the great heist
-
- SilverLounger
- Posts: 1852
- Joined: 27 Jan 2010, 19:15
- Location: Darlington, Co. Durham. UK
the great heist
Ran this past an administrator for approval as to be forewarned is to be forarmed. http://www.ehow.com/ehow-tech/blog/russ ... ame-and-pa What a pitty the likes of these guys don't put their expertise to good use for the benefit of others. Cheers Dave
-
- Administrator
- Posts: 78493
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: the great heist
Thanks, Dave. Excellent tips in that article that everyone should heed.
Best wishes,
Hans
Hans
-
- gamma jay
- Posts: 25455
- Joined: 17 Mar 2010, 17:33
- Location: Cape Town
Re: the great heist
Спасибо Dave
Полезная информация
Полезная информация
Regards,
Rudi
If your absence does not affect them, your presence didn't matter.
Rudi
If your absence does not affect them, your presence didn't matter.
-
- cheese lizard
- Posts: 6241
- Joined: 16 Jan 2010, 00:14
- Location: Sydney Australia
-
- gamma jay
- Posts: 25455
- Joined: 17 Mar 2010, 17:33
- Location: Cape Town
Re: the great heist
That's just as good. Dankie Claude!
Now, before this thread turns into a pirate copy of Thank you Dave in multiple languages, I think Smiley can say it in a universal language...
Now, before this thread turns into a pirate copy of Thank you Dave in multiple languages, I think Smiley can say it in a universal language...
Regards,
Rudi
If your absence does not affect them, your presence didn't matter.
Rudi
If your absence does not affect them, your presence didn't matter.
-
- UraniumLounger
- Posts: 9287
- Joined: 13 Feb 2010, 01:27
- Location: Deep in the Heart of Texas
Re: the great heist
Rudi wrote:Спасибо Dave
Полезная информация
So! You were in on it, eh Rudi?
Bob's yer Uncle
Dell Intel Core i5 Laptop, 3570K,1.60 GHz, 8 GB RAM, Windows 11 64-bit, LibreOffice,and other bits and bobs
(1/2)(1+√5) |
-
- gamma jay
- Posts: 25455
- Joined: 17 Mar 2010, 17:33
- Location: Cape Town
Re: the great heist
Da!
Regards,
Rudi
If your absence does not affect them, your presence didn't matter.
Rudi
If your absence does not affect them, your presence didn't matter.
-
- UraniumLounger
- Posts: 9287
- Joined: 13 Feb 2010, 01:27
- Location: Deep in the Heart of Texas
Re: the great heist
OK.
I read the web page and learned virtually nothing. The warnings about practicing 'safe internet' were motherhood and apple pie. We do all those things.
What I would like to know are the following:
1) How can I tell if my machine has been turned into a bot?
2) Did MSE detect and block the malware?
3) What web sites were hacked by the bots? What majors (Amazon, et al) were hit?
4) What should user do? I can change all my passwords, but is that enough?
Whey didn't the authors address these issues (and others that I probably overlooked)?
I read the web page and learned virtually nothing. The warnings about practicing 'safe internet' were motherhood and apple pie. We do all those things.
What I would like to know are the following:
1) How can I tell if my machine has been turned into a bot?
2) Did MSE detect and block the malware?
3) What web sites were hacked by the bots? What majors (Amazon, et al) were hit?
4) What should user do? I can change all my passwords, but is that enough?
Whey didn't the authors address these issues (and others that I probably overlooked)?
Bob's yer Uncle
Dell Intel Core i5 Laptop, 3570K,1.60 GHz, 8 GB RAM, Windows 11 64-bit, LibreOffice,and other bits and bobs
(1/2)(1+√5) |
-
- Administrator
- Posts: 78493
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: the great heist
Probably because not much information is available. Here is the original article from the company that discovered the theft: YOU HAVE BEEN HACKED!
Best wishes,
Hans
Hans
-
- Panoramic Lounger
- Posts: 8176
- Joined: 25 Jan 2010, 09:09
- Location: retirement
Re: the great heist
I'm probably wrong but that site doesn't feel right to me. Discovering this massive theft seems to be the only thing they've done and their contact us page is a bit thin. Surely a bona fida security company would have more to it than this?HansV wrote:...the company that discovered the theft...
