Hi Dimers,
I recently faced a hacking incident despite using strong security measures, and I’m looking for advice. Here's what happened:
Instagram Hack (7th October 2024, 7:30 PM):
I received a notification that someone liked my story, but I hadn't posted anything. Upon checking, I found that my account was changed from private to public. A crypto-related post and story (Image 1) had been shared. I immediately deleted the content and reviewed my login activity, noticing an unfamiliar device from Washington, DC. Although I use a 25-30 character password generated by Bitwarden and have 2FA enabled with Zoho’s OneAuth, the hacker somehow bypassed these defenses. Fortunately, I was able to regain access due to 2FA.
LinkedIn Hack (7th October 2024, 7:30 AM):
Hours later, next day in morning,I received connection requests on LinkedIn. When I checked, my entire profile had been replaced with someone else’s information, including a photo of a girl from London. As I’ve been actively job hunting, this was alarming. I reported the issue to LinkedIn support via Twitter, and they promised to restore my profile within 48-72 hours.
Reddit Hack:
I received an email from Reddit about suspicious activity, and upon checking, I saw multiple login attempts from countries like Brazil and Bangladesh (Image 2). I hadn’t enabled 2FA on Reddit at the time, so I quickly reset my password, enabled 2FA, and logged out of all devices. Fortunately, no malicious activity occurred on the account.
Microsoft Account Concerns:
When I logged back into my Microsoft account after reinstalling Windows 11, I saw numerous failed login attempts from different countries. Despite this, no unauthorized access was made, likely due to 2FA and strong passwords.
Steps I’ve Taken:
1. Changed all passwords and reset my Bitwarden master password.
2. Created new email accounts: one for social media, one for banking, and one for shopping.
3. Deleted my Google account after switching all financial activities to alias emails (e.g., [email protected]).
4. Planning to switch to ProtonMail for added security.
Questions:
1. Could this have been a server-side breach, exposing my Google ID or emails linked to social media?
2. Have Indian users faced issues with ProtonMail, like blocking by banks?
3. What additional steps should I take to further secure my accounts?
Thankfully, no financial loss occurred, but the identity theft has caused immense stress and anxiety. I’m particularly concerned about the repeated login attempts on multiple accounts and would appreciate any guidance or insights.
Thanks for your help!
I remember after Installing an Software from unknown Site, they hacked my Gmail which was logged in [ not the ones in other chrome profiles]....and then they created Google Adsense account with that and another adware site...
Regarding your case, use Separate Emails for Social media & shopping.
Also, scan devices multiple times with some good free antivirus software or just windows scan.
I have McAfee Antivirus enabled on my laptop. A few hours before the hack, I installed data recovery software from Github. The software prompted me to disable the antivirus, which I did. I suspect that this is when the hack occurred, but I'm not entirely sure. Approximately 15 minutes after re-enabling the antivirus, some files were quarantined. Only my social media-connected accounts were hacked, except for Twitter (X), which uses a different email ID.
Happens when your windows is compromised Happened with me many times lost money and thousand worth steam items also facebook hacked What it does is injects adware into google chrome and pc It is seriously recommended to fresh install windows and change password also enable 2F if not already done.
Can you figure out which attack happened first? based on time in milliseconds?
that will most likely be the first that got compromised and other hacks followed up
my guess and bet is your Microsoft account or google email id exposed, might be the first that got hacked and then other hack followed up
Problem is with automated password softwares like bitwarden / passkey etc .
Try switching to old methods of memorising strong password .. no regular pattern etc ..
Just assuming on a second thought, with so much of precautions this happened, think again for your surroundings, did someone got access to it in office or somewhere? Because we sometimes forget to secure physical devices.
Hi there,
I’m really sorry to hear about your recent hacking incidents. It’s understandably distressing, especially given the measures you’ve already taken. Here’s some guidance based on your situation:
The emotional toll of identity theft is significant, and it’s good that you’re being proactive. Keep monitoring your accounts closely, and don’t hesitate to reach out to the platforms for further assistance if you notice any suspicious activity. If you have any further questions or need clarification, feel free to ask.
Stay safe!
Actually Hackers stolen my Browser Cookies thats why he didnt needed any 2FA OTP because every website that was breached or compromised was already logged in. @Jarvis.-.
Update - Thankfully, I have completely changed my email ID and made a diferent email ids for every purpose and using Strong Password + 2FA and Logging Out after my work is done.
Don't use alias email for financial stuff rather use different email id
Many new finance & banking apps in name of security won't let you login when there are special characters in email [ " + " also included ] if not now when they update their app without thinking of existing users
Some are so advanced that they let you register with alias than says email id not correct on frontend when logging in & arguing with CS is like banging head against wall.
If not a break-up, then the last time you (even unwittingly) angered the other person enough.
Google account 'deletion' was not really required, nor (I think) would particularly matter in the future either.
This seems to be some other way of either having a mirrored device or somehow being able to access the traffic from your device too.
The typical 'man in the middle' attack.
Obviously this was likely not a 'targeted' attack (against you/high value asset) but just an opportunistic one.
(Pickpocketing versus finding a wallet accidentally left behind on a table and picking it up.)
The Myanmar or other south east Asian (almost concentration) camps... trap and employ dedicated social engineering pointsmen/ pointswomen.. in cahoots with the state sponsored hacking syndicates in China, DPR Korea or elsewhere.
Maybe your credentials were just out there in the non encrypted part of the traffic or somehow either at your ISP's nodes or via the master database leaks of some other sites.. your details were out there and samples given to random buyers or users to test.
Maybe that is why nothing significant happened in your Linkedin, Instagaram accounts.. while Reddit, Microsoft nipped it in the bud.
If I were you, then I would first ditch at-least the regular portable devices (tablets, mobiles) and make significant changes to or entirely replace the routers and stuff.. assuming those could be a known vulnerability for the other party to exploit.
Yes I would change login credentials too.. but i do not know if still using the same e-mail service (MSN, gmail, yahoo, others) could subvert fingerprinting.
Changing MAC ID and stuff is not enough to avoid getting fingerprinted/ recognised as the same entity.
they stole your cookies from browser session then they can access any site u r logged in happening with lots of youtube channel including big ones like LTT, and everytime they promote crypto thing
Don't use alias email for financial stuff rather use different email id
Many new finance & banking apps in name of security won't let you login when there are special characters in email [ " + " also included ] if not now when they update their app without thinking of existing users
Some are so advanced that they let you register with alias than says email id not correct on frontend when logging in & arguing with CS is like banging head against wall.