-
young girl intimidated
Hey all I'm new here 2 or 3 months and I found something out today I thought that I would post to get an opinion I was at my aunts today and she tells me that her neice(14) had some guy that was chatting with her and after a little bit he sends here a pic of him in the nude and tells her to send one of her butt see refused and he told her that he would hack her system and shut her down (which he did). Now as far as i could get from my aunt he got her to give him her ip before this all happened. Obviously these people are causal internet users.
and I have not talked to them as of yet their going to call me later so we can get together
My question is what would be the first things to check to get her system back up for her so I can at least secure it a little better for them. They have no security on the system.
second which authorities should she contact the guy said he was out of state. can anything be done
third this is the opinion Q that has been explored before here and in the tech school that i am in should I try to find this guy on my own just because.
I am in know way a hacker or any of the other of those types i am in school with the hopes of getting in to the field of system security/network security so i can use this as a learning exersize.
any help or opinions are welcome thanks for any help
-
Hands off - let either the feds or the local police (whichever you file to) handle this one. You don't want this guy go unpushed because you did something stupid.
-
If you want to practice security skills do it on your own network. The correct thing to do here is to report the matter, along with any logs you have, to the proper authorities. The net is full of predators like this and if you fail to deal with the situation in the 'right way' you run the risk that the next minor that this guy comes across may not be so lucky as your cousin.
I am English, and therefore there will be others here better placed to advise on who the appropriate authorities are in your locality, but my first move would be to the local police station. If they can't help then they can advise you who can. (Certainly my impression from American movies is that inter-state criminal investigations are undertaken by the Fedaral Governemnet in the form of the FBI - but don't quote me).
Hope this helped - Let us know how you get on.
-
going to the authorities is my main thrust that was totaly an opinion Q the other Q about starting points is my main Question could he have formatted from remote or would he have to have physical access and what are the chances of recovering that data they have already tried the 98 rescue disk
My fist step i think is to boot to a dos disk and see what i can find from there ?
-
What exactly happens when you try to boot the computer? Has it completely died, or do you get some sort of message? Yes, do try to boot from dos, to see what is left of your configuration. One note: if you -do- get it back up and running, yank out the network / modem cable until you found out how he got in. My best guess is that he used some sort of trojan: install a virus scanner, and perform a complete system scan first thing when you get it back up again.
-
If they have another computer they can use, I would suggest you leave that one alone for a while until the computer forensics people of the authorities can get their hands on it. You will most likely have to go to the FBI since this is an interstate crime (especially if he knew her age). If they need the computer, try to do as little as possible on it, especially related to what was being use at the time (try not to use the chat prog, don't do any disc cleanups, etc).
-
Kezil has a good point there.
-
I agree with the rest here. If this guy was actually able to hack her system and shut it down, then it stands to reason that he would be able to do the same to you if you try to locate him.
Personally I think it would be very dangerous to try and do something about this on your own - whether it is locating him or attempting to "get revenge". The local authorities are much more able to locate and punish a predator such as this guy appears to be.
I would probably report this to your local police department (be it city, county or state) and if they feel that this really is a case of him being out of state then they will contact the appropriate federal authorities.
As far as the computer that was crashed, as Kezil says, I would leave it alone until the proper authorities are able to examine it for anything that might point to this sicko.
-
Carenath has the right idea about contacting the local authorities first. You'll also need to have enough information about this person that the local authorities can hand to whomever they deem necessary to handle this situation (name, city, state, etc. and hope that it's correct information). Although the it is an inter-state affair, they may deem to handle it "in house" and simply contact the local authorities of the area where the guy lives. The FBI may get involved, but I'd follow the chain of command if I were you. If the police say it's a federal matter, then you can inform the FBI yourself. That way, you won't piss anyone off by going over their heads. I know people in law enforcement (I work with numerous security firms) and think this is the best course of action for you to take.
Also, as carenath advised, don't go and reformat her computer or whatever you're planning on doing. If they choose to pursue this case, they're going to want to have a forensic specialist go through the computer for evidence (including chat logs, e-mail messages, information about the means of attack, etc.).
