Soldato
- Joined
- 7 Aug 2004
- Posts
- 10,993
Hi all, so completely randomly my windows 2012 server got hacked that was running team viewer - i have no idea how they found it, and why someone took the time to hack it.
WEIRDLY THOUGH, it seemed to be a sloppy hacker, i logged into my server (locally) to find it with a web browser open with its history as paypal and found some software on the desk top that seemed to be something that extracts passwords from web browser history and/or 'saved passwords' section of the browser - they had opened opera but i never used it really
My server ran pure VPN and was used to send files to crashplan.
Further to my shock I remembered around 20 days ago i got an email from paypal saying i had chosen to stay logged into a device called 'windows 8 safari'.......which i didnt, so i reported that to paypal and changed my password.
Discovering this yesterday really shook me up to be honest - I have also changed my teamviewer password etc
So im left confused and upset as to HOW, WHY, and WHAT?!
I dont run any dodgy software, iv never done anything regarding personal info on my server - and the fact they used team viewer makes me think its a team viewer problem ? Any info guys?
FYI I have shut the server down and will be formatting now - im not sure weather to use windows again or not really, and defo not with team viewer
WEIRDLY THOUGH, it seemed to be a sloppy hacker, i logged into my server (locally) to find it with a web browser open with its history as paypal and found some software on the desk top that seemed to be something that extracts passwords from web browser history and/or 'saved passwords' section of the browser - they had opened opera but i never used it really
My server ran pure VPN and was used to send files to crashplan.
Further to my shock I remembered around 20 days ago i got an email from paypal saying i had chosen to stay logged into a device called 'windows 8 safari'.......which i didnt, so i reported that to paypal and changed my password.
Discovering this yesterday really shook me up to be honest - I have also changed my teamviewer password etc
So im left confused and upset as to HOW, WHY, and WHAT?!
I dont run any dodgy software, iv never done anything regarding personal info on my server - and the fact they used team viewer makes me think its a team viewer problem ? Any info guys?
FYI I have shut the server down and will be formatting now - im not sure weather to use windows again or not really, and defo not with team viewer