Crazy definately sounds like 2-3 hotel staff working together with an outside on this, hope this turns out well for you two.
Quote:
Originally Posted by pmarrsouth
Jeans, having worked closely with victims like you before I would ask you to do the following:
1. Do not turn back on that laptop, especially if it can be connected to the internet
2. Buy a new laptop, with your standard stakes this will cost you 2-3BB and could will save you a ton of money in the future
3. Bring your laptop to a trusted security expert (preferably an (ex)hacker that you personally know or that is vouched for by a ton of people you know). Get him to find out exactly what has been installed/done to your machine and if there any unusual IP addresses etc that it is "talking to"
4. Change your passwords to your poker sites / email address etc from a different computer (preferably the one that you buy). Use a different password for each account, it can be a pain, but is needed
5. Get security tokens for all sites that offer them if you don’t already
Sound advice.
I typed up a bit for the other thread but got locked before I hit post, might be useful for people who aren't playing high enough that they can just buy a new laptop:
Quote:
Originally Posted by Kilowatt
a) I do know how people will react because I've seen this played out over and over for the past 10 years. In fact, many victimized players panic to the point where they actually dispose of the laptop or give it away. Almost all of them reformat and are super-careful what they put back on, so this slick "document virus" plan would rarely work.
b) It's not about writing more code. It's a lot more effort to infect existing documents on the computer, and these perpetrators don't have the luxury of time. They want to get the computer, install the spyware, and get the thing back to where it was ASAP. This is like thinking that home invasion burglars might have also planted hidden cameras to spy on you having sex with your wife. Could they? Yes. Would it make sense for them to do this? Absolutely not.
c) Yes, it does.
d) Again, document viruses are used to trick users into infecting their computer. Nobody would use them when they already have physical access to the computer they want to infect. I advised that their documents are safe because they are unlikely to be infected in this particular scenario, and it's a pain in the rear to keep all of your personal data off your travel computer. It would be great for several reasons to travel with a laptop without sensitive data/documents on it, but that's just not practical for most people -- especially poker pros who spend a lot of time away from home. So rather than suggest ridiculous levels of computer austerity, I am advising a solution that wipes out the spyware (reformat) while allowing these people to retain important data files they might need while on the road.
On your thoughts about planting a document trojan.. IF this thief was savvy enough they would boot straight into a USB from the menu and install the software/dll based trojan,
then if they had enough time (and the laptop was password protected); bootmenu into the system user/pass list and default the admin password then load into the OS. They could have a look around recent documents, looking for a file such as a live poker result tracking excel file which would surely be carried over to a new install, and attach a trojan macro to that.
And if they were very skilled they could plant a trojan in the master boot record/BIOS which would be almost undetectable and reformatting wouldn't erase it.
If you have high suspicions of being infected:
- A reformat and reinstall will most likely be sufficient
- If you want to be safer, buy a new laptop HDD open your laptop and switch them out, this would remove any boot trojan. Or you could reflash the master boot record of the hard disk but this isn't for everybody.
- It's very very unlikely someone would plant one in the BIOS but to be safe you could reflash your bios. Again, this isn't for everybody. You could also buy a new bios chip.
- Buy a new laptop.
Chances of the HD bootsector trojan and BIOS trojans are
extremely slim but thought i'd cover all the possibilities.
Once you've reformatted or bought a new laptop etc; set up and then run suspicious documents in a
sandbox.