AJ
-
i really think this is a matter forr the cops please say u have a copy of the photo for evidence i personally think this guy should be hung *personal opinion* but 2 say he wrecked u r box well he`s looking at 2 charges 1 sending lude and lucious pics 2 an underager and crashing a box result wiping the contents i hope this scum rots in hell
-
My thoughts are lets the cops deal with it before you even touch the computer. If you do not know just what you are looking for or what logs may be about your own attemots to help could erase or alter inportant records that can be used as means to build a case against this person. Best bet while I hear about the Aunt and you a cousin, time to get Mom & Dad into the picture.
I'm still haing a bit challange here some parts of what you ask are not adding up at least for me. In general to many 3rd persons in the question. Just me and again if you don't know what your doing leave it alone for the people that do know.
-
I understand where everybody's coming from and I too feel you should report to the authorities. Since he is out of state, you will have to go to the feds for help, since the local police cant cross state borders.
Second, if you can get the machine running again I would first make sure I was offline for a while, even if you have another connection. Later, I would go back on the Internet, which would automatically change my IP address, making it safe to be away from this son of a b****. I would get a new sn just to be careful and run virus scans periodically.
Somac112
-
Everyone's right, but if it was me I would be searching your user files and the chat program, if you have the PC's admin acount. There is notheing that you could do wrong, if you don't do the following: go on the internet, delete anything, install anything new, exicute any program, except the wordpad and or text document...BUT that's me, and you don't sound very sure of yourself. I say leave it to the cops, then after that come back here and I will tell you everything to look for...but really it's the FBI V.S. a small punk hacker(well I think).
-
Just be aware that a true sicko might not give a picture of himself, so that's not a for-sure identification. But yeah, don't handle it on your own.
If the police or FBI say that they will NOT follow up on it, get their reasoning for not following up on it in writing. Just in case. *THEN* may go try some conservative vigilantism.
-
i agree with kezil .. u can do that.. let the FBI people test the computer for any kind of traces.. and if u have already disturbed the computer then do one thing just check if there is any serious damage or not.. then scan it for viruses.. and then just install some firewall ... so that this dosen't happen again...
-
he wouldnt have to ask for her ip if they were using aim, he could get it when they connnected to send images, it could have been sub7. and just had the images binded as an executeable so when she ran the program it showed the pictures. go ahead and download the cleaner at www.moosoft.com but you are probably giong to have to delete some registry keys in addition to that.
-
Install a Firewall, Install an OS with a NFTS File System, Get another ISP other than AOL, and Contact the IFCC and Local Police Department and provide them with the username, date & time.
-
He Probably Infected her system with a Trojan , prior before anything started.So he prolly just used it as a secret weapon in case she failed to comply with him.He probably formatted the Hard Drive.Try Using a boot up disk to see if u still have your hd.
-N
Well , Maybe the girl still remembers his sn or whatever , so then you can get a few of your buddies to show him a piece of your mind. (thats what i would do .)
-N
-
For those that think the person should install an NTFS-fs oriented OS, try to remember that this person(s) is/are not very capable (judging from their posts). The problem here is 2-fold.
1: this niece (supposedly) was just talking to this guy. Now, I don't know about you, but the 13 year old girl that was found dead a month or so ago had six screen names, of which 3 of them were 'promisciuous' to say the least. Not to say that the niece in question was doing whatever, but realize that's an option and she might've been "talking" to this guy, playing the role of the ODT. She could've gotten in over her head and "he" wasn't very happy.
I'm fairly sure if you read those logs of the chats, you'll find more than you care to. Just a word of advice, don't ever think anyone's 'innocent' by any stretch of the imagination. This is online, remember, where anyone can be anything and safety's only a disconnect away.
