brothers post about it on FB earlier and they have no link with APAT. Also, my accounts are unaffected thankfully.
-
This has nothing to do with APAT. I saw one of the Chatta brothers post about it on FB earlier and they have no link with APAT. Also, my accounts are unaffected thankfully.
Have to agree, read up loads on different forums last night , and seems that Pokerstars is main link , with facebook a close second , check out facebook account settings > secuirity > Active Sessions and check out if there are any strange log ins , also many other options to tweak here.
-
This has nothing to do with APAT. I saw one of the Chatta brothers post about it on FB earlier and they have no link with APAT. Also, my accounts are unaffected thankfully.
Have to agree, read up loads on different forums last night , and seems that Pokerstars is main link , with facebook a close second , check out facebook account settings > secuirity > Active Sessions and check out if there are any strange log ins , also many other options to tweak here.
I think the pokerstars connection is a red herring.
Whoever"s doing it knows enough to try and take advantage of the Stars account - but I think the only reason why it connects everyone is because everyone has a Stars account.
-
This has nothing to do with APAT. I saw one of the Chatta brothers post about it on FB earlier and they have no link with APAT. Also, my accounts are unaffected thankfully.
Have to agree, read up loads on different forums last night , and seems that Pokerstars is main link , with facebook a close second , check out facebook account settings > secuirity > Active Sessions and check out if there are any strange log ins , also many other options to tweak here.
I think the pokerstars connection is a red herring.
Whoever"s doing it knows enough to try and take advantage of the Stars account - but I think the only reason why it connects everyone is because everyone has a Stars account.
fair point Jon
-
After spending all day yesterday changing passwords and doing scans on pc, wake up today and have been hacked again!! Spent £35 on new malware software sigh... So cant get in my Facebook as been hacked, Emma tells me i have new friends!!! Im really sorry guys DO NOT ACCEPT ANY FRIENDS REQUESTS FROM ME AS ITS THE HACKER!! So far 6 new people was added and i believe they are all APAT members so it looks like we are being targeted on FB. If a mutal friend can warn the following people to remove themselves from my FB friends list hopefully they also wont be affected... new additions added last night are..
Stuart Ward.
Jay Horne
Mary Kivlin Martin
Dave Green
Gerry Thomas
Michael Lacey
Apologies to these ppl it was out of my control :(
-
After spending all day yesterday changing passwords and doing scans on pc, wake up today and have been hacked again!! Spent £35 on new malware software sigh... So cant get in my Facebook as been hacked, Emma tells me i have new friends!!! Im really sorry guys DO NOT ACCEPT ANY FRIENDS REQUESTS FROM ME AS ITS THE HACKER!! So far 6 new people was added and i believe they are all APAT members so it looks like we are being targeted on FB. If a mutal friend can warn the following people to remove themselves from my FB friends list hopefully they also wont be affected... new additions added last night are..
Stuart Ward.
Jay Horne
Mary Kivlin Martin
Dave Green
Gerry Thomas
Michael Lacey
Apologies to these ppl it was out of my control :(
Wish i had read this first , i had accepted carl , will remove now
-
Have forwarded the messsage to Mary and the others i have managed to find on FB only one i cant find is Dave Green
Gerry
-
Have forwarded the messsage to Mary and the others i have managed to find on FB only one i cant find is Dave Green
Gerry
Thanks Gerry..really sorry have only just regained control over my FB account.. so far i have had a dozen new friends added that i dont know personally.. all added have mutal friends that are poker players.. getting ridic not alot i can do, so frustrating.. apologies again to you and any other APAT members who get requests >:( >:( >:( >:( >:(
-
Have forwarded the messsage to Mary and the others i have managed to find on FB only one i cant find is Dave Green
Gerry
Thanks Gerry..really sorry have only just regained control over my FB account.. so far i have had a dozen new friends added that i dont know personally.. all added have mutal friends that are poker players.. getting ridic not alot i can do, so frustrating.. apologies again to you and any other APAT members who get requests >:( >:( >:( >:( >:(
No worries Carl , is very strange , and i cant see how they can hack from adding a friend , but maybe there are ways am changing FB password as a precaution anyway
-
just got a friends request now from Stuart Ward.
