Jump to content

I Think A Friend Is Being Hacked

JackRussell

By JackRussell
in Networking and Internet

 Share

Recommended Posts

JackRussell Newbie

JackRussell

Posted
Posted

a friend of mine suddenly found she couldn't access her hotmail account nor the associated msn chat account. Not even her "secret question" worked. She established temporarily a new msn account and went into chat with me to tell me about it. I tried logging into her email from my end and indeed it wasn't working.

 

Then in the middle of the chat, this other guy she knows logs into chat (I know him too, but haven't had much to do with him)... like 10 minutes later he comes back saying he's gotten into her account and changed her password to "123456". He was in chat on her end and not on my end so don't know what exactly he said, but she was under the impression he took advantage of some "loop hole" in msn or hotmail to do that...

 

Suffice it to say, if he were messing with (and using) hacker tools these days it wouldn't surprise me in the least. He's been on her computer before. I'm thinking he's put a key logger on her system at some point and fabricated this whole incident... again it wouldn't surprise me if this guy did something like that "just for fun".

 

Anyone know or heard of "loop holes" in hotmail/msn that would allow someone to just get into anyone's msn account within minutes? Or does the "forgot my password" process eventually give you access even if you don't know the "secret answer"?

 

I don't live near enuf to her that I could just go there any time and check the system out for a keylogger or whatever else... aside from using remote assistance.

Share this post

Link to post
Share on other sites
JackRussell Newbie

JackRussell

Posted
Posted
Have her run http://housecall.trendmicro.com/start_corp.asp and do a full scan with auto clean to be sure. Trend catches some malware and will remove it for her.

Thanks. Is that the same-as (or better-than) SpyBot?... not sure if SpyBot is mostly for the adware-flavor or not. Would like to target specifically malicious spyware (like keyloggers that phone home) when I check her system out. What you suggested looks more like what I've got in mind than SpyBot.

 

Probably guessed her password or got on her system while her cookie(s) were still good, then changed the password and secret answer

 

she had a really typical password and I made sure to tell her that (easy target for brute force probably). The dude in question is a chronic prankster of sorts.

Share this post

Link to post
Share on other sites
ravix Newbie

ravix

Posted
Posted

Hotmail isn't really subject to "brute force", which is basically a thing of the past. Brute force was big back in the days of earlier unix and linux systems, when the password file wasn't shadowed, and could simply be downloaded and cracked using a program such as jack the ripper. The reason it worked then is that everything was done locally, which is not the case with hotmail. In order to "brute force" hotmail or yahoo, you'd have to send thousands of login queries a second. This would a.) be flagged by the servers and b.) be incredibly slow due to network bandwidth limitations.

 

Basically, this guy either got onto your friends computer (anything is possible if you have local access), guessed an incredibly simple password off the top of his head, or installed a key-logger or some other type of malware on her computer. Have her run a virus scan, and change all her passwords to something hard to guess (ie: 1e3rta), and she should be fine the future.

Share this post

Link to post
Share on other sites
ClayMeow Newbie

ClayMeow

Posted
Posted
:withstupid: just have her change her password to letter/number combos. Looks like this guy was just doing it as a prank, and didn't do anything "bad" with her info, so she should be happy it was someone she knew that exposed this problem, and not some stranger who would never have let her known this. I'm not condoning the action of this guy obviously, but i'm what i'm saying is, you're making it out worse than it is. Doesn't seem to me like anyone was "hurt" by this...no charges to credit cards...no sending out emails to people using her account...no never giving her account back. she should be happy.

Share this post

Link to post
Share on other sites
JackRussell Newbie

JackRussell

Posted
Posted
I'm not condoning the action of this guy obviously, but i'm what i'm saying is, you're making it out worse than it is

Ya he wouldn't literally cause financial injury or destroy files, but you'd have to know this guy... if he still has something like a key logger in there, then it's not the end of it. He was fun to hang with and all when I knew him, but trust him as far as I can throw him... he's a character. Just today I even changed my passwords just in case I'm next in his self-amusement-hacking as he's seen what my addresses are now through her account.

Share this post

Link to post
Share on other sites
Nerm Newbie

Nerm

Posted
Posted

if she has a really easy to guess secret question he could have just guessed that and changed her password to whatever he wanted. Most peoples secret question on hotmail is easy to guess especially if you know them, because people are typically computer stupid(lol).

 

Nerm,

Stormztech.com

Share this post

Link to post
Share on other sites
JackRussell Newbie

JackRussell

Posted
Posted
if she has a really easy to guess secret question he could have just guessed that and changed her password to whatever he wanted. Most peoples secret question on hotmail is easy to guess especially if you know them, because people are typically computer stupid(lol).

She's all thumbs. And I got the impression that her secret question was something real easy to figure out. I'm almost certain I could get in that way myself, but not a hacker bone in this body so I won't :)

 

anyway thanks for tips on what's possible. Not a subject that interests me usually, so wasn't sure.

Share this post

Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...