advertisement
Forums

The Forum is sponsored by 
 

AAPL stock: Click Here

You are currently viewing the Tips and Deals forum
f&&^(ing hell i was hacked!
Posted by: mattkime
Date: February 08, 2016 08:48AM
i'm still not sure how this happened and currently in the process of locking things down.

i woke up to find my mouse difficult to move and something about Finish Line GCs up on the screen. after some command-w action i had control again. initially i thought this was another cat on keyboard incident but now its clearly something more sinister.

looks like someone got several grand in gcs through paypal. browser history revealed that they also loaded my account up with amazon credit.

i'm going to need to lock my machine down from external entry points - not that there were any i was actively using. i suspect they had some sort of remote access to my mac and therefore had access to my email. they may be watching what i do at the moment.

any info fellow forumites know about this sort of thing would be very helpful.



Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: Speedy
Date: February 08, 2016 08:51AM
Which Mac OS? And check with your online bank and credit cards using something other than your Mac. Sorry this happened to you.



Saint Cloud, Minnesota, where the weather is wonderful even when it isn't.



Edited 2 time(s). Last edit at 02/08/2016 08:53AM by Speedy.
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: mattkime
Date: February 08, 2016 08:52AM
10.11.3



Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: C(-)ris
Date: February 08, 2016 08:58AM
Unplug the damn machine from the network and stop posting here from it.

I'm going to hazard a rough guess based off nothing and say that you have Back To My Mac enabled and the hackers figured out your iCloud address and password. Or if for some reason you enabled or installed VNC or Teamviewer, etc.



C(-)ris
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Throwback Thursday Signature:




Edited 1 time(s). Last edit at 02/08/2016 09:01AM by C(-)ris.
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: vision63
Date: February 08, 2016 09:26AM
I hope GCS' isn't money.
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: billb
Date: February 08, 2016 09:30AM
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: Ken Sp.
Date: February 08, 2016 10:41AM
Don't forget Chrome has the ability for screen sharing via and extension like TeamViewer.
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: mattkime
Date: February 08, 2016 10:49AM
Quote
C(-)ris
Unplug the damn machine from the network and stop posting here from it.

I'm going to hazard a rough guess based off nothing and say that you have Back To My Mac enabled and the hackers figured out your iCloud address and password. Or if for some reason you enabled or installed VNC or Teamviewer, etc.

looks like it was icloud.

changed my icloud password and turned off back to my mac. took a couple of tries, strangely enough. i think i'm in the "clear"

damage done -

a bunch of amazon credit was added to my account. i'm not sure why. looks like they might have attempted making purchases - maybe under someone else's account? i'm not sure. i'm going by browser history. purchased a number of Finish Line gift cards via ebay with paypal. i'm not sure how that went through. looks like ebay is going to take their good time processing this.

he had set up filters to delete any "ebay" related email AND was forwarding all my email to another gmail account







Edited 1 time(s). Last edit at 02/08/2016 11:43AM by mattkime.
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: michaelb
Date: February 08, 2016 11:54AM
Bummer. This way out of my league, but could someone had had physical access to the computer? If they remoted in, couldn't they have installed a keystroke tracker, and therefore obtain the new icloud password?

I have two factor authentication turned on, so I seem to get a text from Apple before I can make any changes or add a device (I am hoping that helps, cause it is kind of pain).



Edited 1 time(s). Last edit at 02/08/2016 11:54AM by michaelb.
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: Black
Date: February 08, 2016 12:44PM
Sorry this happened. If you could give one piece of advice for avoiding this, what would it be?




New forum user map 8/2015: [www.zeemaps.com]
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: cbelt3
Date: February 08, 2016 01:08PM
Ho LEE Carp !

Long term solution: NO PASSWORDS on ICloud !
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: chopper
Date: February 08, 2016 01:28PM
10.11.3 can be hacked??

I'd love to hear more on how this was accomplished.
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: mattkime
Date: February 08, 2016 01:51PM
I'm not sure how they gained access to my icloud account, but i'm pretty sure thats where the vulnerability exists. that would be across all os versions.

Quote
chopper
10.11.3 can be hacked??

I'd love to hear more on how this was accomplished.
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: GuyGene
Date: February 08, 2016 02:58PM
Sorry to hear that, matt. We've got to figure out how this happened! angry smiley



That old man - he don't think like no old man...
Now I wouldn't want to be within 400 - 500 yards of one of them nuclear bombs when it goes off! WW1 Vet Old Man
"He's pinned under an outcropping of rock. Lucky for him, the rock kept the dirt from burying him alive."
If idiots could fly, this place would be an airport. And I'd be a TSA agent.
A bonified member of The Mystic Knights of The Sea, George P. Stevens, President. Andy Brown, Treasurer, Algonquin J. Calhoun, Legal Consultant.
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: john-o
Date: February 08, 2016 03:29PM
A really good argument for using two-factor authentication for all of your critical accounts. I've got it turned on for iCloud, and it's a bit of a pain, but would protect me from something like this.

Also, use strong passwords! Use some sort of password manager to manage them, and change them at least once a year.

Sorry matt, it's a bummer, but a helpful lesson for the rest of us.

I'm also glad that I've never felt comfortable with that Back to My Mac feature.

Hope you have everything straightened out soon!
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: Fritz
Date: February 08, 2016 03:55PM
owing to my previous question last week, would a VPN have helped in prevention of hacks?.