If you read this appoligies but not going to take any APATERS till this is sorted
just to be safe
-
I really think that accepting a friends request is not the problem - michievious malarky
clicking on a link from that hacked FB account is, but that is true of any suspicious link.
-
I really think that accepting a friends request is not the problem - michievious malarky
clicking on a link from that hacked FB account is, but that is true of any suspicious link.
Have to agree , thats why i couldnt work out why they were adding friends , for what benefit to a hacker? other than gaining info on a person maybe and there FB email address
-
just got a friends request now from Stuart Ward.
If you read this appoligies but not going to take any APATERS till this is sorted
just to be safe
sigh, not overly sure i have sent any friends requests....
scanning go
-
ok used that hitman pro thing ger recommended, found some tracking cookies, but nothing else
-
Pretty nasty story and hope all of you will solute this problem soon.
Maybe another approach: Anybody customer on sharksope.com? I"d read that the site was affected these days by a trojan named Trojan.Gen.2. This trojan seems to be a drive-by-download (Computercode) and is a software-bug which use browers. I"m not a specialist in this things but maybe it will help. Good luck and nevertheless a good New Year"s Eve to all of you !
http://safeweb.norton.com/report/show?url=http:%2F%2Fwww.sharkscope.com%2FSharkScope%2FUserLookUp%3FUserNamesCategory=X~%257C%257C~SHARKSCOPE~%257C%257C~XA~%257C%257C~SHARKSCOPE~%257C%257C~XAM~%257C%257C~SHARKSCOPE~%257C%257C~XAMM%26ShowUserNames=false~%257C%257C~SHARKSCOPE~%257C%257C~false~%257C&ulang=eng
-
I really think that accepting a friends request is not the problem - michievious malarky
clicking on a link from that hacked FB account is, but that is true of any suspicious link.
Dunno if you want to warn junior mate he accepted request today that I never sent.
-
What are Facebook saying? Sounds like there are serious issues there.
-
I really think that accepting a friends request is not the problem - michievious malarky
clicking on a link from that hacked FB account is, but that is true of any suspicious link.
Dunno if you want to warn junior mate he accepted request today that I never sent.
No problems Carl, IMO accepting friends is not a problem - clicking on links from people is - but then that is an everyday consideration anyway.
Usual security precautions that you employ (or should) while on line should keep you safe. We run the risk of rampant paranoia here. Hackers are a fact of life and sensible actions reduce the risk of infection. Strong passwords that are different on every site is a must (you can get encrypted software that stores them for you).
If your facebook keeps getting battered check
Account settings>Security>active sessions>edit and deactivate all sessions that are not your current one.
Edit: Oh and when you change your passwords choose a random word from an email or something and cut and paste it into the new password field - stops key loggers picking it up. However if you still have not found the trojan you might have to consider wiping your disk and reloading from scratch...........
-
Whoever has hold of Carl"s account is sending out friend requests to everyone on my friend list at the minute. Family in America getting them too. No odds to us as they"ve all been told to just decline it, but thought ye might want to know so you can keep an eye on non-poker playing people who wouldn"t know what was going on.
Until it"s all been sorted, I"ve hidden my friend and family lists from everyone except family.
-
He"s a friend of mine but the person at his account isn"t him. They"re looking for your email address for a start to see if it"s something they can hack into. From there, they"re hoping you"ve an account on Poker Stars they can get hold of. With that, they try to gain access to your online payment methods and then having a field day spending.
Think this hits the nail on the head here Dawn
-
I"ve just had a Friends request from Carl and moments later, a "Forgot User ID" from PokerStars Support.
Prob doesn"t help matters but thought I would let it be known.
-
To some of you guys who have had problems with PokerStars accounts, there is an option within Cashier > Fast Deposit options. Fast deposit can be turned off and an option to "Remove this stored deposit information" exists bottom right of same window. I suggest Carl and any others select this. I just did.
-
I"ve just had a Friends request from Carl and moments later, a "Forgot User ID" from PokerStars Support.
Prob doesn"t help matters but thought I would let it be known.
I have contacted FB and have asked them to decline any friend requests sent this was a couple of hours ago.. So hopefully no more will be accepted
-
FYI, as someone who removes viruses from PCs / laptops for a living, I"m willing to share with you all a couple of "tools of the trade".
