Two Plus Two Publishing LLC
Two Plus Two Publishing LLC
 

Go Back   Two Plus Two Poker Forums > >

Notices

Internet Poker Discussions of Internet poker venues, including RB & bonuses.

Reply
 
Thread Tools Display Modes
Old 12-18-2010, 05:59 PM   #1
WillyT
veteran
 
WillyT's Avatar
 
Join Date: Jun 2005
Location: Wood Shed
Posts: 2,263
Getting hacked right now :(

Posted this earlier in a different forum:

I just logged into my email to find out that both it and my moneybookers account had been hacked.

The hackers transferred money to guntarslorbergs@gmail.com . Fortunately my 90 transaction limit was near maxed out and they could only send 4k. The timestamp on the transfer is December 17 at 22:46 (not sure of the time zone) and I've emailed their support. The office is closed now but I'll call as soon as it reopens.

Anyone have any experience with this and/or have any advice? (I know, get the rsd token...I'm still waiting for them to send it as of like June!)

Changing passwords to everything now. Will check on how to see if I have a trojan. I'd guess not as all of my poker accounts are still untouched.

Cheers for any help.
WillyT is offline   Reply With Quote
Old 12-18-2010, 06:03 PM   #2
WillyT
veteran
 
WillyT's Avatar
 
Join Date: Jun 2005
Location: Wood Shed
Posts: 2,263
Re: Getting hacked right now :(

Update:

Whomever it was was still working on my accounts and while I was changing my passwords he was, at the very least, trying to change the email account on my UB account so he had accessed that as well.

I contacted UB and they've frozen my account (although their support was total trash about it).

It seems as though the hacker has accessed everything via my email. He had my UB password reset to get in there, same with my moneybookers.

What steps do I take from here?
WillyT is offline   Reply With Quote
Old 12-18-2010, 06:07 PM   #3
AlmostFamous
grinder
 
Join Date: Mar 2010
Posts: 484
Re: Getting hacked right now :(

good luck man
AlmostFamous is offline   Reply With Quote
Old 12-18-2010, 06:17 PM   #4
WillyT
veteran
 
WillyT's Avatar
 
Join Date: Jun 2005
Location: Wood Shed
Posts: 2,263
Re: Getting hacked right now :(

I figured out how to check my gmail login records. The guy was logging in from Latvia. Here's the IP

Latvia (78.84.242.195)
WillyT is offline   Reply With Quote
Old 12-18-2010, 06:23 PM   #5
AlmostFamous
grinder
 
Join Date: Mar 2010
Posts: 484
Re: Getting hacked right now :(

do you have any e-friends from Litvia?
AlmostFamous is offline   Reply With Quote
Old 12-18-2010, 06:35 PM   #6
WillyT
veteran
 
WillyT's Avatar
 
Join Date: Jun 2005
Location: Wood Shed
Posts: 2,263
Re: Getting hacked right now :(

Quote:
Originally Posted by AlmostFamous View Post
do you have any e-friends from Litvia?
nope :-/
WillyT is offline   Reply With Quote
Old 12-18-2010, 06:56 PM   #7
Max Guevara
journeyman
 
Join Date: Mar 2010
Posts: 335
Re: Getting hacked right now :(

Quote:
Originally Posted by WillyT View Post
nope :-/
then it probably isnt a friend who is doing this right now
Max Guevara is offline   Reply With Quote
Old 12-18-2010, 06:57 PM   #8
scandilous
journeyman
 
scandilous's Avatar
 
Join Date: Sep 2008
Location: undistracted
Posts: 305
Re: Getting hacked right now :(

well if he is a good hacker the IP don´t matter because it is quite easy to "spoof" it..
scandilous is offline   Reply With Quote
Old 12-18-2010, 08:34 PM   #9
Unabridged
old hand
 
Join Date: Jun 2005
Posts: 1,401
Re: Getting hacked right now :(

sorry to hear that. but 4k on UB? are you ****ing insane?

i wouldnt keep that much on any site without a rsa token
Unabridged is offline   Reply With Quote
Old 12-18-2010, 08:52 PM   #10
JechtSphere
grinder
 
JechtSphere's Avatar
 
Join Date: Sep 2006
Location: pixel felt
Posts: 648
Re: Getting hacked right now :(

Quote:
Originally Posted by Unabridged View Post
sorry to hear that. but 4k on UB? are you ****ing insane?

i wouldnt keep that much on any site without a rsa token
Reading comprehension fail. He said the 4k was sent from his moneybookers to that gmail address, not that he had 4k on UB. Plus maybe he plays 5/10; then 4k would only be 4 buyins to begin with even if it were the case!

