I Messed Up and I Think I've Been Hacked. What Can I Do?


  1. Posts : 3
    Windows 10 Pro
       #1

    I Messed Up and I Think I've Been Hacked. What Can I Do?


    Good day to everyone. I'm new here and I would like the advice of experts here. (Sorry for the long post please bear with me)

    Earlier this morning, I received an email for a writing job position. See, I've been on a hunt for a job for a while now and I thought it was really well-spoken went ahead and followed the instructions.

    I'll paste the instructions on the Google Form from the email that I followed to make things clearer:

    The work we do is remote, we are in a different country and a different time zone. To make this work arrangement possible we need to use Google Drive - to show you can use it do the following and check off these tasks as you go.


    * Create a Google Drive Folder called Super Start Write 2021

    *Change the sharing options for the folder and share with (the email of that I recevied)

    *Make sure (the same email) has editing rights


    The next part of the tools test - we need you to be able to use Zoom - please complete the tasks below and check them off

    * Open Zoom - Install it if you don't have it from here Video Conferencing, Web Conferencing, Webinars, Screen Sharing - Zoom

    * Start Recording

    * Say Hello, who you are and where you are from

    * Open up your internet browser of choice

    * Share your screen

    * Go to Speedtest by Ookla - The Global Broadband Speed Test

    * Run the speedtest and record your results

    * Then go to TypingTest.com - Complete a Typing Test in 60 Seconds! and do the 3 minute test on normal difficulty

    * Close zoom then send me the video by uploading it to the Google Drive folder you created earlier


    * Give me a screenshot of your computer specs and complete the task below.

    That's about it for the suspicious part. There were other tasks which I did such as writing a sample article etc. Anyway, the weird thing was, after I installed zoom (I didn't have zoom before) and recorded my typing session, I suddenly received this email saying my zoom account password was CHANGED from a different location.

    Here's a screenshot of it:

    I Messed Up and I Think I've Been Hacked. What Can I Do?-img_20210311_153757.jpg

    I thought it was weird because I didn't change the password. I'm from Southeast Asia and the one that change the password was from a different time zone to the West.

    What I did was immediately change the passwords of my accounts in my phone (Gmail, Social Media, Steam). Fortunately, I don't login my finances in my PC but I still informed my bank anyway.

    The next thing I did was uninstall zoom. I have Avast on when this happened and it didn't detect anything. I downloaded Rkill and ran it. Downloaded HitmanPro and detected nothing. I then downloaded Malwarebytes, ran a scan and found 8 threats. I'm no tech guy so I'm not sure what this means but here's a screenshot:

    *the topmost entry was a scan I did on my flashdrive btw*

    I Messed Up and I Think I've Been Hacked. What Can I Do?-desktop-screenshot-2021.03.11-15.43.28.09.png

    Next I ran ADWCleaner and found 4 PUPs which I don't know what means either:

    I Messed Up and I Think I've Been Hacked. What Can I Do?-desktop-screenshot-2021.03.11-15.43.33.09.png

    And this is me now typing this post. It's been 12 hours since the incident occurred and so far, nothing else has happened yet. But I'm genuinely scared. I'm not sure what to do next. I'm afraid if there's any spyware or keylogger that made it through everything that happened. I have some important files, sensitive information in my pc, and sites which I get on to. I did some research and found some articles stating hackers can insert malware in zoom installation files.

    What are your thoughts about the situation? Am I being too paranoid? Or screwed? Is there any other way to detect keyloggers? Should I reformat everything or observe first? Can anyone help me on how I can secure my PC without having to reformat? It's the last thing I wanna do but I'm willing to do it if there's no other way. Thank you for reading up until this point.
    Last edited by kiz1998; 11 Mar 2021 at 03:41.
      My Computer


  2. Posts : 42,903
    Win 10 Pro (22H2) (2nd PC is 22H2)
       #2

    Assuming you opened the links in the email, rather than going to the genuine site, potentially anything could have happened.

