Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Off-topic
  3. how I caught a hacker trying to (or may have) hacked into 1 of my colleagues old accounts.

how I caught a hacker trying to (or may have) hacked into 1 of my colleagues old accounts.

Scheduled Pinned Locked Moved Off-topic
30 Posts 4 Posters 3.8k Views 4 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • J joseph

    That would be me 😄 I haven't had the time to go through the full post but maybe later when I done with all the Support stuff.

    A Offline
    A Offline
    adisonverlice2
    wrote on last edited by
    #9

    @joseph o? so you do support stuff? good to know.

    1 Reply Last reply
    0
    • A Offline
      A Offline
      adisonverlice2
      wrote on last edited by
      #10

      o I didn't know you were a staffer here...

      1 Reply Last reply
      0
      • A adisonverlice2

        but I'm curious, because the highest transaction was that I believe someone sent him (unless he spent) 8000 dollars, and right now his value is sitting at around 2500 dollars. lol I bet he has this sitting in a Bitcoin exchange someware, because most people use Bitcoin exchanges. so if someone were to report this guy, he would've had to have gone through KYC (know your customer) laws. this includes social security number, actual identity, phone number, full name, address, birthday, some IRS information, yabba yabba yabba, bla bla bla, you get the jist. this means that if the government were to supina his shit, from whatever exchange he's using...he's fucked! fucked with a capital F. that is, unless he's storing it in a Bitcoin hardware wallet, or an offline Bitcoin application like 1's seen in the tails operating system.

        A Offline
        A Offline
        adisonverlice2
        wrote on last edited by
        #11

        @adisonverlice2 said in how I caught a hacker trying to (or may have) hacked into 1 of my colleagues old accounts.:

        were to report this guy, he would've had to have gone through KYC (know your customer) laws. this

        just a quick update, actually 2 updates.
        1, yes, he is using a Bitcoin exchanges, which was easy to find because he literally said exchange rates applied. now I don't know why hackers are using those things, because, going back to that post, they need KYC (know your customer) information to comply with KYC laws.
        o, and according to our sponsor, the Blockchain, he has $2468 in his wallet.
        it is tricky to get Bitcoin in an anonymous way.
        monero is much more anonymous because it cant be traced back (unless you have stupid opsec) and you can get it anonymously.
        but the problem is hackers want high amounts, they want what works.
        they want to hit the jackpot.
        so they use Bitcoin.
        where as 1bitcoin is worth almost 60000 dollars, Montero is only worth around 170 dollars
        they aren't concerned about anonymity (not all that much at least) they just want the higher payou.
        again, I can tell you this because I myself am a hacker. and while i've never made transactions on the blockchain, I know how to trace transactions on the blockchain.
        hackers like me know their craft.
        that's why you need to look out

        1 Reply Last reply
        0
        • A Offline
          A Offline
          adisonverlice2
          wrote on last edited by adisonverlice2
          #12

          if I were doing this, I would first off, put my Bitcoin in a secure cold storage wallet. then I would of course, start my hack, infect the machine, but before doing that, make a new BTC address for each victim. now I wouldn't make a main Bitcoin wallet, as, again, that could be traced back to me. I would stick with these Bitcoin wallets and start spending baby. now maybe if I had to, I would move it to a temporary Bitcoin wallet, but again, that could be a point of trace. I as a hacker would not like to make any noise of who I am.
          of course, at that point, though, I would use Monero, because it's much more anonymous and cannot be easily traced.

          1 Reply Last reply
          0
          • A Offline
            A Offline
            adisonverlice2
            wrote on last edited by
            #13

            o I almost forgot.
            it has been almost 72hours sense the email got sent out, and y'wonna know how much has happened?
            drumroll, please...nothing.
            absolutely nothing!
            the hacker has not sent at least me anything.
            now if I ever hear of him sending anything out to a hacker forum or me, I will fire up my tor browser and find out what's up.
            i'm still a bit scared, mostly because they have alex's correct and still working btw, password. I have warned him of the hack.
            now I odn't think it's from an email link, i'm pretty sure it's something else, considering he has been downloading weird shit lately.
            now again, I don't know about this, considering the fact that he seamed to only had emailed alex's old email that I now have control of, that I now intercept all messages to.
            now for security reasons, the email you see displayedo n my profile is dropped, so yo u can't send me any spam or tell me heh heh heh heh I just hacked your bank account. why?
            because I get 2 much spam from that email already.
            and even if you did manage to send an email to it, if it doesn't say "message not delivered", it'll likely just ot reach me.
            if you want to send me a message, you can use the session private messenger and use the session ID in my profile in the "about me" page.
            this will allow you to send me messages confidentially and encrypted so only I can see it.
            also note that I do not except calls because it could show you my real IP address due to a p2p connection.
            also it may be slow due to the fact that it goes through lokenet, which is similar to tor.
            o, you could also send me a message in the cloudron PM thing, but that is not encrypted.
            o and good luck trying to hack any of my accounts, because I have high security. I change my passwords, and I absolutely insure my accounts safety, including on this forum.

            lately i've been the target of several hacks, but that's a story for a different thread.