2: there's no security on said machine. Time and time again, I've seen people who do crap like this just leave their machines wide open yet they're the first to say 'they know something about computers' and are surprised when shite like this happens. Get a firewall. 95% of them are 'dummy made' so you don't have to know anything to get it working fairly well. An afternoon of educating someone on common internet etiquette, dos and don'ts, etc etc, can save HOURS of recovery, embarassment, you name it...
www.tinysoftware.com (Tiny Firewall, 2.0 is free)
www.symantec.com (Norton's version)
www.mcafee.com (Mcafee's version)
www.sygate.com (Sygate)
www.zonelabs.com (Zone Alarm)
From the way it sounds, a direct connection was made so he had this girl's IP easily enough. That right there could open the door to unpatched windows exploits, some of which include the almighty ping-of-death, remote shutdown, you name it. Not to mention, BO or S7 could've been installed somehow by this person and he's just abusing the number of commands available to him. We don't know, because we don't know what this girl was doing/allowing/etc... At that point, you're better off trashing the system, building it from the ground up, installing the firewall, and assigning monitored time for the internet so that this wouldn't happen again. Check logs daily, check history for sites, check everything...
This reply could very well be taken wrong by a great number of people. Just understand that nothing is as it seems and that those 'most innocent' are sometimes way more corrupt than you could imagine and hence, they get themselves in a lot of shite...
-
I suggest you get a firewall, then if it alerts you that anything is happening log the IP address and give it to the authorities, They could then track him down based on that information, or at least track down his proxy server. If he's good enough to get around the firewall then just let the cops handle it.
-
most likely the feds will do nothing unless they've had other complaints and your so called neice truly is innocent(as proven by untampered logs).
suggestion 1. make sure she is truly innocent before you contact authorities.
2. get rid of win98, if it still needs to be user freindly get win2k, if not get some version of linux
3. either way get a firewall and some sort of virus scanner proggy, set it to run a check every 6 hrs or something like that.
4. never use aol and if you do use some sort of chat program other than irc dont download things directly from somebody else, upload it to a website if you are insecure and let them dl it from there.
5. cant stress enough that if your neice truly is innocent and you dont no what your doing or arent sure of yourself and the guy is out of state, contact the fbi directly, the local cops cant do shite unless he was actually in whatever state you are.
6. if you can figure out where he came from and not just a proxy, get some friends and show him a good time :D, a night out on the town, get him nice and drunk but dont waste too much money on it, have a tape recorder, get your confession and then let him 'fall down the stairs' maybe a few times just for good measure :) but make sure you make it look like some kind of accident and if you are serious and dont want to get caught then dont leave any way to trace it back to yourself, maybe some temporary hair color and some makeup? ;)
-
ouch
i bet there was probably a trojan attached to the pic.. thats how he was able to get in.. ill bet he has all her passwords too. u should get a good trojan scanner.. unless u want to leave it on for proof.. i doubt the feds would do anything though.. all u can do is get a good firewall and virus scanner. u can probably find a log of the fiel taht was sent to you if your lucky and get his ip address off of that.. thats IF your lucky...
-
Quote:
Originally posted here by mrcoffee12
most likely the feds will do nothing unless they've had other complaints and your so called neice truly is innocent(as proven by untampered logs).
suggestion 1. make sure she is truly innocent before you contact authorities.
2. get rid of win98, if it still needs to be user freindly get win2k, if not get some version of linux
3. either way get a firewall and some sort of virus scanner proggy, set it to run a check every 6 hrs or something like that.
4. never use aol and if you do use some sort of chat program other than irc dont download things directly from somebody else, upload it to a website if you are insecure and let them dl it from there.
5. cant stress enough that if your neice truly is innocent and you dont no what your doing or arent sure of yourself and the guy is out of state, contact the fbi directly, the local cops cant do shite unless he was actually in whatever state you are.
6. if you can figure out where he came from and not just a proxy, get some friends and show him a good time :D, a night out on the town, get him nice and drunk but dont waste too much money on it, have a tape recorder, get your confession and then let him 'fall down the stairs' maybe a few times just for good measure :) but make sure you make it look like some kind of accident and if you are serious and dont want to get caught then dont leave any way to trace it back to yourself, maybe some temporary hair color and some makeup? ;)
Sadly, this is probably true. The FBI is VERY understaffed right now and I'm sure that whatever staff they do have is focused on finding Osama Bin Laden and the rest of his goons. I do suggest you contact them with whatever evidence you may have but don't expect to get anywhere. The best thing you can do right now is teach them security and get her away from the SOB. One place to report this is to http://www.predator-hunter.com/. This is a pedo watchdog group.
