Jump to content

Need help to stop a hacker


Guest spazi

Recommended Posts

Guest spazi

Hope I'm not breaking any forum rules, but here goes.

Hi guys, I know I'm very new to this forum but I have something very serious I need some help with.

I live in a small country of only 50k population and only two ISP's

The fact is that there is a lot of people that are getting their bank accounts hacked. Yesterday a friend of the family got hacked but luckily the transaction got cancelled.

Very recently a guy got hacked for half a million.

Really uncool. The guy almost got bankrupted.

That got me thinking, what does these guys have in common.

I actually called the guy who got hacked for 0.5 mill. He was actually very nice and liked the fact that I'm just trying to help.

He told me that his router got hacked and admin password changed, he had a 12 cipher password, upper and lower case and numbers.

He said that the hacker infected his computer with something he wasn't sure (guessing some kind of payload?)

it was his home computer and he uses it daily.

The friend of the family has been very skeptic about my questions, and I can't determine if his router got hacked or not since he won't let me check it, but it's the same story. Guy get's hacked, looses money.

The banks have now imptlemented a text message service so you'll know if something is going on.

I have this theory that the hacker hacked a website that everybody visits daily, logs their IP and hacks their router.

the main ISP is so stupid that all the routers they sell have the same password! :wacko:

When he hacked the router, he probably uses shell scripting or hacks the computer to get the login and password.

I have a list of the websites that I suspect are the problems, and I would really appreciate it if anyone could help me scan them for weakness and report it.

Since I don't want to break any rules I've decided to now show them, if anyone want's to help, PM me please!

Can anyone give me some advice or maybe have an idea how the hell he pulls it off?

Atleast one person get's hacked every second week now, it's just too much!

I've contacted a journalist, and I've explained my theory and given him a guide how people can avoid getting hacked.
Includes reseting the router, changing the default password and updating it.

Also updating the computer should atleast get rid of some exploits right?

also adviced people to use 12 to 16 cipher password upper and lower case including numbers.

Any advice would be greatly appreciated!

Thanks.

Edited by spazi
Link to comment
Share on other sites

Hi Spazi,

You need to be careful about the terminology you are using...active scanning is illegal, passive scanning is legal. Making active requests which probe the website for "weaknesses" is breaking the law but passively reviewing the source to make sure there isn't things like persistent beef hook XSS code isn't. If you start using automated scanners against public websites then you are in the bad guy camp regardless of your intentions.

If the problem is as widespread as you say it is, then i would go into business retrofitting each house with a pfsense router. Implement the Snort intrusion prevention system and work on making a solid rule set that you can deploy to clients. If your clients are loosing millions then they have plenty to spend on implementing defence.

Isolot.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...