Jtuk
Phoenix
Joined: Jan 22, 2012
Posts: 732
Location: Wales, UK
|
 Posted: Tue Apr 03, 2012 6:59 pm Post subject: |
 |
|
Has hotmail explained what this unauthorized access message is about? A screenshot of the message might give us some more clues.
Oh one other thought, have you got outlook or any other e-mail client setup to use hotmail from your computer? its possible it's got stuck with an old password, which keeps generating bad password attempts, It might be worth clearing any of this stuff off you kindle / laptop etc.
It's quite possible this is just hotmail going a bit nuts and nothing is really wrong.
Jason |
|
| Back to top |
|
CloudLayer
Deinonychus
Joined: Mar 28, 2012
Age: 26
Posts: 300
|
| Posted: Tue Apr 03, 2012 7:40 pm Post subject: |
|
|
Ok.
There are a few numbers on there I don't recognize. The random day in June's ones are below and they're different from almost all the rest, which are my own IP.
XXXXXXXXXXXXXXXXXXXXXXXXXX
Looked it up and it appears to be Comcast, my ISP's headquarters of some sort in Massachusetts. Not sure what they would be doing in my account but.
XXXXXXXXXXXXX <-- this is one of the last numbers and not sure if it's the number of helpcenter technician. They never answered my q asking if it was.
No, I've asked them repeatedly what the alert is about and they're being supremely unhelpful. Ignoring that q completely. I also cannot imagine that every of the unopened/reclosed emails I saw I imagined.. I don't know.
No, no outlook, can't even get into that to start it for some reason. Not sure if gmail does that? Set up a gmail acct a couple months ago but never did anything with it and pretty sure I don't link it to hotmail. Also weird alerts before setting up gmail.
I don't get bad passsword attempts, that's the thing. I have had very little problem getting into my acct, but these frequent error msgs, what I can only think are tampered-w personal emails, and just general suspicion. I don't know.
I guess no way to find out if a keylog is running on my machine? I do remember somehow by mistake bringing up a list of my passwords for all sites in a little grey box, not sure how I got that appear, def. didn't do it on purpose, not sure it was related.
Thank you for your help Jtuk and nat (Joel McHale). Prob. not much to be done huh. I appreciate all the thinking-through help though.
Last edited by CloudLayer on Tue Apr 03, 2012 8:27 pm; edited 1 time in total |
|
| Back to top |
|
CloudLayer
Deinonychus
Joined: Mar 28, 2012
Age: 26
Posts: 300
|
| Posted: Tue Apr 03, 2012 7:52 pm Post subject: |
|
|
I do wonder though, if someone follows instructions likethis or similar (maybe not this exact way)
XXXXXXXXXXXXX
would it make it so their IP wouldn't show up but they could still see some of my private activity?
I suspect someone with at LEAST moderate hacking skill did this.
Last edited by CloudLayer on Tue Apr 03, 2012 8:27 pm; edited 1 time in total |
|
| Back to top |
|
nat4200
Phoenix
![]()
Joined: Jan 11, 2011
Posts: 704
Location: BANNED
|
| Posted: Tue Apr 03, 2012 7:57 pm Post subject: |
|
|
Redacted
Last edited by nat4200 on Sat Apr 21, 2012 3:06 am; edited 3 times in total |
|
| Back to top |
|
nat4200
Phoenix
![]()
Joined: Jan 11, 2011
Posts: 704
Location: BANNED
|
| Posted: Tue Apr 03, 2012 8:02 pm Post subject: |
|
|
Redacted
Last edited by nat4200 on Sat Apr 21, 2012 3:07 am; edited 1 time in total |
|
| Back to top |
|
CloudLayer
Deinonychus
Joined: Mar 28, 2012
Age: 26
Posts: 300
|
| Posted: Tue Apr 03, 2012 8:42 pm Post subject: |
|
|
Oh, okay, thank you.
Links and IP numbers deleted.
The site gives step-by-step instructions/screenshots about using this thing.
nameofthing it is an open source penetration testing framework, used for developing and executing attacks against target systems. It has a huge database of exploits, also it can be used to write our own 0-day exploits.
nameofthing ANTI FORENSICS:
nameofthing has a "great" collection of tools for anti forensics, making the forensic analysis of the compromised computer little difficult. They are released as a part of [a specific thing, gives download to one]
Later on: file is created which establishes a remote connection between the victim and hacker, using the meterpreter payload.
(hacker's IP typed into code with target IP)
This all sounds way too complicated honestly, it itself says it's advanced, but I know nothing about who would be prone to use what technique.
I am asking about this because I am trying to get rid of the extreme paranoia that I've had surrounding my suspicion. I am not a paranoid person in general, I'm if anything too loose with my info and not prone to getting upset if there appears to be a virus in my mail or whatever, but the signs in this case are just too weird and I can't for the life of me figure out if there's been a hacking or not. Just unending + growing paranoia from this recent thing. |
|
| Back to top |
|
nat4200
Phoenix
![]()
Joined: Jan 11, 2011
Posts: 704
Location: BANNED
|
| Posted: Tue Apr 03, 2012 8:59 pm Post subject: |
|
|
Redacted
Last edited by nat4200 on Sat Apr 21, 2012 3:06 am; edited 1 time in total |
|
| Back to top |
|
CloudLayer
Deinonychus
Joined: Mar 28, 2012
Age: 26
Posts: 300
|
| Posted: Tue Apr 03, 2012 9:05 pm Post subject: |
|
|
| Ah ok, gotcha. Thank you very much. Much appreciated. I have a worried feeling I might not figure out what has gone on which is unpleasant to say the least. But very glad to have had an opinion on the matter. |
|
| Back to top |
|
|
|
