Today I opened up my FileZilla and while looking at my history, I see two connections that I did not initiate.
In the attached screenshot, the smudged part is my actual server URL, but the part after is something strange.
Were my credentials hacked? How is this possible?
Were my credentials hacked? How is this possible?
Moderator: Project members
-
- 500 Command not understood
- Posts: 3
- Joined: 2023-03-20 00:46
- First name: Zorro
- Last name: Fox
Re: Were my credentials hacked? How is this possible?
While possible you got hacked, it seems unlikely. Only the worlds dumbest hacker would leave such information behind.
If you did not initiated these connections yourself, could anyone else have used your PC at some point in the past?
If you did not initiated these connections yourself, could anyone else have used your PC at some point in the past?
-
- 500 Command not understood
- Posts: 3
- Joined: 2023-03-20 00:46
- First name: Zorro
- Last name: Fox
Re: Were my credentials hacked? How is this possible?
Nobody else has access to this computer.
looking at IP address used: 34.69.151.52, it is at google datacenter and I don't have anything hosted at google.
looking at second connection, it uses gmail and I don't have gmail account.
Just wondering, by using the connection commands, what will they achieve? Are they harvesting my username/password?
looking at IP address used: 34.69.151.52, it is at google datacenter and I don't have anything hosted at google.
looking at second connection, it uses gmail and I don't have gmail account.
Just wondering, by using the connection commands, what will they achieve? Are they harvesting my username/password?
Re: Were my credentials hacked? How is this possible?
Could be any number of reasons. Any number of files could have been transferred in either direction.
-
- 500 Command not understood
- Posts: 3
- Joined: 2023-03-20 00:46
- First name: Zorro
- Last name: Fox
Re: Were my credentials hacked? How is this possible?
After extensive research and digging through my computer, I think I figured out how they got into my computer. Couple of months ago I downloaded a piece of software that I thought I could trust. I think I got rid of it and should be OK now.
Now my question, I am still not understanding the commands that were used, what are they doing? Are they trying to connect to my server or connecting to that IP address passing my server credentials? And what could they get if I don't save my passwords?
Now my question, I am still not understanding the commands that were used, what are they doing? Are they trying to connect to my server or connecting to that IP address passing my server credentials? And what could they get if I don't save my passwords?
Re: Were my credentials hacked? How is this possible?
No, that is not enough. Once a computer has been compromised, it needs to be wiped completely and reinstalled from scratch. Personally I recommend to also destroy all hardware with updateable firmware after a breach, basically everything but the case case and the power supplied needs to be destroyed.I think I got rid of it and should be OK now.
It's not commands, it is a history of past connections, or at least connection attempts. Files could have been transferred over these connections. Depending on the type of data you have on your machine, if an attacker has exfiltrated personal data, the attacker could impersonate you, or ransom you.I am still not understanding the commands that were used, what are they doing? Are they trying to connect to my server or connecting to that IP address passing my server credentials? And what could they get if I don't save my passwords?