Very Sophisticated Hacking? Now what?

September 13, 2016 at 11:35:40
Specs: Windows 10, x980/24GB
I believe I was recently the victim of a very sophisticated hacking which I didn't even realize was happening until it was too late. Luckily I was protected by my bank, however, it was a very scary situation. I want to find out if anyone has heard of a virus or being hacked like this:

Rather than telling the whole story I will say that I came to the realization that every time I logged into my bank account from my desktop (not from my phone), the account balance and summary of transaction would very quickly change from the correct amount to a false amount that omitted fraudulent withdrawals being made. For instance, if my account was supposed to have $10 in it, it would show me $10, however, when I logged in through mobile, it would show me $4 and that there were 6 withdrawals that I knew to be fraudulent. This masking/altering of account information would happen on firefox/chrom and IE. I also noticed that when I logged into Amazon, it would be very slow and take me directly to the amazon wallet page (with credit card info) rather than taking me to the regular home screen. Lastly, I noticed that my windows update was no longer updating and would have connection issues.

After running a virus scan, it detected a few things and everything appears to be running smoothly now.

Has anyone experienced a hacking that is so advanced like this? I can understand stealing information but actually masking the fraudulent withdrawals seems incredibly deliberate and personal.

Now that the virus has been removed, what actions should I take?

See More: Very Sophisticated Hacking? Now what?

Reply ↓  Report •

September 13, 2016 at 13:08:46
Nasty tale... Sadly more widespread than you realise. It (bank account hacking) can also be done via mobile phone which has your bank details on it.

You would be wise a range of pest and similar cleaners; including at least one running off a Linux boot CD/DVD such as Kaspersky rescue disk.

Possibly JohnW will drop across here and offer some other utilis to run; and one or two other regulars may also chip in. Would be good to heed their suggestions.

Reply ↓  Report •

September 13, 2016 at 17:48:09
Best we do some deeper scans.

Here are the first 2 steps, more steps will be needed, after I see the results of these logs.

Run them in this order.

Step 1: Run AdwCleaner
Author's site
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click Scan
In the results tabs, uncheck anything you don't want to remove.
Click on Cleaning.
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please Copy & Paste the contents of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner [C1 or later].txt as well.

Step 2: Run Malwarebytes Junkware Removal Tool
Download Malwarebytes Junkware Removal Tool onto your Desktop. If your default download location is not the Desktop, drag it out of it's location onto the Desktop.
Warning! Once the scan is complete JRT will shut down your browser with NO warning.
Shut down your protection software now to avoid potential conflicts.
Temporarily disable your antivirus and any antispyware real time protection before performing a scan.
Click this link to see a list of security programs that should be disabled and how to disable them.
Run the tool by double-clicking it. If you are using Windows Vista or Windows 7/8, right-click JRT and select Run as Administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved onto your Desktop and will automatically open.
Copy and Paste the contents of the JRT.txt log please.

Reply ↓  Report •

September 13, 2016 at 20:06:48
As noted, unless you reinstalled Windows you may have bits of the infection still lurking around. Please heed the warning and run the suggested programs that JohnW has listed. He is our expert on serious and deep infections and will help you make sure that all is clean with you.

Please list your antivirus program in case it is one we consider less than optimal.

I recommend running Malwarebytes manually every 2-4 weeks (or more often if you like) to ensure your machine stays clean.

Change banking passwords at least once or twice a year, more often is even better.

You should be logged in as an ordinary user rather than the admin user. This will help reduce the chances of programs installing without you being asked for approval and password.

Shut down, log off, or put to sleep the computer when you are not going to be using it.

Make sure there is a router between you and the internet. Unplug the modem or router/modem every couple of months to change your external IP address.

If using Wifi, make sure that your Wifi is secure with a log in required. Disable any 'Guest' Wifi account on your router.

Make sure that your browser does not save your banking password so you have to manually enter it every time. Even log in name should be entered every time for banking.

You have to be a little bit crazy to keep you from going insane.

Reply ↓  Report •

Related Solutions

Ask Question