My Computer is being HACKED

teresa1517

I transferred money into my bank account and within 20 minutes it was gone.
I called the fraud department and they replaced it instantly.
Less than 24 hours later it was taken again.

What can I do to make sure I am not being stalked and hacked and prevent it from happening again?

zxbane

I would first verify that the incident isn't linked to your bank account rather than your computer.

j.petrov

If you are on Windows I would run netstat -o in the cmd and take a look at what is connected. This will show any process IDs that are associated with each connection. You can then match the PID with the PID in task manager under services to see if you have anything that doesn't look right connected.

[Deleted User]

zxbane wrote: »

I would first verify that the incident isn't linked to your bank account rather than your computer.

Check this first. If not, Post the following here: 1. Operating System platform (PC, Mac, or possibly your smartphone) 2. What exactly was going on when this occurred? 3. I would get the information/transaction that occurred on you bank statement, find out who the transaction traces back to and go from there.

iBrokeIT

Back up, format, reinstall OS, install AV and scan backups before restoring

lsud00d

Call them and tell them to disable your online banking account.

If it occurs again...you got bigger problems.

Also...do you bank from your phone? Have you changed your password? Have you updated your security questions? Does your bank offer two-factor authentication?

It's possible you have malware with a keylogger.

zxbane

I just don't understand where the assumption that it is absolutely related to the computer comes in, rather than the bank account itself being compromised.

kriscamaro68

Close the account at the bank. Maybe move to a different bank entirely. Re-install your OS for safe measure following 'iBrokeIT' method.

Plantwiz

I would be on the phone working with the bank immediately, and not so much online.

Stop using your machine that you believe is infected.
Once the bank side is secured, then look into troubleshooting your machine.

Do you have an alternate device to access online searches with while you problem solve the machine? If not, I'd consider obtaining one. What a disappointing bank if you report a fraud, they replace funds, and the problem happens again I'd likely consider a new bank (local one or a credit union)

Get fraud alerts on your credit reports and such too, just to slow down anyone trying to be 'you'.

YFZblu

j.petrov wrote: »

If you are on Windows I would run netstat -o in the cmd and take a look at what is connected. This will show any process IDs that are associated with each connection. You can then match the PID with the PID in task manager under services to see if you have anything that doesn't look right connected.

...unless any malware which may be on the system contains rootkit modules; at which point netstat is lying. Zeus variants are known to exhibit the behavior described in the original post. It will behave as a man-in-the-middle between the User's browser and the bank; redirecting transferred funds to the attacker's account. Additionally it will keylog / screenshot the User - so once the money has been returned, it's trivial for the attacker to login and transfer the money again.

My advice: Replace credit/debit cards, change your account numbers, and reimage any computers you own and use. I would be formatting my smartphone as well. IMO, when your livelihood is at stake, now is not the time to mess around.

teresa1517

j.petrov wrote: »

If you are on Windows I would run netstat -o in the cmd and take a look at what is connected. This will show any process IDs that are associated with each connection. You can then match the PID with the PID in task manager under services to see if you have anything that doesn't look right connected.

I ran the netstat -o, but not sure how to get to services from task manager. I have windows 7

YFZblu wrote: »

.
My advice: Replace credit/debit cards, change your account numbers, and reimage any computers you own and use. I would be formatting my smartphone as well. IMO, when your livelihood is at stake, now is not the time to mess around.

I replaced debit card and closed that account.
Also, changed password.

kriscamaro68 wrote: »

Close the account at the bank. Maybe move to a different bank entirely. Re-install your OS for safe measure following 'iBrokeIT' method.

I did reinstall my OS after being locked out with my own password. I had no other choice, I couldn't log back in. Weird, huh?

kMastaFlash wrote: »

Check this first. If not, Post the following here: 1. Operating System platform (PC, Mac, or possibly your smartphone) 2. What exactly was going on when this occurred? 3. I would get the information/transaction that occurred on you bank statement, find out who the transaction traces back to and go from there.

My OS is windows 7, on pc.
I found out when it first happened at 3:00 a.m. in the morning when I went to buy gas.
As for tracing back, how would the bank be able to do that?

lsud00d wrote: »

Call them and tell them to disable your online banking account.

If it occurs again...you got bigger problems.

Also...do you bank from your phone? Have you changed your password? Have you updated your security questions? Does your bank offer two-factor authentication?

It's possible you have malware with a keylogger.

I bank on my laptop.
How can I find out if there is malware with a keylogger, and get rid of it?

YFZblu

^ You re-installed the operating system, correct? You have likely gotten rid of the malware in that case.

teresa1517

YFZblu wrote: »

^ You re-installed the operating system, correct? You have likely gotten rid of the malware in that case.

Correct? I don't remember how I did it. (please don't laugh) this is all new to me!
The bank incident happened October 2012.
Not being able to log into my pc with my own password, was May 2013.
That is when I reinstalled the OS.

BGraves

Came across this today and figured I'd toss it up here.

YFZblu

For some reason Comodo thinks signed malware is noteworthy - This isn't a new thing. Just more eyerolling news from Antivirus vendors I suppose.

teresa1517

BGraves wrote: »

Came across this today and figured I'd toss it up here.

I found that very interesting, and very similar with my situation.
Thanks

kristankelsch87

Definatlly its issue from bank side, I think you should close your account if that happens again..