            1 Reply Last reply
            0
            • A Offline
              A Offline
              adisonverlice2
              wrote on last edited by
              #14

              so uh,quick update...
              alex's password, unfortunately, is still working.
              if that is the case, I hope he still has 2FA on at least some of his account.
              also, I decided to check haveibeenpwned and believe it or not, a password he had used was breached!!!!!!
              i'm fucking upset that he will not change that password at all, even after confirming that it has been breached, almost 200 times btw.
              something tells me that he either sent his password over an email address with that password, or that he sent it over an insecure page.
              it makes me question weather he should have access to our stuff or not, i'm planning on revoking it.
              if he's going to be that fuckin dumb about his security posture, I will not have someone like that on our team.
              in fact, the passwords he uses, I find, are not secure, and even if not breached, can still be cracked just by talking to Alex, like a social engineering attack.
              actually, I could get his password just by striking up a conversation with him about his favorite YouTuber, or favorite charactr, then generated a password list based off that alone.
              at that point, SE is not even needed, because it's easy to do.
              he's very opened about his favorite YouTuber, DaveMadson, who is apart of the logo bloopers community.

              this is why, as mentioned in FIDO2 support I think passkeys are the way to go. they would require actual stupidity or physical access to the device to get in, and they're more secure.
              o and not to mention, if we still hado ur windows server, alex's enemies would've been able to get a hold of easily, even with all the security put in place.
              now I don't think his security posture is good, and I don't wonna kick him off my team because he's the CFO and primary domain admin, but if it comes down to it, I may have to.
              I hate doing something like this because we've worked together for several years.

              1 Reply Last reply
              0
              • A Offline
                A Offline
                adisonverlice2
                wrote on last edited by
                #15

                so another update, that password count, which btw was a family password (don't ever use the password for your family) was upgraded to breached 592 times! gotta love that...

                1 Reply Last reply
                0
                • A Offline
                  A Offline
                  adisonverlice2
                  wrote on last edited by
                  #16

                  previously, a year ago, it was breached around 100 to 200 times. now it's 500 times.
                  massive upgrade from last year...

                  1 Reply Last reply
                  0
                  • U Offline
                    U Offline
                    umnz
                    wrote on last edited by
                    #17

                    @adisonverlice2 the email that was sent to your colleague is extremely common, and is one of the more successful extortion schemes. The extortionist purchased a list of email addresses and passwords from dark web data breaches and simply sent an email to everyone in the breach. The breached password is included in the email to (rightfully) scare the end user into believing the story that follows afterward. The scheme is particularly successful with people who reuse their passwords and super obvious to those who use password managers. You can easily find out if the password or email you use has already appeared in a data breach by directing people to the website: https://haveibeenpwned.com and more importantly, registering your company domain and/or email addresses with their breach notification system.
                    I assure you, the only lesson anyone learns from these emails is to stop reusing their passwords. Your colleague has done nothing wrong.

                    A 1 Reply Last reply
                    0
                    • U umnz

                      @adisonverlice2 the email that was sent to your colleague is extremely common, and is one of the more successful extortion schemes. The extortionist purchased a list of email addresses and passwords from dark web data breaches and simply sent an email to everyone in the breach. The breached password is included in the email to (rightfully) scare the end user into believing the story that follows afterward. The scheme is particularly successful with people who reuse their passwords and super obvious to those who use password managers. You can easily find out if the password or email you use has already appeared in a data breach by directing people to the website: https://haveibeenpwned.com and more importantly, registering your company domain and/or email addresses with their breach notification system.
                      I assure you, the only lesson anyone learns from these emails is to stop reusing their passwords. Your colleague has done nothing wrong.

                      A Offline
                      A Offline
                      adisonverlice2
                      wrote on last edited by
                      #18

                      @umnz said in how I caught a hacker trying to (or may have) hacked into 1 of my colleagues old accounts.:

                      @adisonverlice2 the email that was sent to your colleague is extremely common, and is one of the more successful extortion schemes. The extortionist purchased a list of email addresses and passwords from dark web data breaches and simply sent an email to everyone in the breach. The breached password is included in the email to (rightfully) scare the end user into believing the story that follows afterward. The scheme is particularly successful with people who reuse their passwords and super obvious to those who use password managers. You can easily find out if the password or email you use has already appeared in a data breach by directing people to the website: https://haveibeenpwned.com and more importantly, registering your company domain and/or email addresses with their breach notification system.
                      I assure you, the only lesson anyone learns from these emails is to stop reusing their passwords. Your colleague has done nothing wrong.

                      of course. weirdly, though, they only sent it to Alex. though they should contact me, if they want a good scare. also I didn't even know that was possible to register domains and stuff. let me see...

                      1 Reply Last reply
                      0
                      • A Offline
                        A Offline
                        adisonverlice2
                        wrote on last edited by
                        #19

                        thank you.
                        I just added my domain to their domain search dashboard.

