Have you been hacked or exploited

Discussion in 'polls' started by emmjay, Oct 13, 2014.

?

Have you been hacked or exploited

  1. Hacked, Yes

    2 vote(s)
    5.6%
  2. Hacked, No

    28 vote(s)
    77.8%
  3. Exploited, Yes

    0 vote(s)
    0.0%
  4. Exploited, No

    27 vote(s)
    75.0%
  5. Desktop

    3 vote(s)
    8.3%
  6. Laptop, tablet

    0 vote(s)
    0.0%
  7. Smartphone

    0 vote(s)
    0.0%
  8. IOT device

    0 vote(s)
    0.0%
  9. Point of Sale

    0 vote(s)
    0.0%
  10. OS

    0 vote(s)
    0.0%
  11. Application

    1 vote(s)
    2.8%
  12. Program

    0 vote(s)
    0.0%
  13. Service

    3 vote(s)
    8.3%
  14. Other

    3 vote(s)
    8.3%
Multiple votes are allowed.
  1. emmjay

    emmjay Registered Member

    Joined:
    Jan 26, 2010
    Posts:
    1,540
    Location:
    Triassic
    Considering most of the members here have a pretty good understanding of security and what needs to be done to reasonably protect their systems and information, it is therefore a unique group to poll when it comes to security breaches. When the general public is polled the numbers are horrendous, yet so many users do not adhere to basic security measures, so the stats do no more than annoy us. If the measures were there, then the numbers would tell us a lot more.

    Without getting into the security products or services that you deploy, have you as a security conscious user been hacked or exploited? Exploited meaning: resulting in something like identity theft, stolen passwords, personal files held for ransom, etc.

    I made it multiple choice, as it would be nice to know what device, OS, product, program or service got impacted by the attack. So the list is there for you to select which one was hit.
     
    Last edited: Oct 13, 2014
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I have not had any computer security problems in 10 years. With that I mean, I have not lost any data or money. Of course I might have some super advanced/undetectable rootkit on my PC, but if so, it hasn't caused any problems. I do believe that the reason why I never became infected is because of my security tools and knowledge and sometimes paranoia. :)
     
  3. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    The thing with this type of catch-all question is that those who are, or who ever have been, probably don't know it and never will. The obvious is if you have something showing up on your bank statements or if one of your many accounts (email, forums, etc) starts posting or deleting stuff without you.

    With the post Snowden stuff, you could argue we've all been "exploited". And just like with that example, just because you're seemingly not affected doesn't mean you aren't.
     
  4. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Once, a bit over 10 years ago when I used dialup internet, something on my PC dialed out at about 3AM. It granted itself access through the firewall utilizing RUNDLL32. It sent out an amount of data that corresponded to the size of an encrypted container I had, then deleted itself. At the time I used NIS. The AV detected nothing. The firewall logged the entire incident, including the granting internet access to RUNDLL32, but did nothing to prevent it. The IP it sent the data to was a major news network, which was most likely itself compromised. This was the end of my relying on AVs and security suites.
     
  5. guest

    guest Guest

    I had been social-engineered once which made the system won't boot and needed to be brought for repair, does that count?
     
  6. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    I believe my Hotmail account was hacked once and I had to change the password. Some strange things were happening to it.
     
  7. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,614
    Location:
    Milan and Seoul
    Hacking nowadays is probably likely to happen to people who are specifically targeted, which means some knowledge of the victim must be forthcoming with the hackers. I can imagine big banks (like JP Morgan hack attack), celebrities and their private photos (an electronic version of 'paparazzi'), industrial espionage, etc...

    But the average user is somewhat unattractive and not worth the time and the risk of doing it, except of course for the odd incident of identity and credit card info. On the other hand, just yesterday I fell for something that I thought would never happen to me. I was trying to download Chrome onto a new Vista install, and I must have clicked on a link that was malware disguising itself as a Chrome's download portal.

    After clicking it, I thought something had gone amiss, the Chrome symbol had very strong colours, and the download protocol was not what Google normally uses... Too late, Avira at this stage didn't beep until the process was almost over. It's only then that an Avira alert notified me of the detection of malware asking me to deny access and that it would scan the system to clean up the intruder.

    I really don't know whether Avira worked perfectly or partly as in the programs list suddenly there was an instance of Opera (!?) and 2 more unknown programs. I like to think that the malware had been deactivated by Avira, but I'm not sure...Restoring an image gave me some peace of mind as I felt a bit humiliated by this incident.

    Now this isn't hacking of course, but without paying attention to what one clicks can lead to uncomfortable situations.
     
  8. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    No, not personally, but other family members and friends have had their email accounts hacked due to weak passwords.

