hacker infiltration

[dj nica]

i have a friend that has a hacker that is able to view her e-mails,backgrounds,screen saver, AIM instant messages,files and folders, you name it he can read it. what can she do? i haven't been here in so long but when she told me about it i instantly thought of this site for the best help. anyone know what could be done?

[Syini666]

From the sounds of it someone is using a trojan such as SubSeven or Netbus to control her computer and snoop on her. First and foremost scan the computer with an antivirus program, and if that doesnt work check out Tauscan from www.grisoft.com and see what it turns up. Also, if she doesnt have a firewall, it would definately help to install one such as Zone Alarm or Outpost

[Vigge]

It could possibly be that she has a trojan of some sort in her system.
Try downloading TheCleaner and see what it finds.
get it here: http://www.moosoft.com/thecleaner/

EDIT: I hate posting a reply at the same time as someone else

[dj nica]

aah ok, i'll put on a firewall and scan the computer for her, then see if the problem persist. thanks guys. i'll let u know if it continues.

[ajit]

it certainly is a trojan and if u still can't find a trojan installed then disconnect now .

[strandedthinker]

most likely a virii prog, i would connect and lan or wan connections and run a virus scan with the latest updates.

and since your friend seems to be careless towards securiy tell her to get:
a:a software firewall
b:a hardware firewall
c:an anti virus prog

[doc crontab]

Hello

Tell your friend to change ALL her passwords icq, aol aim, pop e-mail,
online banking, yahoo etc to be on the safe side even if the
machine is cleaned with Norton or software like the 'Cleaner'
the Hacker is still in the game he can access all of her accounts
without her Knowledge, imposter her (identity theft) launch
attacks or monitor her steathily.

Strongly suggest looking into SSH to send/recieve pop e-mail or
transmiting any sensitive information encrypted and not into
plain text. For Windows I know of Terra Term but there may
be other clients.

Doc

[PuReExcTacy]

You might want to advise your friend's isp on the situation. They most likely will have logs that can give details on any traffic to or from your friend's computer, this might give a great lead to tracking down the intruder or provide evidence in a court of law if it comes down to that.


PuRe

[grobyccil]

Hi!
Maybe u most reinstall the system. The oponent, may be install another backdoor or a root-kit. (i'm really paranoic)
Best wishes!!

groby

[tonybradley]

I wouldn't want to use an elephant gun to kill a fly, but I think I might second both the notion of changing all passwords and as many usernames as possible- instant messaging, email, banking,- anything with a username and password- as well as rebuilding the system from scratch.

The problem is that you don't know what the intruder could have done. You could use The Cleaner or other similar software and detect and remove a Trojan horse program. But, the intruder could have used a known Trojan horse to get in but planted some original home-grown Trojan / backdoor that the software doesn't know about so it would remain behind.

Setting up a software firewall like Zone Alarm would help- because you would be alerted when the Trojan tried to initiate a connection or access a service on the computer. But, if your friend isn't technically savvy they may unwittingly approve the connection anyway. My experience with novices and Zone Alarm - or other software firewalls- is that they often don't know what the application or service being asked about is supposed to do so they just approve it on the assumption that its probably OK.

So, it may be overkill, but I might do all of the above: rebuild the system and install updated antivirus and firewall software and also change all usernames and passwords and possibly even get new credit card numbers and such (or at least watch my credit card statements for erroneous charges).