- 1

I'm here because I have been hacked

I've legitimately had my home network taken over. unknown ips, cloned Mac addresses, unwanted site navigation and of course javascript controlling my Url. The security certificates chain has been compromised, and now I'm dedicated to cyber security. I have bought my first Comptia book and love it, and have learned a lot in 3 months. java and c++ go hand in hand so now I want to start learning code. Does anyone have any advice or tips? Questions or stories? please let me know.

4th Feb 2017, 10:32 PM
clee
10 odpowiedzi
+ 3
Legitimately????? Are you serious????? Why???:)) Rephrasing: you pay for your server, you pay for the certificates, you pay for someone to hack your network / willingly allow him to cause you costly damages...(otherwise it's illegitimate) ...and you ask for help in a potentially unreliable place to help you, because someone is farting remotely with your PC???? Seriously????
5th Feb 2017, 12:34 AM
seamiki
seamiki - avatar
+ 2
What kind of security do you use? Is it up-to-date? Explain what these hackers have done to your network, because I'm honestly very skeptical about that.
5th Feb 2017, 12:36 AM
DaemonThread
DaemonThread - avatar
+ 1
then I learned about second stage malware exploits, which sounded exactly like what had been happening. then I learned of the vulnerability of security certificates and sure enough my chain has a yellow exclamation on the second one. no matter what operating system from Windows to Linux, I eventually get denied access or can't download repositories. then I started learning about virtual mounts, and after using partition wizard I saw an entire root folder that was not my own, and through digging I found folders with .XML, scripts from gedit, block folders. after realizing this thing is able to get to me wherever I started inspecting all elements of every website. some copy and paste of some the script led me to forums explaining about the second stage malware exploit, as well as Angler. just last night after using cmd to reset some files I got an error 5 access denied which led me to an explanation of VMware. virtual box used to install an OS on a c drive. any traffic I go to I'm navigated because of a Doctype, as well as en-us ending the url. Massive amounts of scripts are there as well. for 3 hours microsoft went through and found malicious script that kept hitting me and we emailed it. my cmd is never c:/. it's always system 32. get completely denied access to some registry folders that auditing even fails. any new boot I never have the option to create a workgroup name or domain name. I literally have a spool folder with scripts I can't delete. I've never made a script and never hooked up a printer. this is 20% of what has occured. If you want specifics on anything I have them. And as of right now
5th Feb 2017, 2:18 AM
clee
+ 1
but thank you for your smart-ass comment.
5th Feb 2017, 2:23 AM
clee
+ 1
here is another one of my bad ass comments: after all your knowledge gained here and there on specific forums about IT sec'ty, you really think you'll get the answer to your problem on a beginners platform? I'm pointing your attention to the fact that if your goal is to make your sec'ty skills stronger you are damaging yourself more than you've already done by asking to be hacked. And btw I probably know less than you about IT sec'ty.
5th Feb 2017, 2:33 AM
seamiki
seamiki - avatar
0
lol
5th Feb 2017, 2:12 AM
clee
0
I'm 3 months into this after an unknown ip adress was on my network. bought a better router and started learning port abuse. problem continued. bought a netgear nighthawk x6 and started Mac filtering. that router locked up 2 weeks in. now time Warners 2 in 1. mac filtering led to a cloned Mac address on network. Time Warner twice witnessed cloned Mac addresses on my network with no explanation other than its not right. So I bought a netgear switch and a new laptop and modem, went in ethernet to just get legit updates and get something 100% secure.
5th Feb 2017, 2:16 AM
clee
0
. update came in corrupted and drivers went missing and unknown. Microsoft couldn't fix so I returned and rebought. thinking there was a root kit or bot that changed my API's and localgroups I bought Norton and had them run scans. two hours after their scan cleared me I had a huge bandwidth spike and ip traced my modem which pulled up a random German site followed by 6 or 7 telnets, then finally the tbone and rr. so I went back to another time Warner 2 in 1. then my phone started using a lot of data and I started seeing .json everywhere.. Firestick, phone, pc. there was open source licences installed on my phone that I didn't put, appeared my phone had been rooted and am 2 weeks into my new phone.
5th Feb 2017, 2:17 AM
clee
0
Thank you for your replies. Please note I didn't come just for help, I am taking this seriously and am doing this because I am sure it's happening to other people. I thought I would just share my experience to try and connect with anyone in my situation. I've posted to every known forum and Q and A I can think of. Again in my first post I asked if anyone had advice, stories or just comments. Your response is more than I have had in the past 2 weeks I truly thank you. Also I do not run my website or server, am a home user who has witnessed unexplainable things and am trying to explain those things. I think learning javascript and C++ along with CompTIA is a good place to start. Again thank you.
5th Feb 2017, 9:15 AM
clee
0
And if expressing my situation in a new environment in order to hopefully gain some insight on a matter is the "wrong" things to do, then I'm glad I'm not listening to you. When did I say experts only? Don't reply if you don't know? seamiki your a jackass and could have just been respectful like Ace. I guess that's just the difference between an adult and something else. Thank you so much for your input.
5th Feb 2017, 9:24 AM
clee