GeeBee

advice needed Undetectable Hack on My Pc

12 posts in this topic

my windows works laptop has been hacked with files and programs being added and removed and some skype conversations found that i didn't have about theft of company files

the laptop is used only be me at home and work, i know its been hacked because i know i didnt do it, but i face the sack if i cant convince my bosses that it is possible to do this even though they have paid 2 company's to search the laptop for proof that it has been hacked
any advise on how this is possible ?
is it just a hard to detect back door ? if so what is the hardest to detect ?
thanks for any advise on how this is possible

0

Share this post


Link to post
Share on other sites

Line by line through the registry?

Replace hardware with fresh/new duplicate hardware and look for changes in registry/management policies?

Inspecting full packet TCPdump before,during and after the first two?

Self inflict high dollar ransom ware and let the higher ups deal with it?

Somehow, some way (but still understandibly) the laptop finds itself in saltwater or an emp..?

Trust that good things always come after bad things, it's the timeframe that we hate.

good luck.

0

Share this post


Link to post
Share on other sites

Honestly, if you say it's been hacked somehow, give it to your IT department and let them do their job of discerning what has happened. If you don't have the knowledge to do so, you're not likely to find a full guide on how to here.

 

I know that may come across as dismissive, but it's up to your IT department to check your claim, not you to prove it.

0

Share this post


Link to post
Share on other sites

thanks for your comments guys

my as far as my company are concerned they have finished inspecting it, getting 2 opinions on it and neither of them have found a backdoor

i guess what im really looking for before my hearing is an article explaining / describing the fact that its not always possible to find a backdoor unless your the hacker thats put it there ?

thanks in advance

0

Share this post


Link to post
Share on other sites
9 hours ago, GeeBee said:

thanks for your comments guys

my as far as my company are concerned they have finished inspecting it, getting 2 opinions on it and neither of them have found a backdoor

i guess what im really looking for before my hearing is an article explaining / describing the fact that its not always possible to find a backdoor unless your the hacker thats put it there ?

thanks in advance

You're probably not going to be able to prove anything, as if this was a sophisticated attack, it could have run from memory and be gone on reboot. No way to prove that really other than catching them in the act. What they did to get in would also be hard to prove other than having osmeone pentest the box itself, ie: actively hack you. If you have certain services enabled, this could let anyone in, and if you have weak credentials for anything, even easier. SMB would probably be where they got in, but that is just a guess since it's a business machine, it more than likely has file sharing services in use and unpatched files. The recent wannacry attack for example is one that could go undetected  other than the fact it is ransom-ware, but the attacks used relied on more recent 0-days that many had not patched against, all of which could have been done without your knowledge.

At the end of the day, you're pretty much shit out of luck other than catching them in the act, or them slipping up and leaving something forensically on the system, for which you said 2 groups have already checked against. Even the way it sounds from what you describe, it seems unreasonable you aren't the culprit, but we have no way to prove for or against you. If this was truly hacked, and used your skype to talk up business stuff, then possibly targeted by someone in the company like a co-worker. You should logon to the skype website(not your client) and see if they show any info for IP addresses logged into the account, although I'm not sure if they log them or have a setting for that. It's possible they guessed your password(s) and used the accounts that way as well, since skype is not limited to only the desktop or mobile clients, you don't need a client to use skype, only access to the skype site and the login details.

0

Share this post


Link to post
Share on other sites
On 16-5-2017 at 10:51 AM, GeeBee said:

my windows works laptop has been hacked with files and programs being added and removed and some skype conversations found that i didn't have about theft of company files

the laptop is used only be me at home and work, i know its been hacked because i know i didnt do it, but i face the sack if i cant convince my bosses that it is possible to do this even though they have paid 2 company's to search the laptop for proof that it has been hacked
any advise on how this is possible ?
is it just a hard to detect back door ? if so what is the hardest to detect ?
thanks for any advise on how this is possible

If done correctly i guess a hack can't be traced technically.

So try to disprove the evidence.

1) Maybe you can prove you weren't near your laptop at the time of one of these skype incidents.

2) If there are skype recordings maybe they can work in your favor.

3) If your password was weak at the time (several old password may still be in the system), you can claim someone else hacked your account.

4) Maybe you have obvious enemies and if they had motive/means/opportunity, you can claim they did this ..

5) Etc ..

Also it may be a good thing to lawyer up depending on how serious the situation is.

0

Share this post


Link to post
Share on other sites
On 2017-5-16 at 4:51 PM, GeeBee said:

my windows works laptop has been hacked with files and programs being added and removed and some skype conversations found that i didn't have about theft of company files

the laptop is used only be me at home and work, i know its been hacked because i know i didnt do it, but i face the sack if i cant convince my bosses that it is possible to do this even though they have paid 2 company's to search the laptop for proof that it has been hacked
any advise on how this is possible ?
is it just a hard to detect back door ? if so what is the hardest to detect ?
thanks for any advise on how this is possible

Some qns:

1) Do you have administrative rights on the laptop ? Usually IT dept will not allow employees to installed/remove programs. If you are not granted admin rights in the first place than this will be advantageous in your case since you should not be able to add or remove programs. 