    The links in the email do, however, appear valid rather than fake.
      My Computers


  3. Posts : 3
    Windows 10 Pro
    Thread Starter
       #3

    dalchina said:
    Assuming you opened the links in the email, rather than going to the genuine site, potentially anything could have happened.

    The links in the email do, however, appear valid rather than fake.
    Hey thanks for replying. But do you have any idea what was the hacker's intention of changing the zoom account password? What could he be targeting next?

    And what do you think of the threats that were detected?
      My Computer


  4. Posts : 42,903
    Win 10 Pro (22H2) (2nd PC is 22H2)
       #4

    I would assume part of a plan to gain as much of your personal info as posisble.
    Zoom Hacking is on the Rise: Here's What You Need To Do To Be Secure | Tech Times

    Not sure why changing the password is a benefit, although that clearly indicates they have access to do so. However it's also alerted you- which is what they might not wish to do.
    Here's How to Know if Zoom Hackers Have Infiltrated Your Meeting

    They also know something about your Google drive.

    Consider what private details or contacts may be accessible.
    At least:
    Remove those Zoom credentials.
    Change your email account.
    Check there's nothing revelatory on your Google drive.

    Try researching Zoom hacks.

    Hopefully someone may have a better understanding- I'm not a hacker! Believe me!
      My Computers


  5. Posts : 1,746
    Windows 10 Pro x64 22H2
       #5

    When you're hacked the usual procedure to reduce problem depends on whether the OS was compromised or just online accounts?

    If the OS is fine, the procedure is:
    1. change e-mail password first and set up 2F at least for email. (email is root)
    2. make sure every online account has it's own unique password (especially email)
    3. change password for every other account

    If you use 2F auth. check your phone isn't compromised.

    If the OS is compromised none of the above will work, in that case you need to fix that problem first to have clean start before securing online accounts.
      My Computer


  6. Posts : 3
    Windows 10 Pro
    Thread Starter
       #6

    dalchina said:
    I would assume part of a plan to gain as much of your personal info as posisble.
    Zoom Hacking is on the Rise: Here's What You Need To Do To Be Secure | Tech Times

    Not sure why changing the password is a benefit, although that clearly indicates they have access to do so. However it's also alerted you- which is what they might not wish to do.
    Here's How to Know if Zoom Hackers Have Infiltrated Your Meeting

    They also know something about your Google drive.

    Consider what private details or contacts may be accessible.
    At least:
    Remove those Zoom credentials.
    Change your email account.
    Check there's nothing revelatory on your Google drive.

    Try researching Zoom hacks.

    Hopefully someone may have a better understanding- I'm not a hacker! Believe me!
    zebal said:
    When you're hacked the usual procedure to reduce problem depends on whether the OS was compromised or just online accounts?

    If the OS is fine, the procedure is:
    1. change e-mail password first and set up 2F at least for email. (email is root)
    2. make sure every online account has it's own unique password (especially email)
    3. change password for every other account

    If you use 2F auth. check your phone isn't compromised.

    If the OS is compromised none of the above will work, in that case you need to fix that problem first to have clean start before securing online accounts.
    Hey guys! These suggestions have both been very useful and I really appreciate the advice you've given. I think I've found out the answer to my problem.

    I logged in on the official Zoom website from my brother's computer and signed up for a new account using a different email. It appears the Zoom automatically sends you that email when you sign up for the first time. I created 3 accounts on my brother's PC and got the same 'changed your password email from the same GMT as the screenshot above'. I created 3 more accounts on my mom's laptop too and my another one on my bro's phone just to make sure. Everything leads to the same email.

    I made sure to login each account again after receiving the 'changed password email' but the password's actually not changed. I can still log it in. That seems to conclude it.

    Thanks to my paranoia, I busted a potential job (cuz I deleted everything the employer sent me). Lol. Guess that wasn't meant to be for me. Back to the hunt it is. But on the bright side, I surely learned a lot of things today about cybersecurity. Thanks again guys
    Last edited by kiz1998; 11 Mar 2021 at 08:27.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 03:44.
Find Us




Windows 10 Forums