-
One of the problems with chats is that anyone ,any age can get to them.Content control helps there or just do not let a unsupervised teen online.Dont remove the h/d it is and can be very helpfull in getting him/she.Because believe it or not most are NOT what they say they are in chats an such.There have been many sad things happen because of people's stupidity when useing chat's.I have been useing chats for year's and the one thing I did learn is no one is really what they say.And it's so easy to get info from a young lonely person on line.Online perv's watch for the sign's when they just sit in chat rooms.We had the same problem in a chat except it was a woman talking dirty and sending nasty pics to our 15 year old son.So I went in under his name an p/w she Imed me and from there Iwas the angry mama.When i told her i was saving the text and phone number she gave and was forwarding all of it to the chat abuse email she then became very upset and said it was all in "fun" blah!Back in those day's the nukes were very popular and the woman proceded to use any she could find.And one of the few F/W 's that was was @ guard.And it came in handy.Mainly the girl needs to be told the dangers of the chat rooms.And if she ignores the rules that are set down by parents,SELL the p/c !
-
Unfortunately this is the third post of this type on AO that I have seen in the last day. and everyone has the same response to contact the authorities. I believe this is the correct approach but with out a crime being committed there is little if anything the can or will be willing to do. If you can find a sympathic officer he might be willing to give this young lady the scare of her life and speak with her frankly and honestly about the dangers of what can happen. But without evidence of a crime.... little can be done...even if you get the logs. What is the crime? Talking dirty to a 14 y/o in a conversation...last time I check that was prtected under the first amendment (With freedom comes responsibility....)
Contact your ISP and if there is a static ip assignment get it changed. If it is PPPoE the if youhave been offline for a while it will change. AntiVirus Scan the mahcine. the SurfWatch the system to limit chat times and hours. you can also put on a stealth keystroke logger that will email log files of the chat message to you on a daily basis. Then I would let this young lady know this is happening. Unfortuately, she can go to her friends house and log onto their system and "get away with it" She needs to learn this can be dangereous past-time...
Kids need some sense of freedom or they are going to rebel (not like they aren't going to anyway) but they need to make mistakes and learn from them... We as parents and friend and help protect them as much as possibile... but sometimes it take hard knocks to learn... I have livbed through this with my kids (15 and 12)
-
-
Pretty much all the advice is correct, just let the auth. handle the situation and certainly dont tamper with your computer. There are ways to get into to retrieve the information. Even though he hacked into it and erased it, there are still ways.
-
Quote:
Originally posted here by Vorlin
For those that think the person should install an NTFS-fs oriented OS, try to remember that this person(s) is/are not very capable (judging from their posts). The problem here is 2-fold.
1: this niece (supposedly) was just talking to this guy. Now, I don't know about you, but the 13 year old girl that was found dead a month or so ago had six screen names, of which 3 of them were 'promisciuous' to say the least. Not to say that the niece in question was doing whatever, but realize that's an option and she might've been "talking" to this guy, playing the role of the ODT. She could've gotten in over her head and "he" wasn't very happy.
I'm fairly sure if you read those logs of the chats, you'll find more than you care to. Just a word of advice, don't ever think anyone's 'innocent' by any stretch of the imagination. This is online, remember, where anyone can be anything and safety's only a disconnect away.