MalwareBytes and SuperAntiSpyware are the best after-the-event Anti-Virus scanning tools. Both are available to download and are installed automatically from this link (http://ninite.com/malwarebytes-super)
Best real-time Anti-Virus softwares in our professional opinions are F-Secure Internet Security and ESET NOD32. Both are paid-for solutions but well worth the money. I would advise everyone avoid AVG Free, AVG paid-for versions, anything McAfee and Norton related.
-
Cheers for that Neil, advice taken and acted on......
-
paranoid full set in recently over this - maybe not a bad thing -
HAD -
monthly full scan setup
FB on https server
email (YH) password, but not overly strong
Poker Stars account
NOW -
monthly full scan setup (done a couple of days and all fine)
weekly smaller scan
FB on https server
FB with security to log in unregoniszed devices
FB removed friends with Carl and Claire (for now)
Gmail account with 2 step set up
Poker Stars account email switched to Gmail and verfication set up
Poker Stars Cashier fast option off
Poker Stars Fast option Removed
Oh and a headache ::)
-
Update since my OP
Pokerstars have been in touch to advise me that the hacker has spent 3-4 days playing on my now empty account. They have advised that my funds are under investigation, because the hacker might have chip dumped to another player. This is a possible avenue but not to get my hopes up, because if there is no dumping there is no recourse on Pokerstars as we as players are resposible for our own security. Seemingly it"s in their T&C"s.
Must admit. well p*** o** as they blocked my account, but let the hacker play during this period!
I know Lucky is the IT whizz kid, but for anyone out there that has Norton, after scanning normally my computer was showing only tracking cookies. Only when I did the scan in safe mode was the worm revealed. The worm was.
btmailcontrol1013(1).cab
This was quarantined afetr the safe mode scan. Those of you that aren"t whizz kids, reboot and hold down F8 during the operation. Then select safe mode and do a full scan.
After 5 years of playing online I have now lost confidence, what with FT, and now Pokerstars, and now some ars******
losing my funds. I think I will stick to live play, at least unless you get mugged on the way home, it"s miles safer.
GL all
Foggy
-
I have to say the customer service i"ve received from stars has been exceptional. I informed them of the situation and the bogus emails i"d received from the hacker on the same day. Security then contacted me within a few hours to arrange a convenient time to telephone me to discuss the situation. They explained that my account would remain frozen until they had a) investigated the activity on my account since it had been hacked and b) that i could satisfy them that my computer was secure and that my account could not be compromised again. They asked me to set up a new email account and to contact them from there attaching proof of identity, which i did yesterday morning. They telephoned me again this evening saying that my account was now ready to be reinstated to me, with the same balance as before i got hacked. I just now need to log on with a new password they have issued to me, set a pin number up, and then they"ll reactivate playing and transfer privileges on thr account (which currently remain frozen). Can"t say fairer than that imo.
-
Buy a security token from the fpp shop. Well worth it
-
Clare
Was there any money missing at any time?
-
ok done scans with the stuff reccomended by neil too, found nothing on my laptop. officially confused!!
-
I had a PM from Carl this morning and it prompted me to post again.
I think many are getting a bit paranoid about their own setups here ... and I might not have helped too much with my post at the top of this page. I will post some tips for users to follow if they so wish but please give more consideration to the next couple of paragraphs about FB and other large "suppliers". Please also understand I do not claim to be a "whizz kid" and have no definite answers here - these are just my opinions based on the experiences and knowledge I have gained in the past 15 years working in the IT industry.
Facebook is hacked REGULARLY and it remains one of the biggest targets for hackers. Some of you may remember reading news articles that personal pics of Mark Zuckerberg (Facebook CEO) appeared in plain view due to a coding error within the Facebook structure just a couple of months back.
Despite your best practices regarding your passwords, if there are security "holes" on Facebook servers, getting passwords is the easy bit. In the recent past the CIA, Google, Facebook and Microsoft have all been subject to a number of attacks that have made the news so I wouldn"t get too hung up on your own PC problems. If Blue Chips companies with their $Billions / year IT infrastructures can get breached, imagine how easy it is for the same person / team of hackers to infiltrate your itty bitty PC and how much less profitable it is for them to target YOU alone. On that thought, it is likely Foggy, Clare, Carl are only three of THOUSANDS who are having similar problems and that it is not security issues on their own PCs that are to blame here. Sure, if they use the same USERNAMES and PASSWORDS for all accounts (PokerStars and Facebook for example), then it will certainly have made them easier targets.
