I was on the Forums for a couple of hours last night. Most of the time I was watching a movie and remaining idle. So i shut down my computer and turned it on again to check my e-mail before going to bed. When I booted up I found the a WinVNC program was installed on my computer and it wanted a password to enable remote desktop control! I thoroughly searched my folders and registry and found it hiding in 5 different places. Thing is when I tried search it saw the files in certain folders, but upon going there they weren't really there. I was still able to delete them anyway and after cleaning up the registry entries everything was OK. But when you are on Anandtech you can check someones profile and see that they are online. I wonder if this makes us more vulnerable since anyone can see that we are online. I don't have anyway of knowing for sure, but I strongly feel that it was someone with that info that tried to infiltrate my computer. I think I interrupted their work, and they planned to have the WinVNC program boot up with a password enabled with the taksbar icon disabled. Perhaps to watch and wait for me to enter credit card numbers!
Hackers in Anandtech? Beware!
- Thread starter rogue1979
- Start date
That's no different from having someone on your AIM/ICQ list. How do you know someone hacked it as opposed to you actually downloading the virus on accident?
EDIT: oops nm
EDIT: oops nm
sash1
Diamond Member
- Jul 20, 2001
- 8,896
- 1
- 0
Do you use IRC? IRC gives away all your info necessary to hack into your computer (I've had some fun with this wit' mah CS buds--but lets not get into that 
).
As well, if you use Kazaa/etc., you could easily be downloading viruses and not know it, be careful in this respect if you use Kazaa...
~Aunix
).As well, if you use Kazaa/etc., you could easily be downloading viruses and not know it, be careful in this respect if you use Kazaa...
~Aunix
No I don't use IRC, and I didn't even open any e-mails or download anything that day. Not sure where it came from, but I definately believe it was hacking and I have a gut feeling it was someone hanging around and lurking here.
I'd have to agree with others here, someone got your IP by other means. No user here has the ability to view your ip address. Any IM, or persistent connection to something is open to hacking. The forums are a web page nothing more, not persistent. You could visit a website and they have your IP Address. Every time you request a page on a web server anywhere your ip is tracked, it's part of the CGI variables scope on any server.
Your IP address is not something that makes you a target for hacking, having vulnerable services running does, as well as doing stupid things like running random software you get from kazaa or irc.
As has been mentioned, these forums are web pages in a web browser, nothing more.
As has been mentioned, these forums are web pages in a web browser, nothing more.
Agreed. My IP isn't some top secret thing, unlike a credit card number. To prove a point, my IP is, in fact, 127.0.0.1; come on and try to hack me.
Non-windows-updated Windows (and sometimes even Windows with all the latest updates) qualifies as a very vulnerable "service" IMHO. On Linux, things are much easier for the user to control, and staying secure is as simple as doing a weekly apt-get (for those Debian users, or using whatever autoupdater your distibution provides), and not running stuff you don't need (like sendmail and apache for the majority of desktop Linux users).
Originally posted by: Evadman
my IP on this syetm is 192.168.0.61 Feel free to try to hack it
It would be much easier just to ping you then go all the way to AT to see if you were online.
Hm, mine's 192.168.0.2, we must be on the same isp or something
Originally posted by: BingBongWongFooey
Hm, mine's 192.168.0.2, we must be on the same isp or somethingOriginally posted by: Evadman my IP on this syetm is 192.168.0.61 Feel free to try to hack it
Oh my gawd!! My IP on this system is 192.168.0.1 and the the system behind me is 192.168.0.2 and ...uh.. wait a minute (looks back over shoulder) Whew you're not there. Had me worried there for a moment.
Originally posted by: TonyH
Originally posted by: BingBongWongFooey
Hm, mine's 192.168.0.2, we must be on the same isp or somethingOriginally posted by: Evadman my IP on this syetm is 192.168.0.61 Feel free to try to hack it
Oh my gawd!! My IP on this system is 192.168.0.1 and the the system behind me is 192.168.0.2 and ...uh.. wait a minute (looks back over shoulder) Whew you're not there. Had me worried there for a moment.
Why would you be scared of me?
MedicBob
Diamond Member
- Nov 29, 2001
- 4,151
- 1
- 0
Originally posted by: mechBgon
LOL, this thread is funny
I agree.
Sure, someone could look at your profile to see if your are online and then "hack" you. Personally I am not concerned by this as I am always online 24/7. Cable internet and computer on.
If I were you I would lock down that computer, change all the passwords, firewall it, and have a good antiviri program.
Two nights in a row now, this time they got further installing the WinVNC program as well as several items in my registry under Windows/Current version/Run and Run Services. A "patchHL" and a "dial32.exe" as well as an explore.exe naming one of the files where the VNC program is hidden. I removed everything and installed Norton Firewall. At least for now I leave my MSNMessenger turned off, until they find a different target. No damage to my Windows, I don't believe they want that. They had plenty opportunity to hose my OS, but I think they are trying to install these programs to run them remotely when I am online and if they have a chance to finish I wouldn't notice anything running. I can only guess they want to grab credit card numbers or bank info or the like to steal money. I have no clue why they are targeting me, and I am not sure how all this works. But I am updating all my credit card numbers just in case.
Wolfie
Platinum Member
- Oct 9, 1999
- 2,894
- 2
- 76
Seriously dude. Do you have any firewall setups on that machine? Virus programs? Just because you cleared your info on your computer doesn't mean that they won't try it again. Whoever it is, (and I am SURE that it's not someone from here) knows your volnerable and just sits and waits till you get back online. Once they find a vulnerable IP they make sure they remember it.
But Geoff is right. Do a fresh install to be sure nothing is left on there and make sure you install a firewall/viri program as soon as you get it up. Things will happen when you go online. Even with all the protectents, it doesn't mean you won't get hit. If you don't like getting hit. Don't go online.
Wolfie
But Geoff is right. Do a fresh install to be sure nothing is left on there and make sure you install a firewall/viri program as soon as you get it up. Things will happen when you go online. Even with all the protectents, it doesn't mean you won't get hit. If you don't like getting hit. Don't go online.
Wolfie
Originally posted by: Jeff7
Originally posted by: TonyH
Okay, disgusted maybe, scared no.
Yeah, it's over used but:
The goggles! They do nothing! Aaaaahhh.....
I'm sure most people realize this already, but for those low on sarcasm juice, that picture is -not- me
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 22K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
News NVIDIA and Intel to Develop AI Infrastructure and Personal Computing Products- Started by poke01
- Replies: 411
-
Facebook
Twitter