Windows 10: Hacked via Team Viewer11

Page 1 of 2 12 LastLast
  1.    15 May 2016 #1

    Hacked via Team Viewer11


    Well, this just happened...

    I was playing a game and decided to get something to drink. Closed the game and was upstairs for 1 minute. Got to my computer and someone was remotely on my pc Team viewer was the culprit. I instantly closed team viewer and got crazy changing all my passwords(paypal, windows, and roboform) . Then I scanned everything with Malwarebytes, Zemana, windows defender, Panda, Mbar....Found absolutely nothing, pc looks clean. Then I sent the logs from team viewer to the support department over there.

    The pc was not locked at the moment he hacked in team viewer so I guess he did not need the windows password ???

    What would you guys do after all that ?

    Thanks !
      My ComputerSystem Spec

  2. MoxieMomma's Avatar
    Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       15 May 2016 #2

    Hello and welcome:

    madspec said: View Post

    <snip> instantly closed team viewer and got crazy changing all my passwords(paypal, windows, and roboform) . Then I scanned everything with Malwarebytes, Zemana, windows defender, Panda, Mbar... <snip>
    It's not clear from your post, so I will ask: did you change your passwords from the same, compromised system before scanning for malware, or from a different, known clean system?
    (The latter would have been preferred.)

    Just checking,
      My ComputerSystem Spec

  3.    15 May 2016 #3

    Same think maybe a keylogger ??
      My ComputerSystem Spec

  4. MoxieMomma's Avatar
    Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       15 May 2016 #4

    madspec said: View Post
    Same think maybe a keylogger ??
    I'm not qualified to say for sure (and we lack sufficient information to know).

    But "best practices" would have been to use a different, known clean computer for the password/credential changes.

    As a general rule, one should not conduct any financial transactions or divulge any sensitive data on a computer that may have been compromised UNTIL it has been thoroughly and deeply scanned for malware. For many home users, the best/safest course of action would be to seek a bit of free, expert help from a malware specialist, if not here then at one of several reputable computer disinfection fora.

    If I were you, I would probably change my credentials again from a known clean system.

      My ComputerSystem Spec

  5.    15 May 2016 #5

    Ok, will do it from my phone, thanks !

    But I did scan everything and nothing came up, kinda weird.
      My ComputerSystem Spec

  6. essenbe's Avatar
    Posts : 11,351
    Windows 10 Pro and Windows 10 Pro Insider
       15 May 2016 #6

    I also assume you changed the password in Team Viewer too. Has anyone used Team Viewer recently to remote into your computer? Who else has access to your computer.
      My ComputersSystem Spec

  7.    15 May 2016 #7

    Absolutely no one ever connected via team viewer. I only use it to help out family and connect from work. And yes, team viewer password is changed.
      My ComputerSystem Spec

  8.    15 May 2016 #8

    I have used Teamviewer for years, and have never had this happen. I can, however, recommend some security settings for the future.

    In Options>Security
    - Disable the Random Password
    - Populate the Whitelist with your work computer ID. No one else will be able to login.
    - Make sure your access password to remote in is at least 12-16 characters, includes numbers, upper and lowercase letters, and special characters, and is not comprised of any words that can be found in the dictionary.
    - Do not "save" the login credentials in your Teamviewer account - manually enter the password every time you log in from work.

    Click image for larger version. 

Name:	Teamviewer-security.PNG 
Views:	2 
Size:	26.9 KB 
ID:	80053

    As mentioned above, all passwords should be changed from a known clean system.

    You might want to run an ESET Online Scan. It's quite possible the hacker only "stole information" and did not leave anything behind. Then again, he could have dropped a time bomb. You can find detailed information on how to manipulate an ESET scan in the post here:
    BSOD after boot up, during login or right after, (bad spool header?) - Page 3 - Windows 7 Help Forums

    It will be interesting to see what the tech support people have to say about your logs. They should be able to identify the ID of the system that logged in, but I am not sure how much further that can be traced. I hope you'll share the findings with us.
      My ComputerSystem Spec

  9. TairikuOkami's Avatar
    Posts : 3,417
    10.6 Home 1809 x64
       16 May 2016 #9

    A few more tips, do not let TeamViewer run at startup, run it only when needed.
    You do not need its service running either, especially if you are the one giving support.
    The safest way is to use the portable version or two factor authentication: TeamViewer Support.

    It seems, that crooks are focusing on TeamViewer recently:

    Ransomware Uses TeamViewer to Infect Victims

    Attackers bundle an old version of TeamViewer to exploit vulnerability
      My ComputerSystem Spec

  10.    16 May 2016 #10

    madspec said: View Post
    Ok, will do it from my phone, thanks !

    But I did scan everything and nothing came up, kinda weird.
    Hi there

    doing it from the phone probably isn't advisable --Phones are now the new target for hackers and scammers rather than PC's and my experience is that people tend to think of Phones as having Linux based OS'es and therefore secure.

    Phones CAN be hacked and of course the same care needs to be taken when accessing websites - rogue websites etc are just as available when using a phone as using a computer. The criminal fraternity these days see phone users as available for "much richer pickings" - so try and find some good AV software for your phone. - Seems the AV companies aren't on the ball at all on this one --I really wouldn't bother too much with AV on computers apart from standard Windows defender --phones are the new target. - and people give passwords / data all over the place on phones when using instagram, texting, facebook, twitter etc etc.

    Personally I would never use an app like teamviewer in the first place -- why store your IP address on to a publically acessible server.

    If you need to remotely access your computer -- just get the computer via a batch program to get your IP address every so often and email it to you.
    Then you can connect to your remote computer via RDP etc -- just port forward to a specific IP address (internal) on your LAN -Routers can do this easily.

    If you use Cable connections and leave your computer on most of the time then the IP address wont change after start up - so if you are only away say at work then get the IP address before you leave home -it won't change during the course of the day with Cable --it might (but not always) if you have the older Copper wire based broadband. Use port forwarding as before to RDP to your own computer.

    I'll try and write this up -- since the services like no-Ip all went "Pro" (i.e pay)my method seems the easiest and cheapest way to do it without requiring anybody else's servers to be involved.

      My ComputerSystem Spec

Page 1 of 2 12 LastLast

Related Threads
Solved Microsoft Edge Hacked in AntiVirus, Firewalls and System Security
I have some malware that has hacked my Edge browser. It says my computer has been attacked by a virus and there is a verbal computer based warning about this attack. There is no way I can close it other than going to task manager. When I restart...
This is comforting! Dept of Homeland Security got hacked (allegedly), and apparently is running Win 7 Enterprise..... so looks like those who gather info got gathered! Report: Hackers steal, post details on 9,000 DHS employees | Network World clip: Dell still won't say yes or no, but many online postings by users on the Dell support forum seem to point towards the postive answer, as they have experienced scammy tech support calls in...
Source: Building a holographic development team | Building Apps for Windows
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 02:18.
Find Us