Advice section;
Yes it is best to use real-time Anti-Virus and Firewall softwares - ESET Smart Security 5 and F-Secure Internet Security 2012 the ones I recommend - but even they are not completely infallible. Users will disable firewalls to file-share, users will click on bogus emails from "PayPal", "UPS", "FedEx" or "Barclays Bank" and "Allow" the program to run infecting their systems. I just urge you all to use a bit of EXTRA common sense and yes, a little bit of paranoia when facing such. And encourage your kids who DO just bish-bash around the internet without much care and attention (WTF not, they don"t have to pay for the IT engineer!) to do so too. The parental controls within F-Secure Internet Security are effective, easy to configure and prevent a lot of the bad things I see. Please be aware that 8 year old boys WILL type "big boobs" into Google at some point so you taking control as a parent IS worthwhile!
[UPDATED] Good passwords should be 8 characters long and contain uPPeR and LoWer case characters, at least one number and one symbol. Using a % * or ^ adds that little bit more to a password and should stop folk ever being able to "guess" it. Some people have found it useful for me to supply one for them to customise so here you go;
WekD-u.9
Another good practice on your own computing is to keep Windows up to date. The Windows Updates on your PCs / laptops are "pushed" to you for a reason. Many are security updates and although they are generally perceived to slow your system down (and yes, many have caused systems to crash, other softwares to stop working etc.), they are worth "taking the risk" on.
To check your own systems; click Start > right click on Computer (My Computer for XP users) > left click Properties
(http://www.itw4.co.uk/images/support/neil_home_system.png)
Windows XP users should be up to date to "Service Pack 3"
Windows Vista users should be up to date to "Service Pack 2"
Windows 7 (32 and 64 bit) users should be up to date to "Service Pack 1"
If you are missing any of these, the Service Packs themselves can be downloaded using "Windows Updates" (Start > Control Panel) or from www.softwarepatch.com (http://www.softwarepatch.com/windows/index.html) - THIS IS A FREE SITE and as such, it contains adverts wanting you to click on other downloads. PLEASE BE CAREFUL to read the pages properly and to scroll down if you have to - don"t just click on the first "download now" link you see.
XP and Vista users may be required to download more than one service pack and each may take around 1 hour to download and another hour to install each.
FINALLY, installing and running too many anti-virus / anti-malware / anti-spyware scanning tools can do you more harm than good. Your PC will slow down as a result of 4 / 5 softwares all taking time to scan the same thing and connection issues can appear as many will attempt to "block" network connections. I urge you all to remove all but your Internet Security software (assuming you are using a proper paid-for one), including the MalwareBytes and SuperAntiSpyware if you have scanned your system and are happy that you are clean. Although decent, the primary function of many of them to scan your system with after-the-event (when you suspect you have a virus) but are more of a hindrance if left on a system. SpyBot, Ad-Aware, Spyware Doctor, HitMan Pro etc. are other ones many of you will have found and installed as a result of this thread.
I am not planning on doing any more "work" until 4th January but if anyone has SERIOUS and URGENT issues on their PCs (business PCs etc.) and would like support, I can arrange "Remote Control" sessions tonight and tomorrow. Initial inspections will be free of charge and any additional work will be quoted for.
If anyone would like information on me / ITW4 (my company) (http://www.itw4.co.uk), a list of our services can be found at www.itw4.co.uk (http://www.itw4.co.uk/it-services.shtml)
Neil Dawson
-
Great post Neil.
Very, very good advice.
Oh, and if anyone needs any business, finance or accountancy consultancy, then I"m your man.
Unlike Neil, I charge from day one, but I"m worth it. ;D
-
Many thanks for your outstanding contribution here Neil.
-
Many thanks for your outstanding contribution here Neil.
Yes many thanks Neil, great advice i am running a couple of programs at the same time Emsisoft Anti malware Emsisoft Online Armor firewall and Stopzilla.. think i need to turn off Stopzilla?.. Both are fully paid.
Regards Carl
-
I"m not aware of Emsisoft"s offerings or StopZilla so I"d be hesitant to advise you to turn anything off. If it"s working for you - if you have booted into Safe Mode as per Foggy"s advice, scanned your system using the tools I recommended and all is clear - you probably don"t need to do anything further.
