.

Urgently need advice from Hacking experts

<<

DeltaMacD3

Newbie
Newbie

Posts: 3

Joined: Sun Oct 16, 2011 6:38 am

Post Sun Oct 16, 2011 6:49 am

Urgently need advice from Hacking experts

Hi all,

I only joined this site to ask for help regarding an odd issue i've just heard about.

A friend of my brothers has had her internet connection hacked apparently.  She cannot go online at home and the hacker has called her repeatedly demanding £200 to reinstate her connection.  Personally i've never heard of this kind of thing happening to a home network but i'm not really up to speed regarding this kind of attack.

Apart from contacting the ISP and authorities, can anyone recommend a course of action?  (I'd really love to be able to wipe the smirk off the guys face!)

He called again at 0830 this morning to laugh at my brothers attempts to stop him.  I only got the news via txt and have been unable to contact my bro to find out exactly what he tried but I will post more details as I obtain them.

Thanks to any and all who have advice on this.
<<

YuckTheFankees

User avatar

Sr. Member
Sr. Member

Posts: 332

Joined: Fri Apr 08, 2011 3:07 pm

Post Sun Oct 16, 2011 8:34 am

Re: Urgently need advice from Hacking experts

Delta,

I think the best thing to do is contact the police. Remember..this website is called ETHICALhacker.net
OSCP in progress
<<

DeltaMacD3

Newbie
Newbie

Posts: 3

Joined: Sun Oct 16, 2011 6:38 am

Post Sun Oct 16, 2011 8:47 am

Re: Urgently need advice from Hacking experts

Hi Yuck,

I've been trying to find out if she has contacted the police etc but at present i've had no luck getting in touch.

The reason i posted here was BECAUSE the site is called Ethicalhacker.net.  I was hoping someone with a decent level of morality and ethical standards would be able to assist in derailing the perpetrators attempts to extort a single mother.

Thank you for the reply and i'll try to explore other avenues in the meantime.

Cheers.
<<

YuckTheFankees

User avatar

Sr. Member
Sr. Member

Posts: 332

Joined: Fri Apr 08, 2011 3:07 pm

Post Sun Oct 16, 2011 9:11 am

Re: Urgently need advice from Hacking experts

Believe me I understand what you are trying to say and the situation. But it doesnt mean fighting fire with fire is the answer.
OSCP in progress
<<

DeltaMacD3

Newbie
Newbie

Posts: 3

Joined: Sun Oct 16, 2011 6:38 am

Post Sun Oct 16, 2011 9:27 am

Re: Urgently need advice from Hacking experts

Hey Yuck,

I don't want to fight fire with fire, i'd love to sure, but i'm actually only interested in any tips or techniques to stop what is happening.

Sorry if I wasn't clear on that.  I can see from my original post that the comment in brackets would probably lead you to think I want advice on hacking back, but that's not the case.

I also realise I haven't really given you anything to go on as I have no more info myself atm.  I don't even know what kind of setup she has or how exactly this has come to pass.

I'll try to get the details and then perhaps I can ask here for advice on how to prevent further intrusions of this nature.

I'd be interested to know if anyone has heard of something like this happening before.  It seems sort of personal to me and a lot of trouble to goto for £200, especially if the police become involved regarding 'cybercrime' or extortion, i'm not even sure what this would be classed as.

Thank you again for your input Yuck :)
<<

YuckTheFankees

User avatar

Sr. Member
Sr. Member

Posts: 332

Joined: Fri Apr 08, 2011 3:07 pm

Post Sun Oct 16, 2011 9:44 am

Re: Urgently need advice from Hacking experts

That is a little different. Try to get more information about her setup and maybe one of the more experience poster's can help. I'm probably not the best guy to troubleshoot this issue. But I can definitely try to help...within reason. I'm sure you understand.
OSCP in progress
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Sun Oct 16, 2011 12:29 pm

Re: Urgently need advice from Hacking experts

It should probably be claimed as extortion, but I haven't studied Cyber Law (yet).

Most likely, without more information on how the person is keeping her off line, and what services are affected I would guess guy has a proxy set up somewhere.

Start at the OS level. Have your brother download a copy of Ubuntu linux from home (or any other version of linux that can be ran from CD). Also print out a few sheets or take good notes on how to do some basic stuff. Like getting network configured.

See if that lets her on the internet.

If not, then move up to the next thing. check for a router or home access point. If possible pull that out of the mix. Using the computer running from the LiveCD, see if you an get on the internet.

If not, call the service provider and tell them about the problem and tell them to fix it or cancel the service and get something else.

Before new service is established, I would at the very least do a fresh install of the OS, and harden it (there are documents on the internet how to do that), and flash the router / access point.

