GeeBee
-
Posts
6 -
Joined
-
Last visited
Posts posted by GeeBee
-
-
8 hours ago, Dave-ee Jones said:
How long have you had the laptop? If it's a second-hand laptop it sounds like they left some malicious software on there, whether it's accidental or not it's hard to tell with those.
It's also not hard to put an old Skype conversation in your Skype install. All those conversations can be sourced from your PC's local files so a hacker could potentially copy a file from a USB/SMB share to your PC into the Skype directory. This is supported by the fact that you said those conversations talk about company file theft. So if this wasn't there before, someone is definitely trying to frame you, though it doesn't have to be a person deliberately trying to hurt you - it could just be a hacker trying to grab some files and get out without being suspected himself - easiest way to do that is to frame someone else (which I guess he is deliberately trying to hurt you, but not for personal reasons).
Also, you mentioned that there was no trace of the hack. This could mean a few things - one, which was suggested by the friendly-neighbourhood-neo-fighter, is the hack could have been run in memory and therefore there is no trace of it in your local files. You can always try looking in your event log/event viewer (just type 'Event Viewer' into Windows start menu) and probably go with the Applications and Services tab (top left) and scroll down to the day you think your hack started (don't bother looking at when the Skype conversations were started - the dates/times can be changed fairly easily). You're looking for something suspicious. It's possible it isn't even there (not ridiculously hard to remove event logs).
Another thing that it could mean (in terms of the untraceable hack) is it could have been passed to you over your network. So when you use it at home someone could have got into your network from the outside and done some damage. However I think this is unlikely as it was specifically targeting you as an employee of a company, so unless someone knew your network to be yours and knew you to be an employee of the company it is unlikely that was the way it was done. Although, your home network would be marginally more insecure than your company's network.In terms of proving your innocence, I can't really offer much there. The hack is more than likely no longer on your PC, probably isn't any event logs on this hack and the Skype conversation is hard to disprove, unless you know that Skype conversations can be placed fairly easily.
If I wanted to place a Skype conversation I would create two Skype accounts and have them message each other about hacking a company (by the way, is there anything interesting in the conversation - like a method of the hacking or saying how they would do it etc.?) and then copy the conversation file to your PC, after changing the names of the 2 accounts. Not too hard.
That's what I got from your dilemma, anyway.
Hi thankyou so much for taking the time to give me your comments
yes its a brand new sealed box laptop i have owned for about 4 years
and the conversation stretches into 2 years
is it possible then for my end of the conversation to have taken place on another pc, then once the account is opend on my pc all the conversations then appear as though they have taken place on mine ?
can you explain more about a hack being run in memory, how do they get in my memory to run the hack
as there evidence that the files weren't all downloaded onto my pc on one occasion but over quite a few months, so how do they keep getting into my memmory to run a hack there ?
many thanks in advance Graham
-
5 hours ago, RickD said:
If done correctly i guess a hack can't be traced technically.
So try to disprove the evidence.
1) Maybe you can prove you weren't near your laptop at the time of one of these skype incidents.
2) If there are skype recordings maybe they can work in your favor.
3) If your password was weak at the time (several old password may still be in the system), you can claim someone else hacked your account.
4) Maybe you have obvious enemies and if they had motive/means/opportunity, you can claim they did this ..
5) Etc ..
Also it may be a good thing to lawyer up depending on how serious the situation is.
Hi
thank you for your comments
can i just confirm, its not my skype account, but a record of it is on my laptop and a long conversation over many months was recovered using software SkypeAlyzer
and the files downloaded onto my pc over many monthas
-
3 hours ago, esa said:
Some qns:
1) Do you have administrative rights on the laptop ? Usually IT dept will not allow employees to installed/remove programs. If you are not granted admin rights in the first place than this will be advantageous in your case since you should not be able to add or remove programs.
2) Could you share the value of the data loss? Sophisticated hack jobs are expensive.
3) Could it be a sabotage? Did you leave your laptop unattended in the office? From this perspective then it makes sense that 2 companies are not able to find signs of intrusion & backdoor.
Hi guys
thanks for your comments, really appreciated
its just an off the shelf pc laptop i purchases myself with the company credit card so i have full access and don't leave it untended, so you can see why the don't believe im responsible
its not an expensive data loss, why do you think a hack is expensive? do you mean if someone buys a hack software off the dark web ?
thanks graham
-
thanks for your comments guys
my as far as my company are concerned they have finished inspecting it, getting 2 opinions on it and neither of them have found a backdoor
i guess what im really looking for before my hearing is an article explaining / describing the fact that its not always possible to find a backdoor unless your the hacker thats put it there ?
thanks in advance
-
my windows works laptop has been hacked with files and programs being added and removed and some skype conversations found that i didn't have about theft of company files
the laptop is used only be me at home and work, i know its been hacked because i know i didnt do it, but i face the sack if i cant convince my bosses that it is possible to do this even though they have paid 2 company's to search the laptop for proof that it has been hacked
any advise on how this is possible ?
is it just a hard to detect back door ? if so what is the hardest to detect ?
thanks for any advise on how this is possible
advice needed Undetectable Hack on My Pc
in Security
Posted
Hi allll
im considering whether i should pay for my own specialists to look into this and represent me, but if im about to lose my job its money i dont think i want to be spending unless im sure it would help
theres no lawyers involve or anything like that, its just an internal company investigation
this looks interesting above, but dont actualy understand it myslef to be ale to explain it to others as an option to investigate,
sorry if i seem a bit daft, but can you explain it a little simpler especially line 4 what does that mean
then the bit that says "show them plug in the ducky to execute the reverse shell" whats a ducky ?
you then say "You could even have them demonstrate some other flaws, like......." but what flaw have you demonstrated above? how are you sugesting they hack the machine in the first place is it to do with this ducky ?
thanks in advance guys your a great help and i really appreciate it, my hearing is beginning July so not much time to get my experts in or write my counter report