2) Could you share the value of the data loss? Sophisticated hack jobs are expensive. 

3) Could it be a sabotage? Did you leave your laptop unattended in the office? From this perspective then it makes sense that 2 companies are not able to find signs of intrusion & backdoor.

0

Share this post


Link to post
Share on other sites
3 hours ago, esa said:

Some qns:

1) Do you have administrative rights on the laptop ? Usually IT dept will not allow employees to installed/remove programs. If you are not granted admin rights in the first place than this will be advantageous in your case since you should not be able to add or remove programs. 

2) Could you share the value of the data loss? Sophisticated hack jobs are expensive. 

3) Could it be a sabotage? Did you leave your laptop unattended in the office? From this perspective then it makes sense that 2 companies are not able to find signs of intrusion & backdoor.

Hi guys

thanks for your comments, really appreciated

its just an off the shelf pc laptop i purchases myself with the company credit card so i have full access and don't leave it untended, so you can see why the don't believe im responsible

its not an expensive data loss, why do you think a hack is expensive?  do you mean if someone buys a hack software off the dark web ?

thanks graham

0

Share this post


Link to post
Share on other sites
5 hours ago, RickD said:

If done correctly i guess a hack can't be traced technically.

So try to disprove the evidence.

1) Maybe you can prove you weren't near your laptop at the time of one of these skype incidents.

2) If there are skype recordings maybe they can work in your favor.

3) If your password was weak at the time (several old password may still be in the system), you can claim someone else hacked your account.

4) Maybe you have obvious enemies and if they had motive/means/opportunity, you can claim they did this ..

5) Etc ..

Also it may be a good thing to lawyer up depending on how serious the situation is.

Hi

thank you for your comments

can i just confirm, its not my skype account, but a record of it is on my laptop and a long conversation over many months was recovered using software SkypeAlyzer

and the files downloaded onto my pc over many monthas

0

Share this post


Link to post
Share on other sites
7 hours ago, GeeBee said:

Hi guys

thanks for your comments, really appreciated

its just an off the shelf pc laptop i purchases myself with the company credit card so i have full access and don't leave it untended, so you can see why the don't believe im responsible

its not an expensive data loss, why do you think a hack is expensive?  do you mean if someone buys a hack software off the dark web ?

thanks graham

Usually it is expensive. 
https://www.wired.com/2015/11/heres-a-spy-firms-price-list-for-secret-hacker-techniques/

Do you have Anti Virus software installed?  It helps to eliminate free/cheap tools found in public space. 

 

So from the hacker's perspective, why would he/she spend the effort & risk getting caught to target you for data that are not worth much?
Furthermore why spend the effort to plant fake Skype messages on your PC?
The hacker manage to access your PC, steal data without leaving any trace, but "carelessly" left a planted Skype messages is highly suspicious. 

Somebody wants you to take the fall. 

 

Can you share the Skype ids/email involved in the conversation?

 

 

 

0

Share this post


Link to post
Share on other sites
15 hours ago, GeeBee said:

Hi

thank you for your comments

can i just confirm, its not my skype account, but a record of it is on my laptop and a long conversation over many months was recovered using software SkypeAlyzer

and the files downloaded onto my pc over many monthas

I guess the big question is: are you in any tense (company) situation where someone might wanna take you down/ hurt you, and plant false evidence on your computer?

If not, the whole thing does not make much sense to me. Why would a random outside hacker plant something like that just for fun? And if it's a data theft they would just have gone in and took it without a skype record.

Like i wrote before analyse the skype data (or have it analysed by an independent person not related to the company). If it is not yours there will be flaws in it somewhere that can prove it was not you and you are being framed.

BTW: The most logical explanation to me, is that someone figured out your password and used your laptop for this while you were at lunch or something (like i said the answer is in the (skype) data on the laptop ).

0

Share this post


Link to post
Share on other sites

Posted (edited)

22 hours ago, GeeBee said:

its just an off the shelf pc laptop i purchases myself with the company credit card

I only ask as I haven’t seen the question asked yet - was this a brand new (sealed box) laptop? or was this a used/refurbished machine?

Just putting it out there that second hand machines, if not cleaned or properly reset, could sometimes incorporate some of the previous owners history or at worst malicious software.

20 hours ago, GeeBee said:

its not my skype account, but a record of it is on my laptop and a long conversation over many months was recovered using software SkypeAlyzer

That could maybe explain the unknown history found on the machine. But date/time stamps should clear that up for example if the conversations took place before you owned the laptop you would have a valid argument.

Also (but maybe not as nice to hear) is that maybe you did do it and are looking for viable reasons to be able to defend your position and keep your job. Just saying its possible and not that is what has happened. For example most of my family users wouldn’t know what the darkweb is, let alone know they could buy anything from it.

22 hours ago, GeeBee said:

do you mean if someone buys a hack software off the dark web ?

Either way I hope your situation comes to a conclusion soon as the "not knowing" can take its toll on anyone being investigated especially added with potential of loosing their job. Dont forget to de-stress often :)

Edited by Just_a_User
0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.