Did an oops, accounts compromised
#1
Decided to reinstall MSI Afterburner the other day, ended up clicking the first link which was an ad. Had an odd feeling about it but trucked on and brushed it off as a separate landing page for Afterburner. Windows Security detected threats while it was installing and seemingly handled them, and I decided to uninstall that Afterburner install and get it straight from MSI. Had no issues with that one but the next morning I had multiple accounts compromised 

Someone attempted to order a 3080 Ti on my Amazon and someone successfully placed an order for a $2000 MacBook on Best Buy for pickup but PayPal did send me a text alert warning of suspicious activity and asked me to confirm if the order was placed by me. Confirmed it wasn't me and managed to get the order cancelled. I didn't learn about the Amazon thing till later when I tried logging in, and from there found out 3 of my emails were compromised as well. I found activity history of searches for "coinbase" and my main email had filter settings changed to mark "read" and trash anything from Amazon, Best Buy, and PayPal

Later decided to look into the Afterburner matter more as that's the only shady thing that I could think happened recently and sure enough found an article from last year detailing a similar site offering a Afterburner download with malicious stuff bundled in. Also scanned the malicious download as well as the official download with virustotal and sure enough the malicious download showed threats (and ofc the official download was clean)

Can't 100% confirm the malicious Afterburner is what led to my accounts being compromised, but it's most likely the case. Already changed my passwords and enabled MFA on all the compromised accounts, and going to be working on everything else (all done from a separate device). Gotta reinstall Windows now which is gonna be a joy making notes and backing things up (scanning anything backed up of course) 

Always get software from the official source or trusted 3rd party, always double check the url, use MFA/2FA, and use uBlock Origin (it would have blocked that ad I saw, but avoid any ad links if you see them anyway). Overall this has been a good learning experience, don't make my mistake

Made a post on r/buildapc with more detail and pictures if you want to know more: https://www.reddit.com/r/buildapc/commen...terburner/
The Following 2 Users Say Thank You to David For This Useful Post:
  • AlphaZ, JEEJAYEM
Reply
#2
Yes but where are the worms

2/10 vlog
Yemlo and Co.
Reply
#3
Yep, uBlock is great. Would also recommend using a password manager (I use Bitwarden). I have 2FA set on Bitwarden, my emails, and some crypto and game accounts.
[Image: sigimage.php?u=515167&bg=1&c1=FFFFFF&c2=...&c5=ff3333]
The Following 1 User Says Thank You to FDX3 For This Useful Post:
  • David
Reply
#4
(14th March 2022, 4:14 PM)FDX3 Wrote: Yep, uBlock is great. Would also recommend using a password manager (I use Bitwarden). I have 2FA set on Bitwarden, my emails, and some crypto and game accounts.

I personally recommend KeepassXC myself, very solid password manager.

also this probably wouldn't have happened if you were using gnu/linux Smile
[Image: aGf8Xvh.png]
The Following 1 User Says Thank You to Northadox For This Useful Post:
  • David
Reply
#5
(14th March 2022, 4:25 AM)AlphaZ Wrote: That's some crazy stuff. I've been running ublock for years; great extension. It's probably saved me from running into similar situations. Must've been a nightmare having to change all your passwords and get in contact with paypal and amazon. Hopefully you've got it all under control though, you might want to consider making new emails entirely.

I think I'll be fine with my current emails, I made sure to sign them out of every device from the Google security page but interestingly there were no suspicious devices there and my PC showed activity in Colorado (I'm in Utah) so I think the attack went through my PC. With a reinstall it should solve all that, and my emails have MFA now on top of new passwords so even if someone gets my passwords they'd need my phone too

(14th March 2022, 4:14 PM)FDX3 Wrote: Yep, uBlock is great. Would also recommend using a password manager (I use Bitwarden). I have 2FA set on Bitwarden, my emails, and some crypto and game accounts.

