Hacked

[AlanYork]

Last night I discovered a keylogger on my pc. It was called ABCkeylog. I've removed it, done a sweep and changed all the passwords on my pc. Fortunately I don't have internet banking.

Today I received a spam e mail to my hotmail address, purporting to be from myself, dated 12 June. There was an attachment which of course I did not open.

I've reported the issue to microsoft. Is this e mail address now hopelessly compromised or is changing the password sufficient, as the spam mail was dated 4 days ago.

[Paul]

Do you have a firewall running? If so I would check for outbound connections or activity for the period that the keylogger was active on your system.
Actually are you sure it was active? It seems to be a freeware download too
http://www.snapfiles.com/get/abckeylog.html

[AlanYork]

I have Zone Alarms Security Suite. I've run a leak test from Gibson Security Corp and denied it access to ZASS as instructed, it come back as no leaks detected. So thats ok.

Sorry I dont know how to check for outbound activity.

[Paul]

If it had been active you might have gotten a request for permission to allow an outbound connection for it. Do you have anything unusual in your firewall logs?

[AlanYork]

No there was definately nothing like that, I have a good memory for that sort of thing. A messenger contact of mine had this on his pc too. My main concern is the security of my e mail. The keylogger has definately gone now. My friend works with computers as a job and he helped me to remove, wipe and check to make sure it had gone.

[Rob M]

Have you changed the password for the hotmail account? If not you should do.

[AlanYork]

Yes I changed every password on the pc. Is that sufficient?

[Paul]

Quote:

Originally Posted by AlanYork

Yes I changed every password on the pc. Is that sufficient?

Not if you feel that your hotmail account has been compromised, have you changed you password on the hotmail site itself?

[AlanYork]

Yes I changed the password of every e mail address I have. Is that enough? I informed microsoft too. I have emails I want to keep, Im just hoping they wont close my email address down.

[Paul]

Quote:

Originally Posted by AlanYork

Yes I changed the password of every e mail address I have. Is that enough? I informed microsoft too. I have emails I want to keep, Im just hoping they wont close my email address down.

As long as you have removed the key logger prior to changing the emails you should be ok. I would recommend a sweep with an Anti-virus tool and at least one spyware tool to be sure that you are clean now.

[AlanYork]

Yeah, I zapped the keylogger last night, it was a dll in Windows 32. Wiped it, did various other things under guidance from someone who knows what he is talking about, ran a check using the scanner that located it in the first place, Symantec Virus Scanner and that came up clean. Changed every password on the pc, email passwords, windows passwords, forum passwords, the lot about 8 hours later, after I'd slept. Then reported it to Microsoft. Can't think that I've missed anything.

I'm pretty sure I know how I got this keylogger too. A friend of mine who I talk to on messenger warned me he got it, so it looks like its come from using MSN messenger. He had it on his pc too but removed it. I've warned all my contacts. It's all a tad worrying as though I'm no pc expert, I use a firewall, antivirus, regularly check for spyware etc and I STILL get this. Don't really see what else I can do to stay secure.

[Richard M]

I'm pretty sure there was a warning last month about MSN malware, can't remember the details though.

[MetaWraith]

Quote:

Originally Posted by Richard M

I'm pretty sure there was a warning last month about MSN malware, can't remember the details though.

http://www.usatoday.com/tech/news/20...2-hacked_x.htm

[Richard M]

No, this was MSN Messenger...

[AlanYork]

I just got a reply back from MSN...they actually wanted me to open the spam email purporting to be from myself!!! Now OK, I may be a novice and I will say that in the short time I've had a pc I've had a few teething problems, but even I know not to open e mails and attachments if you dont know who has sent it!!!

Apparently I'm selling myself Diet pills!!??.......hmmm or a virus or a Trojan if I open the attachment I think. MSN tech suport tell me that will help trace the sender or see if it has a false header. Actually its irrelevant as I deleted it, but I was horrified at their suggestion.

Bit of a dilemma really. I like hotmail, it's easy to use but I've kinda lost faith in it a bit, there have been a few problems of late, not least of which is constantly being asked to verify my ID. If a hacker had hijacked it however, that would explain a lot, certainly that.

Now I've zapped the keylogger and changed the password I'm hoping things should be back to normal. However I do have a German e mail address (I have a flat in Berlin) provided by GMX. That's great, secure and efficient, it's just a hassle that everything is in German, which I speak, but not well.

The GMX one hasn't been hacked, I know that for definate, so, can I ask for an opinion...if it was you guys and ladies would you ditch hotmail completely and switch to GMX or would you assume hotmail is fine again now?

I'm kinda attached to hotmail, I've always used it as its so simple but you need to be able to trust it don't you. I will say that I don't use outlook, NTL mail or anything like that. I keep things simple. I just log into hotmail on the msn site, pick up mail, send mail and log off...that's it. Same with GMX. I would have to keep my hotmail address to keep MSN messenger, but my question is, stick with hotmail as the address for all my contacts or switch to GMX? I only want and need one email address to write from and be written to.