!#$@@$#!

If there are spelling issues, please pardon, Owen the cat is sitting on my keyboard.
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: space-time
Date: February 08, 2016 04:01PM
Quote
Fritz
owing to my previous question last week, would a VPN have helped in prevention of hacks?.

Good question, but I would guess not. if they hacked your iCloud, and if they used Back-To-My-Mac to gain access, I would guess it does not matter if you use VPN or not to connect to internet.
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: Fritz
Date: February 08, 2016 04:03PM
so maybe no more Cloudy passwords ......?



!#$@@$#!

If there are spelling issues, please pardon, Owen the cat is sitting on my keyboard.
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: C(-)ris
Date: February 08, 2016 04:05PM
Quote
mattkime
I'm not sure how they gained access to my icloud account, but i'm pretty sure thats where the vulnerability exists. that would be across all os versions.

Quote
chopper
10.11.3 can be hacked??

I'd love to hear more on how this was accomplished.

2 factor authentication would have stopped this dead.



C(-)ris
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Throwback Thursday Signature:
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: bhaveshp
Date: February 08, 2016 04:22PM
Yep, iCloud 2 Factor verification to prevent this kind of hack:

[support.apple.com]

[www.macobserver.com]
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: hal
Date: February 08, 2016 04:28PM
would dropping Back to my Mac have the same effect? Was that the key? Sounds like it to me...
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: Fritz
Date: February 08, 2016 04:29PM
if one uses their cell for the "possession" factor, couldn't that number be spoofed elsewhere as well?
I use to use 2 factor with the biG G, but found it a pita.



!#$@@$#!

If there are spelling issues, please pardon, Owen the cat is sitting on my keyboard.
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: john-o
Date: February 08, 2016 04:32PM
I don't know that phones can be spoofed as of yet. That would be a major crack in the security of all our lives!

And it's only a PITA if you're willing to risk getting hacked like mattkime did!
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: mattkime
Date: February 08, 2016 05:49PM
i figured out that the password i used for iCloud is also used for other sites. its possible that another site got hacked and they figured out that i used similar or the same credentials with my iCloud account.

yup, changing all passwords that are similar to that one (or ones that show up as "weak" in 1Password) and two factor auth everywhere.
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: Onamuji
Date: February 08, 2016 06:03PM
Did you use the same password for everything? 'Cause pwning your Mac through screen sharing is a whole nother thing vs logging into your Paypal and Amazon accounts.



Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: mattkime
Date: February 08, 2016 06:51PM
Quote
Onamuji
Did you use the same password for everything?

bad passwords were used for logins that either predated 1password OR where i was very very lazy.

thats a long ways from everything but i still have 100 or so accounts in 1password coming up as "weak"


...basically, when i'm finished, i won't be able to log into _anything_ without 1Password







Edited 1 time(s). Last edit at 02/08/2016 06:54PM by mattkime.
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: john-o
Date: February 08, 2016 11:00PM
Quote
mattkime
...basically, when i'm finished, i won't be able to log into _anything_ without 1Password

And that's just as it should be! smile smiley
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: deckeda
Date: February 09, 2016 05:35AM
Well, at least some better differentiation. You can use simple codes that are passwords and this kind of entry is stopped. Most of us will never have to worry about actual attack from a software algorithm running to pop a password because typical people are not large companies getting targeted; but socially yeah we're all still vulnerable. I still read stories of where Amazon CSRs can go off script and inadvertently reveal addresses or other ordering history info later used to reroute and re-identify bank cards for example.
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: RAMd®d
Date: February 09, 2016 05:43AM
There is security, and there is convenience.

Pick one.





Your boos mean nothing to me, I've seen what you cheer for.

Insisting on your rights without acknowledging your responsibilities isn’t freedom, it’s adolescence.

We are a government of laws, not men.

Everybody matters or nobody matters.

When a good man is hurt,
all who would be called good
must suffer with him.

You and I have memories longer than the road that stretches out ahead.

There is no safety for honest men except
by believing all possible evil of evil men.

We don’t do focus groups. They just ensure that you don’t offend anyone, and produce bland inoffensive products. —Sir Jonathan Ive

An armed society is a polite society.
And hope is a lousy defense.

You make me pull, I'll put you down.

I *love* SIGs. It's Glocks I hate.




Edited 1 time(s). Last edit at 02/09/2016 05:44AM by RAMd®d.
Options:  Reply • Quote
Re: f&&^(ing hell i was hacked!
Posted by: GuyGene
Date: February 09, 2016 09:26AM
Quote
RAMd®d
There is security, and there is convenience.

Pick one.

Amen.



That old man - he don't think like no old man...
Now I wouldn't want to be within 400 - 500 yards of one of them nuclear bombs when it goes off! WW1 Vet Old Man
"He's pinned under an outcropping of rock. Lucky for him, the rock kept the dirt from burying him alive."
If idiots could fly, this place would be an airport. And I'd be a TSA agent.
A bonified member of The Mystic Knights of The Sea, George P. Stevens, President. Andy Brown, Treasurer, Algonquin J. Calhoun, Legal Consultant.
Options:  Reply • Quote
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 101
Record Number of Users: 186 on February 20, 2020
Record Number of Guests: 5122 on October 03, 2020