Their whois is at:
http://who.godaddy.com/whoischeck.aspx? ... CURITY.COM
but if I read it right this is front for another company called 'DomainsByProxy.com':
http://who.godaddy.com/whois.aspx?domai ... yproxy.com
Why hide?
Ken
-
- Administrator
- Posts: 78493
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: the great heist
I dunno, but all articles about this theft point back to Hold Security...
Best wishes,
Hans
Hans
-
- PlatinumLounger
- Posts: 5685
- Joined: 24 Jan 2010, 19:16
- Location: Cape Cod, Massachusetts,USA
Re: the great heist
This is from a Comcast site but should be relevant.BobH wrote:OK.
I read the web page and learned virtually nothing. The warnings about practicing 'safe internet' were motherhood and apple pie. We do all those things.
What I would like to know are the following:
1) How can I tell if my machine has been turned into a bot?
2) Did MSE detect and block the malware?
3) What web sites were hacked by the bots? What majors (Amazon, et al) were hit?
4) What should user do? I can change all my passwords, but is that enough?
Whey didn't the authors address these issues (and others that I probably overlooked)?
------------------------------
A number of signs can tell you if your computer may be infected with a bot, including:
Undelivered email notifications in your inbox to unknown email addresses. Bots will frequently use email accounts to send out spam. Spam to unknown email addresses will result in a “failure to deliver” notification in your inbox.
Suspicious email account activity. Bots create multiple email addresses in your email account. If you notice additional email addresses in your account that you didn’t create, you may have an infected computer.
Multiple toolbars on your Internet web browser. Bots will frequently install various toolbars to help collect search information from your web browser.
Unusual error messages. Error messages that suggest applications cannot run or drives cannot be accessed can be indications of a bot infection.
------------------------
I post this because my email was hacked a few months ago by some location in China and I started to get those undelivered email notifications. Maybe five or six a day but enough for me to notice them. I checked the addresses by clicking on view source in the other actions drop down of Thunderbird. I forget the actual town\city name but it was in China. I had to change my email password to a "stronger" one and they have since stopped.
A lot of other info on BOTS and prevention of same if you Google "BOT detection."
BOB
______________________________________
If I agreed with you we'd both be wrong.
______________________________________
If I agreed with you we'd both be wrong.
-
- Microsoft MVP
- Posts: 1318
- Joined: 24 May 2013, 15:33
- Location: Warminster, PA
Re: the great heist
The eHow article that Dave cited mentioned creating strong passwords only once, but other articles I've seen about "the big heist" go on about it at length. While it's a good thing to use strong passwords, it wouldn't have done anything at all to stop this particular exploit.
The Russians weren't hacking one user at a time and breaking their passwords. Instead, they hit the servers of lots of web sites, and either found ones that were storing user data unencrypted or managed to break the site's encryption keys. Once they had that, it wouldn't matter how strong the users' passwords are.
The Russians weren't hacking one user at a time and breaking their passwords. Instead, they hit the servers of lots of web sites, and either found ones that were storing user data unencrypted or managed to break the site's encryption keys. Once they had that, it wouldn't matter how strong the users' passwords are.
-
- UraniumLounger
- Posts: 9287
- Joined: 13 Feb 2010, 01:27
- Location: Deep in the Heart of Texas
Re: the great heist
Yes, I agree, Jay!Jay Freedman wrote:The eHow article that Dave cited mentioned creating strong passwords only once, but other articles I've seen about "the big heist" go on about it at length. While it's a good thing to use strong passwords, it wouldn't have done anything at all to stop this particular exploit.
The Russians weren't hacking one user at a time and breaking their passwords. Instead, they hit the servers of lots of web sites, and either found ones that were storing user data unencrypted or managed to break the site's encryption keys. Once they had that, it wouldn't matter how strong the users' passwords are.
I use a program to generate passwords that are very strong by every measure I've found. I never use the same password for any 2 purposes - all are unique. But, they can still be captured by bots and abused.
I am about to go through and change no fewer than 100 passwords, but before I do I should like some assurance that the new ones will not be compromised. There is no way that I know of that this can be done. If someone knows how, please advise. Changing that many passwords is no small task.
Bob's yer Uncle
Dell Intel Core i5 Laptop, 3570K,1.60 GHz, 8 GB RAM, Windows 11 64-bit, LibreOffice,and other bits and bobs
(1/2)(1+√5) |