When your Emsisoft subscriptions come up for renewal, consider ESET Smart Security 5 as mentioned above and which I"ve just found out now comes with a Parental Control. I have never set up the Parental Control as we usually only recommend ESET Anti-Virus 5 for business users with servers - our normal kind of client - but this should help anyone wishing to investigate this further - hw to configure Parental Control in ESET Smart Security 5 (http://go.eset.com/us/resources/training/ess5_parentalcontrol_enu/player.html)
-
Good passwords should be 8 characters long and contain uPPeR and LoWer case characters, at least one number and one symbol. Using a % * or ^ adds that little bit more to a password and should stop folk ever being able to "guess" it.
I"m not an IT expert, but I read somewhere recently that most of us have been taught to choose passwords that are easy for a program to break but difficult for a human to remember, whereas we should be choosing ones that are easy to remember and difficult for a program to break. A program doesn"t care whether the digits are letters, numbers or symbols - they are all just another possible digit to be tried and an 8-digit password of any type an be cracked in a short time, whereas a 30-digit one would take squillions of years longer (or something like that). The article suggested that running a few easy-to-remember words together was way more effective, ie SOLENTPOKERCLUB is far superior to BCPC**00. I"ll leave to the experts to confirm or not.
In keeping with this thread, if anyone needs a mobile nail technician, etc.............
-
Good passwords should be 8 characters long and contain uPPeR and LoWer case characters, at least one number and one symbol. Using a % * or ^ adds that little bit more to a password and should stop folk ever being able to "guess" it.
I"m not an IT expert, but I read somewhere recently that most of us have been taught to choose passwords that are easy for a program to break but difficult for a human to remember, whereas we should be choosing ones that are easy to remember and difficult for a program to break. A program doesn"t care whether the digits are letters, numbers or symbols - they are all just another possible digit to be tried and an 8-digit password of any type an be cracked in a short time, whereas a 30-digit one would take squillions of years longer (or something like that). The article suggested that running a few easy-to-remember words together was way more effective, ie SOLENTPOKERCLUB is far superior to BCPC**00. I"ll leave to the experts to confirm or not.
In keeping with this thread, if anyone needs a mobile nail technician, etc.............
It depends if it"s a program trying to break it or a person.
Most people"s passwords are so poor that people only need to look around online to find their details and try different combinations of thing"s connected to them.
-
Not that it needs me to convince anyone but I can say that Neil built my pc 3 years ago and it"s still running like new*.
*I really hope this is not a self bok post.
-
Update.. today is the first day since I was hacked that I have not had to change passwords on FB and email.. ( obv bok lol).. Dunno if this is cos they where out celebrating the new year or what.. Although I have received a dozen or so emails from PcGameSupply.com that they had received orders for loads more UKash vouchers, fortunately all these orders where declined.. Paypal and credit card still have pending transactions from hacker but I"m covered with the fraud protection so not to worried..
So after my recent scans the only malware threats where from Pacific poker hmmmm so i has to uninstall 888. Com.
Now I can"t reload software!! So thought I would try quick play through browser.. Yesterday no problems was able to log in.. Today I try and get a message saying I need to install the new version of adobe flash player, no problem I click on link, then my malware software Emsisoft goes mad telling me not to install as it contains a virus and will put my pc at risk. The message explains there is a virus that can infect your pc with a backdoor Trojan and is a high risk and not to allow by any means.
This is so frustrating dont want to risk another virus attack, but I have never had problems ( all though this is what I think) before with 888.. I have to believe the software as the deep scan I did brought up only faults with Pacific poker..
Any ideas Neil? Or anyone else who might have a clue.. Remember your talking to a complete techno phobe lol I couldn"t even get the Vista sp2 update to install asked me to download another update from windows which had a hot fix kb947821 thingy ma jig that wouldn"t install lol grrrr
Frustrated.com
-
Logged onto Carl"s laptop now to try to resolve ... MalwareBytes running in Safe Mode has found 1 malicious software that his Emsisoft AV obv hasn"t detected.
-
Just been informed that someone changed my password on Facebook yesterday morning >:(
-
Logged onto Carl"s laptop now to try to resolve ... MalwareBytes running in Safe Mode has found 1 malicious software that his Emsisoft AV obv hasn"t detected.
