Hacked Today

Discussion in 'malware problems & news' started by kookyterp, Oct 25, 2007.

Thread Status:
Not open for further replies.
  1. kookyterp

    kookyterp Registered Member

    Joined:
    Oct 24, 2007
    Posts:
    2
    Greetings...newbie here. I opened my laptop today and saw someone had initiated a ftp session on my machine. The hacker was getting a file called 1.exe in my System32 folder. I found the script that was being used which contains an ip address and a user name (perhaps the password as well). I am wondering what is a good, legal way to get back at this hacker. I know I am steaming now, but I feel violated. Luckily, I was able to kill the ftp session before the file transfer was complete.

    Any advice? Thanks in advance.
     
  2. pugmug

    pugmug Registered Member

    Joined:
    Oct 23, 2006
    Posts:
    413
    Let your ISP and the police direct you on where to go and who to talk to with your info.
     
  3. SirMalware

    SirMalware Registered Member

    Joined:
    Jun 6, 2006
    Posts:
    133
    kookyterp, do you use a hardware firewall in your system?
     
  4. kookyterp

    kookyterp Registered Member

    Joined:
    Oct 24, 2007
    Posts:
    2
    unfortunately I had left things to my router and to my mcafee firewall.
     
  5. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    There are very few legal ways to get back at a hacker, unfortunately. Notify your ISP about it and try to see if they can track the intruder through their logs and if it matches the information that you found in the script. There are probably tools that you can use to "get back" at the other person, but that could throw you into the same category as the intruder with similar consequences.
     
  6. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    Hi,

    Preferably you would need to make a duplicate of your hard disk and provide this to law enforcement for analysis. They leave traces usually. If this is not possible you will need to document the hacker event in detail and if possible install a scope and let him do something while you record the transaction for evidence purposes. Look immediately for all available logs that could document past and present activities and provide this to your local FBI office or whatever enforcement authorities you prefer. They will open an investigation...

    Just don't lean to hard on them to get results... and be patient!

    If you want more information on what to do you can read an article I posted in our forum, it actually provides a pretty good set of tools and points to many great resources. The post is available here:
    http://www.hermes-computers.ca/phpbb2/viewtopic.php?t=79
     
Loading...
Thread Status:
Not open for further replies.