You'll probably want to do that in any case. Don't trust and thing on the connection, and don't expose more boxes to it. Get everything remotely and then take them on CD (NOT RE-WRITEABLE), so they can't be messed with. Also if possible check the hash of the item downloaded so not to get bad versions.
OSWP, Sec+
<<

millwalll

Post Mon Oct 17, 2011 3:39 am

Re: Urgently need advice from Hacking experts

I agree its very hard to give any advice if you know a bit about computers start to look at settings on the machine. Make sure there is no proxy set have your tried her machine on another network like yours does it work on that ? if it does not work good chance there a problem with the machine if it does work its her line rather than machine. It just case of trying identify what maybe causing the problem.

That all you can really do..
<<

eth3real

User avatar

Sr. Member
Sr. Member

Posts: 309

Joined: Wed Feb 27, 2008 10:35 am

Location: US

Post Tue Oct 18, 2011 12:26 pm

Re: Urgently need advice from Hacking experts

My first thought about this was that maybe she had an unsecured wifi network, and the first step might be just hitting the reset button on the back. Or plugging the computer directly into the modem to see if it gets a connection that way.

Just a thought.

Edit: I don't recommend leaving the computer plugged directly into the modem if this is the case, just a test to see that it works.
Last edited by eth3real on Tue Oct 18, 2011 12:29 pm, edited 1 time in total.
Put that in your pipe and grep it!
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Wed Oct 19, 2011 4:16 pm

Re: Urgently need advice from Hacking experts

I agree with eth3real. First thing that came to mind is to simply tell her to unplug the wireless router. Simple things first.

Secondly, if you really want to attack him back without breaking the law, how about this ballsy idea. Tell the extorter that you'd be more than happy to pay. Then ask for their contact info including name, address, phone, email address, bank acct number, SS#... whatever you can get to turn over to authorities. Nothing like a social engineering attack. ;-)

Good luck,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Mon Oct 24, 2011 11:50 am

Re: Urgently need advice from Hacking experts

+1 to Don's idea! Some of these types are just script kiddies and may not be too bright. 

Also additional info on utilizing a bootable linux CD.  If you can get online using that OS, then the configuration is with the main OS and not the actual ISP/modem/router equipment.  Meaning, the guy somehow got remote control over the computer and configured the OS with some redirects or proxies.  Another item to document is what happens when they try to go to the internet?  Do they simply get a "Page cannot be displayed..." message or do they get redirected to a website that they can't seem to get past? 
Certs: GCWN
(@)Dewser
<<

p0et

User avatar

Full Member
Full Member

Posts: 197

Joined: Thu Nov 02, 2006 4:38 pm

Location: Victoria, Canada

Post Mon Oct 24, 2011 3:43 pm

Re: Urgently need advice from Hacking experts

Take as much as you can out of the equation.  (remove any router/wireless setup) and plug your internet straight from the internet box/modem to your computer.  You could try what was already suggested of a LiveCD (ubuntu), just toss it in the drive and boot to it or reboot into safe mode with networking.  See if you can get online there.  If not, open up a command prompt and see if you can ping any website such as "ping google.com" and see if you get any "replies".  Just a guess, but it may be a trojan.
GCIH, Security+, Network+, A+, MCP, DCSE
<<

MaXe

User avatar

Hero Member
Hero Member

Posts: 671

Joined: Tue Aug 17, 2010 9:49 am

Post Thu Oct 27, 2011 4:22 pm

Re: Urgently need advice from Hacking experts

chrisj wrote:It should probably be claimed as extortion, but I haven't studied Cyber Law (yet).


There's no direct cyber law related to this kind of extortion (that I'm aware of, but there are of course other laws to protect people from extortion), but let me just check my notes..

U.S. Code Title 18, §1362: Communication lines, stations or systems
http://www.law.cornell.edu/uscode/usc_s ... -000-.html

U.S. Code Title 18, §2701 et seq: Stored wire and electronic communications and transactional record access.
(If the hacker has acquired access to data which he is not the intended recipient of.)

U.S. Code Title 18, §1029: Fraud and related activity in connection with access devices.
(If he has gained unauthorized access to a system.)

Most prosecutions in the USA goes into the U.S. Code Title 18, Section 1029 and 1030 (Fraud).


These only applies to the United States of course, and these are not all the laws that may apply in this case, but just a few of the common cyber laws.


A website that may interest you: http://www.cybercrime.gov//

Side-note: Mother of god, I should've never begun reading my notes, now I want to read all of them to catch up on topics I apparently forgot about xD

Extra Side-note: In case you wonder why I have these notes, you need to know about common cyber laws in various countries if you're going to do the GPEN certification. Other certifications such as CEH includes cyber laws too.
Last edited by MaXe on Thu Oct 27, 2011 4:26 pm, edited 1 time in total.
I'm an InterN0T'er

Return to Other

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software