    Three family members (myself included) was getting funny emails from another family members email address because our addresses was in the contacts list, and he had not sent them to us, so I used the "I think my friend has been hacked" button, and soon after the account was fixed and a new stronger password was picked. :ouch:
     
  9. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    That's at least partially true. Then there's the NSA who compromises networks just to have them available if needed. I'm quite sure that I was deliberately targeted, job related at the time. I'm also fairly sure that it was Norton Internet Security that was exploited to do it. Shortly afterwards a similar exploit of NIS was used to take down BlueFrog. The contents of the archive leads me to believe that the hack was done by government or a collaborating corporation. Fortunately the archive was backed up to CD. The timing of the incident leads me to believe that they knew when to attack, which points back to my employer and the corporation they built for. Unfortunately I don't have physical proof save for the log of the attack, which doesn't help when they ran the data through another victim.
     
  10. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    Not that I know of. I guess I'm not interesting for hackers to be personally targeted :)
     
  11. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    If you get hit with a exploit, to me you're also "hacked" then. So in fact anyone with a PC connected to the web is a target nowadays.
     
  12. niki

    niki Registered Member

    Joined:
    Jun 9, 2010
    Posts:
    365
    About 10 years ago when I got my first PC my homepage was changed when I clicked on a (advertising) box on a page. Didn't even know what to do, I panicked. Luckily I had a friend who helped me out. After that all smooth sailing. Sometimes I think that there is something wrong with my setup because it has never caught anything bad after that. *knocking on wood*
     
  13. new2security

    new2security Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    517
    Not sure.
    I use vpn services through OpenVPN and once when I attempted to connect to my VPN provider via the GUI, a web page suddenly opened just 1 second after I chose "connect".
    I reacted too fast shutting it down without inspecting the content. Not sure what that was all about.
     
  14. subhrobhandari

    subhrobhandari Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    780
    Well, there were a few forums where the salted passwords of all members were leaked (including mine), actually they had full db stolen, other than that, none I am aware of. Paranoia saves me I guess. :)
     
  15. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,290
    Location:
    EU
    Years ago I had my Gmail account hacked. At that time I was so stupid to use the same password for ebay too. That account hacked as well within hours.
    I was able to restore my ebay account after a while (I spent nearly one day chatting with a guy at ebay.com. No help/assistance whatsoever by local ebay in EU). In the meantime that guy tried to sell some popular stuff like cameras, electronics, etc.
    I could never get back my old Gmail account.

    What I found strange is that the Gmail account was hacked few days after I wrote a letter to a national newspaper, about animal rights and this sort of things. My email was there, at the bottom of it. But maybe that was just a coincidence.
     
  16. guest

    guest Guest

    I have been kicked off the family desktop computer for being irresponsible. Hotmail got hacked. Been sent here for education and attitude adjustment :oops:. Learning lots, honest. Post sent from an unattended logged on laptop on kitchen table :D now how responsible is that?
     
  17. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,501
    Location:
    .
    Not yet...:shifty:
     
  18. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,910
    Location:
    USA
    No, I've had to change my 2 gmail addresses 3 times in the last 2 weeks because google says I have to. Today I changed the password For the encrypted files where I keep the backup, one copy is on a unplugged flash drive.
     
  19. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Years ago I was hacked/exploited. But these days it's pretty difficult, if not impossible to hack or exploit me.

    We're still attacked, but almost all attacks are stopped at the Firewall these days. A few less security devices can be exploited, but I usually close off those holes fairly quickly after identifying the breach. So at this point my entire network is pretty well locked down with enterprise grade security, and some military grade security in some cases, as well as Windows tweaks significantly improving our protection, and encryption used across the board.
     
  20. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,614
    Location:
    Milan and Seoul
    Can you explain (some examples) what do you mean by 'military grade security'?
     
  21. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    One example of military/defense contractor grade protections I use are dead man switches. Some of my crucial systems require me to manually push a switch every 60 minutes or it kills the connection (with hardware disconnect, not software - impossible to bypass from remote). Some military installations, and defense contractors use these, very effective lockdowns.
     
  22. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    5,614
    Location:
    Milan and Seoul
    I see what you mean thanks... Definitely not my situation.
     
  23. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    Osaban....No Sandboxie?..;)

    Bo
     
  24. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    Not gonna work if you actually think it's chrome and trust the download. SBIE is a great tool, but relies on the user like virtually all malware you'll ever experience these days.
     
  25. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    In the situation described by Osaban, if he had been using Sandboxie, as soon as realizing that "something had gone amiss" after clicking the link, all he would have had to do to get rid of the infection was delete the sandbox. Or let Avira do its thing and delete the sandbox.:)

    Bo
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.