Good luck OP.
JechtSphere is offline   Reply With Quote
Old 12-19-2010, 12:17 PM   #11
thunderbolts
Pooh-Bah
 
thunderbolts's Avatar
 
Join Date: Aug 2008
Posts: 3,520
Re: Getting hacked right now :(

OP, there are a few basic steps you should take.

First, change any password reset questions that you also have on your compromised accounts. Also change passwords and questions on any secondary accounts (e.g. those to which reset links can be sent).

You should consider all accounts linked to your email (poker, banking, anything else you care about) to be compromised. Deal with all of them.

Make sure your machine's clean. CTH can help you do this. Follow the steps in this thread and post your logs in a new thread in CTH with a description of what happened.
thunderbolts is offline   Reply With Quote
Old 12-19-2010, 02:00 PM   #12
TeflonDawg
Pooh-Bah
 
TeflonDawg's Avatar
 
Join Date: Oct 2006
Location: RetiredExtremelyDangerous
Posts: 4,688
Re: Getting hacked right now :(

OP, please note when you do this:

Quote:
Originally Posted by thunderbolts View Post
change any password reset questions that you also have on your compromised accounts. Also change passwords and questions on any secondary accounts (e.g. those to which reset links can be sent).
DO IT ON A SEPARATE, UNCOMPROMISED COMPUTER.

If you got hacked, there may be a keylogger on yours, which would mean they'll know your new passwords.
TeflonDawg is offline   Reply With Quote
Old 12-19-2010, 02:02 PM   #13
IamPro
one time Plz???
 
IamPro's Avatar
 
Join Date: Jan 2009
Location: OUT YOUR POCKET MOOOTTTHAAA ****AAA
Posts: 17,596
Re: Getting hacked right now :(

What if u use voice recognition software to type instead of keyboard?

Last edited by IamPro; 12-19-2010 at 02:03 PM. Reason: can keyloggers still get it? always wondered this
IamPro is offline   Reply With Quote
Old 12-19-2010, 03:23 PM   #14
thunderbolts
Pooh-Bah
 
thunderbolts's Avatar
 
Join Date: Aug 2008
Posts: 3,520
Re: Getting hacked right now :(

Quote:
Originally Posted by TeflonDawg View Post
OP, please note when you do this:



DO IT ON A SEPARATE, UNCOMPROMISED COMPUTER.

If you got hacked, there may be a keylogger on yours, which would mean they'll know your new passwords.
This is absolutely correct - they should be changed from a known clean machine. If you have access only to yours, get it clean asap.
thunderbolts is offline   Reply With Quote
Old 12-19-2010, 03:29 PM   #15
curtains
banned
 
curtains's Avatar
 
Join Date: May 2003
Posts: 17,681
Re: Getting hacked right now :(

Stuff like this makes me happy that I have RSA tokens on all sites. Good luck OP!
curtains is offline   Reply With Quote
Old 12-19-2010, 03:33 PM   #16
Online Veteran
veteran
 
Join Date: Jun 2009
Location: USA
Posts: 3,263
Re: Getting hacked right now :(

Sorry to hear about this OP. I would highly recommend that you reformat your PC right now. Good luck finding the guy who did this.
Online Veteran is offline   Reply With Quote
Old 12-19-2010, 03:50 PM   #17
American_Express
newbie
 
American_Express's Avatar
 
Join Date: May 2010
Location: Kid Vegas Wannabe
Posts: 43
Re: Getting hacked right now :(

Download Malwarebytes, install and update. (free version)

Start your computer in safe mode and run the Malwarebytes program from the administrator account.

