zez0 Posted August 18, 2012 Share Posted August 18, 2012 (edited) i don't know much about security but i believe that my internet has been hijacked, Hotmail, Paypal, and banking sites have been replaced by fake ones (they are a jpg picture of the original site,but the only functional part is the login ) i tried using "https://" and got 404 error , im being redirected somehow, it happens on all browsers so i thought it was same sort of "man in the middle" attack someone might have intercepted my internet cable, but on my netbook i can access the original sites normally. can anybody help me? how can i get rid of this? im using windows on my desktop and linux on the netbook neither spybot nor Microsoft security essentials found anything (sorry for my bad English im from Brasil) Edited August 19, 2012 by zez0 Quote Link to comment Share on other sites More sharing options...
zez0 Posted August 19, 2012 Author Share Posted August 19, 2012 update: so... i made "Autohotkey" script to send same fake random credit card information to his server, and in doing so might have caused him to flee, now i cant access the fake sites anymore, im geting Erro 101, well i didt know how to track him anyway... hopefully the fake information will overwhelm anything he got now, can anybody help fix the 101 error? Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted August 19, 2012 Share Posted August 19, 2012 Check your DNS to make sure you don't have a rogue DNS. Plenty of sites out there if you google that can walk you through some things. Quote Link to comment Share on other sites More sharing options...
digip Posted August 19, 2012 Share Posted August 19, 2012 Sounds like DNS hijacking. To be safe, download, and reinstall your routers firmware to latest from the OEM site, then change its settings to use OpenDNS as its DNS servers, and on all workstations, manually set OpenDNS and disable DNS services(if in widnows). On linux, you can edit the file and the lock it with chattr command, so no one can mess with it, but when moving to a new network like a VPN, DNS will fail when hardcoded if they require use of their own DNS servers. Quote Link to comment Share on other sites More sharing options...
zez0 Posted August 19, 2012 Author Share Posted August 19, 2012 (edited) thx guys , turns out an malwere modified my Hosts file (didn't even knew about this "hosts" file thing), fixed it with hijackthis Edited August 19, 2012 by zez0 Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted August 19, 2012 Share Posted August 19, 2012 thx guys , turns out an malwere modified my Hosts file (didn't even knew about this "hosts" file thing), fixed it with hijackthis yeah, hosts file is to set a static IP per hostname. I use it to avoid getting redirected to the offline forums page due to some DNS issue. Quote Link to comment Share on other sites More sharing options...
digip Posted August 19, 2012 Share Posted August 19, 2012 yeah, hosts file is to set a static IP per hostname. I use it to avoid getting redirected to the offline forums page due to some DNS issue. Lol. I actually did htat to, hardcoded new forums DNS entry in my hosts file. Got tired of the "moving forums" message... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.