My Coinbase had MFA fortunately (I think it might be required) but I also have close to nothing in there lol (they could have bought some though and then I'd be really screwed). Enabling MFA on as many things that let me, and I've heard Bitwarden is good so I'll look into that

(14th March 2022, 5:25 PM)Northadox Wrote: I personally recommend KeepassXC myself, very solid password manager.

also this probably wouldn't have happened if you were using gnu/linux Smile

I'll look into that password manager as well

I'll be switching to a Linux distro as my daily in the near future, and if Microsoft goes through with having ads in file explorer I'll be bailing out then and there if it's before I naturally switch over lol (currently being tested in W11 I believe, not sure if it'd come to 10 which I'm on if it does become a thing)
The Following 1 User Says Thank You to David For This Useful Post:
  • Northadox
Reply
#6
Yikes. Malware and phishing attacks are getting more advanced by the day. I'm glad everything seems to be okay.

(15th March 2022, 2:47 AM)David Wrote: I'll be switching to a Linux distro as my daily in the near future, and if Microsoft goes through with having ads in file explorer I'll be bailing out then and there if it's before I naturally switch over lol (currently being tested in W11 I believe, not sure if it'd come to 10 which I'm on if it does become a thing)

Are you serious?? This is insane. Makes me happy to be a Mac user...


I post about the latest site updates on the Dev Log. If you have suggestions, feel free to post them here.
@Eternal and I pay for this site out of our own savings. Please consider donating to help keep Jiggmin's Village running.
The Following 3 Users Say Thank You to bls1999 For This Useful Post:
  • David, Different, Northadox
Reply
#7
(16th March 2022, 1:14 AM)bls1999 Wrote: Are you serious?? This is insane. Makes me happy to be a Mac user...

Not that Apple is much better.
It's time to embrace true computing freedumbs and to start shilling for GNU/Linux as I do
[Image: aGf8Xvh.png]
Reply
#8
(16th March 2022, 11:56 AM)Northadox Wrote: Not that Apple is much better.
It's time to embrace true computing freedumbs and to start shilling for GNU/Linux as I do

but iMessage on computer go brrrr


I post about the latest site updates on the Dev Log. If you have suggestions, feel free to post them here.
@Eternal and I pay for this site out of our own savings. Please consider donating to help keep Jiggmin's Village running.
The Following 1 User Says Thank You to bls1999 For This Useful Post:
  • Northadox
Reply
#9
I'm most shocked that Google is just blatantly selling adspace to phishing sites. I don't know how there isn't crazy outrage for that. Some big internet celebrity ought to catch wind of it and get them to go for it.

(15th March 2022, 2:47 AM)David Wrote: I'll be switching to a Linux distro as my daily in the near future, and if Microsoft goes through with having ads in file explorer I'll be bailing out then and there if it's before I naturally switch over lol (currently being tested in W11 I believe, not sure if it'd come to 10 which I'm on if it does become a thing)

I'll be doing the same... I have to follow this https://github.com/Sycnex/Windows10Debloater on each Win10 install, but adverts everywhere is too much. Even Ubuntu has Amazon products in their base install which is disgusting to me (and the movement towards snaps is bad to me. I don't mind auto-updates, but snap?? really?)

*sigh* I'll be losing out on a lot of games, but maybe I'll just buy a PS4.
The Following 1 User Says Thank You to Kribbles For This Useful Post:
  • David
Reply
#10
(31st March 2022, 9:43 AM)Kribbles Wrote: I'm most shocked that Google is just blatantly selling adspace to phishing sites. I don't know how there isn't crazy outrage for that. Some big internet celebrity ought to catch wind of it and get them to go for it.


I'll be doing the same... I have to follow this https://github.com/Sycnex/Windows10Debloater on each Win10 install, but adverts everywhere is too much. Even Ubuntu has Amazon products in their base install which is disgusting to me (and the movement towards snaps is bad to me. I don't mind auto-updates, but snap?? really?)

*sigh* I'll be losing out on a lot of games, but maybe I'll just buy a PS4.

I might reach out to some tech YouTubers and see if any of them would report on it, the more awareness the better

I've heard about that W10 Debloater, but I think I might settle on making a custom W10 ISO free from bloat

The games situation on Linux actually isn't that bad anymore, a lot of big games are working quite well now and with the push from Valve with the Steam Deck it'll continue to get better at a faster rate. Main issue right now is multiplayer games with anti-cheat software, but from my understanding some of the software has been made compatible with Linux, just needs game developer intervention or something. If it comes to it you can always run a Windows VM and pass through a GPU and game that way, not ideal but at least your main OS isn't Windows
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)