Malwarebytes:

http://www.malwarebytes.org/

Safe Mode Instructions:

http://www.pchell.com/support/safemode.shtml

Change your password info for all accounts from an uncomprimised computer ASAP. Call your credit card companies and see if you have any unusual transactions. Check your bank statements at the bank. I would even go so far as to get a credit report from Transunion as soon as possible. I hope you're not going to be a victim of identity theft.
American_Express is offline   Reply With Quote
Old 12-19-2010, 04:08 PM   #18
thunderbolts
Pooh-Bah
 
thunderbolts's Avatar
 
Join Date: Aug 2008
Posts: 3,520
Re: Getting hacked right now :(

MBAM is one of several preliminary steps we recommend in the CTH thread I linked to. It's very good but not enough on its own.
thunderbolts is offline   Reply With Quote
Old 12-19-2010, 08:14 PM   #19
WillyT
veteran
 
WillyT's Avatar
 
Join Date: Jun 2005
Location: Wood Shed
Posts: 2,263
Re: Getting hacked right now :(

Thanks guys, just finishing up a ski trip today. I'll update this when I get home in a few hours. There have been some developments and at least 2500 is already recovered.
WillyT is offline   Reply With Quote
Old 12-19-2010, 08:27 PM   #20
GotAhorseOutside
banned
 
Join Date: Dec 2010
Posts: 104
Re: Getting hacked right now :(

why is everyone assuming its a guy

gl btw
GotAhorseOutside is offline   Reply With Quote
Old 12-19-2010, 08:37 PM   #21
hehateme315
banned
 
hehateme315's Avatar
 
Join Date: Oct 2009
Location: #1 in the land
Posts: 2,039
Re: Getting hacked right now :(

damn man. ****y glgl resolving issue
hehateme315 is offline   Reply With Quote
Old 12-20-2010, 11:14 AM   #22
dealace1
grinder
 
Join Date: Feb 2007
Posts: 410
Re: Getting hacked right now :(

Quote:
Originally Posted by curtains View Post
Stuff like this makes me happy that I have RSA tokens on all sites. Good luck OP!
How difficult is it for a hacker to claim the RSA token is lost and get stuff reset once they have your email/id? I'm sure Stars/Tilt are somewhat careful, not so confident about UB.

I still think the most important step is to have a dedicated poker computer with secure/unique passwords and email addresses.
dealace1 is offline   Reply With Quote
Old 12-20-2010, 02:14 PM   #23
Online Veteran
veteran
 
Join Date: Jun 2009
Location: USA
Posts: 3,263
Re: Getting hacked right now :(

Quote:
Originally Posted by GotAhorseOutside View Post
why is everyone assuming its a guy

gl btw
Hehe, guilty.
Online Veteran is offline   Reply With Quote
Old 12-20-2010, 02:48 PM   #24
PlayedYou73
journeyman
 
Join Date: Apr 2009
Posts: 208
Re: Getting hacked right now :(

I read posts like this here from time to time, and I don't understand how it happens to people.

I'm a small stakes player so i've never been worried about losing money on my account. But for people with thousands or more on their system, I don't understand how people get it from the "player side" without the person either knowing the player, or the player doing something unwise.

Poker username, poker password, email addy, email addy pw. Without those, I don't quite understand how a person would even be able to identify a player, let alone get into their account. Mind you I'm not knowledgable of the latest hacking tools, but are most compromised accounts the work of outsiders or an inside job? Maybe there's a thread somewhere about this?

Last edited by PlayedYou73; 12-20-2010 at 02:49 PM. Reason: typo
PlayedYou73 is offline   Reply With Quote
Old 12-20-2010, 04:34 PM   #25
AlmostFamous
grinder
 
Join Date: Mar 2010
Posts: 484
Re: Getting hacked right now :(

Quote:
Originally Posted by dealace1 View Post
How difficult is it for a hacker to claim the RSA token is lost and get stuff reset once they have your email/id?
I'm interested in this. What's the procedure when you lose RSA token?
AlmostFamous is offline   Reply With Quote

Reply
      

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Forum Jump


All times are GMT -4. The time now is 10:12 PM.


Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Copyright © 2008-2017, Two Plus Two Interactive
 
 
Poker Players - Streaming Live Online