The forum that keeps giving - Neil you are a star :)
-
Just been informed that someone changed my password on Facebook yesterday morning >:(
+ my hotmail now not recognised either!!! WTF?
-
Logged onto Carl"s laptop now to try to resolve ... MalwareBytes running in Safe Mode has found 1 malicious software that his Emsisoft AV obv hasn"t detected.
Neil is my hero end of!
-
Logged onto Carl"s laptop now to try to resolve ... MalwareBytes running in Safe Mode has found 1 malicious software that his Emsisoft AV obv hasn"t detected.
The forum that keeps giving - Neil you are a star :)
Ger sums it up APAT has been blessed with nice people who are willing to help others :)
-
Logged onto Carl"s laptop now to try to resolve ... MalwareBytes running in Safe Mode has found 1 malicious software that his Emsisoft AV obv hasn"t detected.
... and ESET Online Virus Scanner also running in Safe Mode on Carl"s laptop has found an additional 11 infected files. The scanning continues ...
-
Clare
Was there any money missing at any time?
no. a bit different in my case i guess as the hacker spun my $13 up to $110 before they froze the account, and didn"t appear to try to transfer any of it anywhere. Presume they"ve divvied what he won up between the other people in the games.
just got my account back, let"s see if i can do as well :)
-
on a less positive note, it appears someone accessed my email account and changed the password again last night from an IP address that appears to be in Iceland (although realise that"s pretty much irrelevant). Have transferred everything over to several new gmail email addy"s all set up for 2 step verification and left nothing in the old account.
-
My response to a PM from Claire moments ago ...
Assuming you have a 32Bit version of Windows (please check by Start > right click Computer > Properties), I have uploaded a free trial version of the ESET AV4 software for you to my server - see
http://www.itw4.co.uk/eset/eav4_nt32_enu.msi (http://www.itw4.co.uk/eset/eav4_nt32_enu.msi)
Save it to your desktop (or somewhere easy to find) and install it normally. I would advise that you get rid of anything else Anti-Malware and Anti-Spyware related first though as it may cause problems with the installation.
Anyone can feel free to take advantage of this offer if you want to try a proper paid-for AntiVirus software.
If anyone wants a free trial version of ESET AV5 (I would not recommend the Smart Security for novice users as it can be fiddly to configure), get them here http://eset.co.uk/Download/Software/Product/EAVH
-
Just been informed that someone changed my password on Facebook yesterday morning >:(
+ my hotmail now not recognised either!!! WTF?
Sorry your troubled Grant, nut welcome to the party
-
Just been informed that someone changed my password on Facebook yesterday morning >:(
+ my hotmail now not recognised either!!! WTF?
Sorry your troubled Grant, nut welcome to the party
FWIW someone has definitely been on my Facebook and messaged very childish rude stuff to one of my friends. I"ve now reset my passwords for Facebook and Hotmail but will download Neil"s scanner when I get home after work as Avast picked up 2 virus programmes on my PC last night. Well done to Neil, a star as always 8)
-
There don"t seem to be any infected files on my computer.
The security on sky email really is a joke though. I won"t go into detail here, but it really is very easy to get hold of someone"s sky account with just a few details that aren"t very personal, and probably quite easily obtainable. Anyone that has an email account with them, I would advise dumping.
-
Being a complete technophobe watching Neil doing his thing was a real eye opener!!
He removed so much junk from my pc freeing up space and removing harmful threats etc.. I can"t thank him enough, a true gent willing to help out as a pure favour considering we have never met or chatted before a really nice gesture.. I owe him a few beers if we ever meet at a APAT event..
www.notfrustratedanymore.com. :)
-
Sorry to reach this thread a little late, but I too had a hacking attack on 23rd Dec and I am almost out of the woods now.
Reason for posting is that I wanted to confirm that hacking problems arn"t just confined to the Windows world, I"m a Mac user and had my FB, hotmail, gmail and stars account done over. I had a tug of war with the hacking program / users which got particularly interesting after I changed all my verification details from another computer and they still got in.
Stars were very good, they were the ones who advised me of the hack. Even after the hacker had confirmed that everything was ok, they suspended the account and only after a thorough grilling over the phone as to my poker habits did they reinstate me.
-
....and only after a thorough grilling over the phone as to my poker habits did they reinstate me.