2: there's no security on said machine. Time and time again, I've seen people who do crap like this just leave their machines wide open yet they're the first to say 'they know something about computers' and are surprised when shite like this happens. Get a firewall. 95% of them are 'dummy made' so you don't have to know anything to get it working fairly well. An afternoon of educating someone on common internet etiquette, dos and don'ts, etc etc, can save HOURS of recovery, embarassment, you name it...
www.tinysoftware.com (Tiny Firewall, 2.0 is free)
www.symantec.com (Norton's version)
www.mcafee.com (Mcafee's version)
www.sygate.com (Sygate)
www.zonelabs.com (Zone Alarm)
From the way it sounds, a direct connection was made so he had this girl's IP easily enough. That right there could open the door to unpatched windows exploits, some of which include the almighty ping-of-death, remote shutdown, you name it. Not to mention, BO or S7 could've been installed somehow by this person and he's just abusing the number of commands available to him. We don't know, because we don't know what this girl was doing/allowing/etc... At that point, you're better off trashing the system, building it from the ground up, installing the firewall, and assigning monitored time for the internet so that this wouldn't happen again. Check logs daily, check history for sites, check everything...
This reply could very well be taken wrong by a great number of people. Just understand that nothing is as it seems and that those 'most innocent' are sometimes way more corrupt than you could imagine and hence, they get themselves in a lot of shite...
You're right about the case up here.
-
I don't think the FBI would waste their time trying to hunt down 1 guy that managed to hack a person's computer. He asked her for a naked pic, not to meet her in some secluded place. They don't know anything about the guy. It could have been some punk high schooler trying to get some naked pics of girls. I don't think the FBI would waste their time with that. They have bigger fish to fry. And we all know that the local police won't even know what to look for on the computer. They wouldn't know the difference between an IP Address, and a hole in the ground.
It does sound like the computer had a trojan on it, that would be the first thing I would look for. Personally, I would do my own type of sting operation if she remembered the guys screen name. Pretend to be a little girl. Say you want to meet up with him. Then beat the living **** out of him. That's just me though.
-
i agree with the guys about contacting the authorite, in here, but after u know ,everyting is upa dn running again , get u or ur relatives a firewall like Mcafee, ZoneAlarm..there is a lot of the so that u can block any attack. i ve tried Mcafee on my box and it block some attack and it even gave me the attacker IP, and the port that he was trying to attack. I hope that is helpfull.
-
Quote:
Originally posted here by jared_c
I don't think the FBI would waste their time trying to hunt down 1 guy that managed to hack a person's computer. He asked her for a naked pic, not to meet her in some secluded place. They don't know anything about the guy. It could have been some punk high schooler trying to get some naked pics of girls. I don't think the FBI would waste their time with that. They have bigger fish to fry. And we all know that the local police won't even know what to look for on the computer. They wouldn't know the difference between an IP Address, and a hole in the ground.
It does sound like the computer had a trojan on it, that would be the first thing I would look for. Personally, I would do my own type of sting operation if she remembered the guys screen name. Pretend to be a little girl. Say you want to meet up with him. Then beat the living **** out of him. That's just me though.
So true....right now they are too busy with Bin Laden to worry about this case and the local cops.....HA, forget it
-
well thanks for all the responses to this Q I talked with the mother and she did what I told her and contacted the police and they were worthless (suprize). and no one else had anytime for her they said it sould be looked into on a local level first so it was a big run around with no one helpin. So I got the machine running and had a talk with the girl and her mother but I think it was tipical of a teen girl she was more concerned about if her sims game was going to be there.
I think the mother heard me but she is a widower and isn't around with her girls so basicaly I left there fustrated and beaten I hope they heed my warnings but that remains to be seen.
Again I realy appreceate all the input from differnt AO members and mostly I agree. I'd love to beat the snot out of this booger eating moron but it still wouldn't help. I'll do some poking around and see what I can find
later
-
-
OK....I've got a little first hand experience on the legal side of this one. My son was accused (falsely) of sending a death threat via email. Because the transmission crossed state lines, it fell under federal jurisdiction. The FBI was very cooperative in assisting with getting to the bottom of the matter. Turned out the young man who accused my son was the real culprit. The FBI decided to let the local authorities handle it, but it was their call due to interstate nature of the offense. Go to the feds first and see what their take is on this. Given the present climate regarding the abuse of minors, they may well be very interested in cleaning this mess up for you and your aunt.
As for the security aspect, it looks like you already got lots of good advice. The only thing I would add would be to educate them about how social engineering works and what to avoid in the online arena.