                        1 Reply Last reply
                        0
                        • A Offline
                          A Offline
                          adisonverlice2
                          wrote on last edited by
                          #20

                          also I should really put the Google version of my blindsoft.net account on the Google advanced protection program, just in case. they do a good job of locking down accounts. my personal account is on there.

                          1 Reply Last reply
                          0
                          • A Offline
                            A Offline
                            adisonverlice2
                            wrote on last edited by
                            #21

                            my colleague thinks i'm "parinoid" because I have 2factor authentication for everything, and require my admins to use 2FA.
                            i've tryed to tell him the danger of using week and or the same password and he always just called me out. I don't wonna say, laughed me out, I don't think that's the case.
                            eitherway, my security setup is particularly advanced. for example, I have a different email alias for every account (EG cloudron@blindsoft.net) which you can email right now.
                            but I won't receive it because the email address was dropped.
                            unfortunately, I have an old android device from a while back.
                            I have the braillenote touch plus which i've had to lock down.
                            even though it was purchased by my educational organizations, for whatever reason they refuse to manage it.

                            1 Reply Last reply
                            0
                            • A Offline
                              A Offline
                              adisonverlice2
                              wrote on last edited by
                              #22

                              interestingly, even though it can be updated, humanware has decided not to update the braillenote any ferther than android8.0. I actually spoke with a technical guy about it. and while i would like to port it over to android 13 or better, i'm afraid I could lose the braille technology (such as keysoft) or lose the braille display abilities.

                              1 Reply Last reply
                              1
                              • A Offline
                                A Offline
                                adisonverlice2
                                wrote on last edited by
                                #23

                                fuckin hell, they could've even just made their own OS, and taken whatever it is that they don't want in the update out. not that hard y'all...sure, the keysoft programs get updated, but the OS itself does not. i'm disappointed

                                necrevistonnezrN 1 Reply Last reply
                                0
                                • A adisonverlice2

                                  fuckin hell, they could've even just made their own OS, and taken whatever it is that they don't want in the update out. not that hard y'all...sure, the keysoft programs get updated, but the OS itself does not. i'm disappointed

                                  necrevistonnezrN Offline
                                  necrevistonnezrN Offline
                                  necrevistonnezr
                                  wrote on last edited by
                                  #24

                                  @adisonverlice2 said in how I caught a hacker trying to (or may have) hacked into 1 of my colleagues old accounts.:

                                  fuckin hell, they could've even just made their own OS, and taken whatever it is that they don't want in the update out. not that hard y'all...sure, the keysoft programs get updated, but the OS itself does not. i'm disappointed

                                  Isn’t Apple pretty good in this area? https://support.apple.com/en-om/guide/iphone/iph73b8c43/ios

                                  A 1 Reply Last reply
                                  0
                                  • necrevistonnezrN necrevistonnezr

                                    @adisonverlice2 said in how I caught a hacker trying to (or may have) hacked into 1 of my colleagues old accounts.:

                                    fuckin hell, they could've even just made their own OS, and taken whatever it is that they don't want in the update out. not that hard y'all...sure, the keysoft programs get updated, but the OS itself does not. i'm disappointed

                                    Isn’t Apple pretty good in this area? https://support.apple.com/en-om/guide/iphone/iph73b8c43/ios

                                    A Offline
                                    A Offline
                                    adisonverlice2
                                    wrote on last edited by
                                    #25

                                    @necrevistonnezr said in how I caught a hacker trying to (or may have) hacked into 1 of my colleagues old accounts.:

                                    @adisonverlice2 said in how I caught a hacker trying to (or may have) hacked into 1 of my colleagues old accounts.:

                                    fuckin hell, they could've even just made their own OS, and taken whatever it is that they don't want in the update out. not that hard y'all...sure, the keysoft programs get updated, but the OS itself does not. i'm disappointed

                                    Isn’t Apple pretty good in this area? https://support.apple.com/en-om/guide/iphone/iph73b8c43/ios

                                    they're ok at it, but not great. the braillenote has braille features. the iPhone you have to connect a braille display

                                    1 Reply Last reply
                                    0
                                    • A Offline
                                      A Offline
                                      adisonverlice2
                                      wrote on last edited by
                                      #26

                                      braille displays cost 2much

                                      1 Reply Last reply
                                      0
                                      • A Offline
                                        A Offline
                                        adisonverlice2
                                        wrote on last edited by
                                        #27
                                        This post is deleted!
                                        1 Reply Last reply
                                        0
                                        • A Offline
                                          A Offline
                                          adisonverlice2
                                          wrote on last edited by
                                          #28

                                          apologies, wrong thread. I deleted that post I just made

                                          1 Reply Last reply
                                          0
                                          Reply
                                          • Reply as topic
                                          Log in to reply
                                          • Oldest to Newest
                                          • Newest to Oldest
                                          • Most Votes


                                          • Login

                                          • Don't have an account? Register

                                          • Login or register to search.
                                          • First post
                                            Last post
                                          0
                                          • Categories
                                          • Recent
                                          • Tags
                                          • Popular
                                          • Bookmarks
                                          • Search