Bet that was an interesting conversation.... "I play poker, I lose. I reload. I play poker, I lose. I reload...." ;) ;D
-
Reason for posting is that I wanted to confirm that hacking problems aren"t just confined to the Windows world, I"m a Mac user and had my FB, hotmail, gmail and stars account done over.
I think many are getting a bit paranoid about their own setups here ...
Facebook is hacked REGULARLY and it remains one of the biggest targets for hackers. Some of you may remember reading news articles that personal pics of Mark Zuckerberg (Facebook CEO) appeared in plain view due to a coding error within the Facebook structure just a couple of months back.
Despite your best practices regarding your passwords, if there are security "holes" on Facebook servers, getting passwords is the easy bit. In the recent past the CIA, Google, Facebook and Microsoft have all been subject to a number of attacks that have made the news so I wouldn"t get too hung up on your own PC problems. If Blue Chips companies with their $Billions / year IT infrastructures can get breached, imagine how easy it is for the same person / team of hackers to infiltrate your itty bitty PC and how much less profitable it is for them to target YOU alone.
-
Good passwords should be 8 characters long and contain uPPeR and LoWer case characters, at least one number and one symbol. Using a % * or ^ adds that little bit more to a password and should stop folk ever being able to "guess" it.
I"m not an IT expert, but I read somewhere recently that most of us have been taught to choose passwords that are easy for a program to break but difficult for a human to remember, whereas we should be choosing ones that are easy to remember and difficult for a program to break. A program doesn"t care whether the digits are letters, numbers or symbols - they are all just another possible digit to be tried and an 8-digit password of any type an be cracked in a short time, whereas a 30-digit one would take squillions of years longer (or something like that). The article suggested that running a few easy-to-remember words together was way more effective, ie SOLENTPOKERCLUB is far superior to BCPC**00. I"ll leave to the experts to confirm or not.
In keeping with this thread, if anyone needs a mobile nail technician, etc.............
This was in the recent copy of the BCS Mag ITNow - read the same article. Of course the key is your e-mail account as you often have any account reset sent there......along with all your emails that tells poeple where you shop, gamble, etc....
Also I"m a consultant Business Analyst / Project Manager
-
http://www.bbc.co.uk/news/technology-16426824 (http://www.bbc.co.uk/news/technology-16426824)
A computer worm has stolen 45,000 login credentials from Facebook, security experts have warned.
The data is believed to have been taken largely from Facebook accounts in the UK and France, according to security firm Seculert.
The culprit is a well-known piece of malware - dubbed Ramnit - which has been around since April 2010 and has previously stolen banking details.
Facebook told the BBC that it was looking into the issue.
The latest iteration of the worm was discovered in the labs of security firm Seculert.
"We suspect that the attackers behind Ramnit are using the stolen credentials to login to victims" Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware"s spread even further," said the researchers on the firm"s blog.
"In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services to gain remote access to corporate networks," it added.
"Viral power"
Social networks offer rich pickings for hackers because of the huge amount of personal data that is stored on them. Increasingly malware is being updated for the social networking age.
"It appears that sophisticated hackers are now experimenting with replacing the old-school email worms with more up-to-date social network worms. As demonstrated by the 45,000 compromised Facebook subscribers, the viral power of social networks can be manipulated to cause considerable damage to individuals and institutions when it is in the wrong hands," said Seculert.
According to Seculert, 800,000 machines were infected with Ramnit from September to the end of December 2011.
Microsoft"s Malware Protection Center (MMPC) described Ramnit as "a multi-component malware family which infects Windows executable as well as HTML files... stealing sensitive information such as stored FTP credentials and browser cookies".
In July 2011 a Symantec report estimated that Ramnit worm variants accounted for 17.3% of all new malicious software infections.
For Facebook users concerned that they have been affected by the worm, the advice is to run anti-virus software.
"It won"t necessarily be obvious that you have been attacked. The worm is stealing passwords so it is not going to announce itself," said Graham Cluley, senior security consultant at Sophos.
-
slightly concerned that both times I"ve tried to log onto my online banking since this happened I"ve had to enter my password and security code several times (correctly) before they were recognised and accepted. Should I be worried? If I ever log on to online banking from a new computer I get texted a code to use and so far I haven"t had anything to alert me that anyone has tried accessing it and there hasn"t been any unusual activity......
-
I would air your concerns to the bank immediately, also give them the information of your hacking problem!
I contacted the bank after my original hacking and cancelled my bank card, they have subsequently issued a new one.
Following the paypal transaction with Carl, the twats tried to transfer £250 into paypal, the bank stopped this immediately.
Apart from my loss at Pokerstars, I think that my security is better then ever, but I will be a lot more vigilant into doing anything online in the future.
-
One of my hotmail accounts got compromised, but it doesn"t look like it was the same sort of thing as the others.
This just looks like a brute force hack then they sent out dodgy spam to everyone in my address book, changed the details and running scans but it"s the account I use for general use so there"s not much on it regarding anything that needs to be kept secure.
-
One of my hotmail accounts got compromised, but it doesn"t look like it was the same sort of thing as the others.
This just looks like a brute force hack then they sent out dodgy spam to everyone in my address book, changed the details and running scans but it"s the account I use for general use so there"s not much on it regarding anything that needs to be kept secure.
I rarely use my hotmail account and noticed a while back (after an email from a friend) that it had been compromised. Even over this period of time they"d only sent spam. Nothing malicious so to speak.
-
One of my hotmail accounts got compromised, but it doesn"t look like it was the same sort of thing as the others.
This just looks like a brute force hack then they sent out dodgy spam to everyone in my address book, changed the details and running scans but it"s the account I use for general use so there"s not much on it regarding anything that needs to be kept secure.
I received an email from you last night advising me how to get better orgasms. Frankly, I was disappointed it was a hack. I thought I was finally going to learn the secret of the hat.
-
One of my hotmail accounts got compromised, but it doesn"t look like it was the same sort of thing as the others.
This just looks like a brute force hack then they sent out dodgy spam to everyone in my address book, changed the details and running scans but it"s the account I use for general use so there"s not much on it regarding anything that needs to be kept secure.
I received an email from you last night advising me how to get better orgasms. Frankly, I was disappointed it was a hack. I thought I was finally going to learn the secret of the hat.
Brilliant, just brilliant ;D
-
I received an email from you last night advising me how to get better orgasms.
Please forward.
-
I received an email from you last night advising me how to get better orgasms.
Please forward.
;D ;D
-
I received an email from you last night advising me how to get better orgasms.
Please forward.
I"ve tried, the secret"s just too goldarn"d BIG to leave my inbox...
-
Chuckle.... this thread is going "the wrong way"... :D :D :D :D :D
-
My hotmail was hacked, they then asked Pokerstars for a password reminder which was of course sent to hotmail. They were reading these emails and then deleting so I had no idea that this was going on. I hadn"t played on stars for a few months so hadn"t noticed this was situation.
They then used 5 stolen cards to credit my stars account over a few days, they then lost this money (presumably to someone else in on it).
I tried to sign on to Stars but password was invalid. Having contacted them they then told me what was going on. After more digging, it transpires that my hotmail had been accessed in various countries or was giving the impression that it had. I think Stars accept that it wasn"t me doing this and from a conversation it sounds like they have a lot of this going on at the moment. I also have the feeling that they had a good idea on how the hotmail was hacked, possibly that my hotmail password was the same or similar to a password that I used elsewhere. As a result I have changed the password on every site I use.
They did ask me to refund them the missing monies as my Stars account is effectively overdrawn. I politely declined and my main argument is that the activity was so obviously out of synch with my past behaviour on the account and that they should not have accepted credits from 5 different cards over a few days and that it was obviously dodgy. Haven"t heard any more but they won"t let me play on Stars again unless I repay them.
Thankfully only a few dollars lost, but went through a load of hassle.
-
hi all, its still happening, F/B hotmail paypal spreadex bank all done, F/B and paypal both gave me the chance to have a text alert when an unknown IP address was trying to log in to my acc,s twice last night somebody in the Nottingham area tried to log-in, on sunday opened e-mail from dust till dawn about free game, when i opened the link nothing was there, G/L all
-
http://www.highstakesdb.com/2767-daniel-negreanus-email-and-pokerstars-account-hacked.aspx
-
Think you wont get this much of a problem with Google Chrome/ Firefox.
Heard about this now, and i think the browser protection needs to be higher on IE, so Firefox or chrome!