Hacked account - worried about security

Associate
Joined
20 Jan 2011
Posts
165
Hi All

I got emails yesterday advising that my Sony Entertainment (ie playstation) account's password and online ID had been changed. This meant that I completely lost access to the account, since they assigned it to a new email address. Their customer service was closed so I had to wait until this morning to resolve it. Though I did change all my passwords using another laptop and cancel my bank card since it was linked to my account.

I'm left a bit worried about my security though. I use a pretty secure password though stupidly it was the same for a lot of things, so I think someone must have hacked some website and got it that way? Anyway, I've been worrying about whether I might have a keylogger or something on my machine. I think if any of my machines are compromised, it must be my main laptop. That's the one I normally use and I sometimes log into my Sony account on it to purchase digital content.

On the main laptop I had Bit Defender, Malwarebytes Pro and Malwarebytes Anti-Exploit. I run scans regularly. I did a full scan on Bit Defender, it said it found 18 detections, though it also said no threats were found. From looking online it seems this sometimes happens, it can detect false positives. Malwarebytes detected nothing. I then decided to install Kapersky and do a full scan on that, it removed one file called heur:trojan.multi.blacert.a. I also ran Spybot Search and Destroy, it found 27 detections, all were considered 'very low' or 'marginal'. Finally, I ran superantispyware; it found 4 X Pup.OpenCandyVariant and 4667 x Adware Tracking Cookie (seems like a lot...).

Is there anything else I should check or do? I've also ran scans on the other machines that I have.
 
Hi All

I got emails yesterday advising that my Sony Entertainment (ie playstation) account's password and online ID had been changed. This meant that I completely lost access to the account, since they assigned it to a new email address. Their customer service was closed so I had to wait until this morning to resolve it. Though I did change all my passwords using another laptop and cancel my bank card since it was linked to my account.

I'm left a bit worried about my security though. I use a pretty secure password though stupidly it was the same for a lot of things, so I think someone must have hacked some website and got it that way? Anyway, I've been worrying about whether I might have a keylogger or something on my machine. I think if any of my machines are compromised, it must be my main laptop. That's the one I normally use and I sometimes log into my Sony account on it to purchase digital content.

On the main laptop I had Bit Defender, Malwarebytes Pro and Malwarebytes Anti-Exploit. I run scans regularly. I did a full scan on Bit Defender, it said it found 18 detections, though it also said no threats were found. From looking online it seems this sometimes happens, it can detect false positives. Malwarebytes detected nothing. I then decided to install Kapersky and do a full scan on that, it removed one file called heur:trojan.multi.blacert.a. I also ran Spybot Search and Destroy, it found 27 detections, all were considered 'very low' or 'marginal'. Finally, I ran superantispyware; it found 4 X Pup.OpenCandyVariant and 4667 x Adware Tracking Cookie (seems like a lot...).

Is there anything else I should check or do? I've also ran scans on the other machines that I have.

Sony have been hacked numerous times recently, I'd recommend you check to see if your account details have been hacked at any point using : https://haveibeenpwned.com/

BitDefender is a decent AV choice, if you had a run of the mill malware variant on your machine it should detect it. In general never use the same password on multiple services, as it's new year perhaps make a resolution to use a password manager like LastPass.

Cheers

Ultra
 
Sony have been hacked numerous times recently, I'd recommend you check to see if your account details have been hacked at any point using : https://haveibeenpwned.com/

BitDefender is a decent AV choice, if you had a run of the mill malware variant on your machine it should detect it. In general never use the same password on multiple services, as it's new year perhaps make a resolution to use a password manager like LastPass.

Cheers

Ultra
Hi - thanks for the reply. It says two breaches. Does this mean my email specifically was involved, or is it just that it could have been?

Also, what about my router, should I be worried about the security there? I have BT Infinity and pretty much default settings, eg WPA & WPA2 security.
 
Hi - thanks for the reply. It says two breaches. Does this mean my email specifically was involved, or is it just that it could have been?

Also, what about my router, should I be worried about the security there? I have BT Infinity and pretty much default settings, eg WPA & WPA2 security.


Okay that is not great news, sorry. If you searched by email address then it means that your email and associated Sony account details have been leaked online (technically it means your email address appeared in a dump from the Sony hackers but you should assume your account details where in that dump too, as I would) . Different hacks leaked different details, you will want to search what type of details where leaked during the various Sony hacks. To be honest if it highlights two breaches I'd suspect that rather than a keylogger given it is highly likely that the sony leaks where the reason for your account has been accessed.

Personally I'd assume that any information that was associated with your Sony account are now online. Given your current position I'd advise you sign up to at least one of the major credit reference companies and keep and eye for any random loans etc and inform your bank of the fact you believe your details might have been leaked online via the sony hack.

If you have a standard BT router then I wouldn't be too concerned. They normally ship with non-default passwords and have a decent firewall (normally they will block all but essential ports). In general go for WPA2 to secure your comms between your devices and your router.

Cheers, and sorry it's not better news.

Ultra
 
The leaks came from two different companies. I won't post them here since it's public, I can PM if you want, though I guess it doesn't really matter.

My passwords are all changed now so hopefully I'm OK. I also cancelled my bank card and will be getting a new one, plus I changed my bank security info.

To be honest, hacking is something I'm generally quite paranoid about. I know this guy who says his entire network was hacked, every single device was hacked into and they tried to basically destroy his life and get money out of him. Is that even possible?
 
The leaks came from two different companies. I won't post them here since it's public, I can PM if you want, though I guess it doesn't really matter.

My passwords are all changed now so hopefully I'm OK. I also cancelled my bank card and will be getting a new one, plus I changed my bank security info.

To be honest, hacking is something I'm generally quite paranoid about. I know this guy who says his entire network was hacked, every single device was hacked into and they tried to basically destroy his life and get money out of him. Is that even possible?

So if it was two separate hacks, it might be the case that one of the hacks leaked a hashed version of your password, and that the guy who hacked your account used a rainbow attack to get your true password (if you google hashed password rainbow table it'll explain it all).

If all your passwords are changed and your bank card is changed, then the only thing to look for is bad loans in your name (don't need your bank card for that in some situations).

In terms of hacking into every device, it's more likely that they broke one password and someone used that (for say he's icloud and gmail accounts) and used that to move between various devices..... it is possible.... scary but possible, again why using a strong password for each service is really really important.

It sounds like you've done the right things bud, but do keep an eye on your credit profile for a month or two, and more importantly enjoy your new year.;)
 
We use a bit of software at work that recently upgraded to 2 factor authentication. Now that I know its really easy to set up I've gone and done so for all my accounts. Gmail, Facebook, Hotmail, Amazon, Apple etc. All the big services offer it and I'd highly recommend it. Should your password be compromised (which is something that seems to happen to a service almost every day, now), nobody will be able to get in as they'll need your 2fa code too.

Just download Google Authenticator to your phone and look up how to do it for each service.

Edit: Oh and what put me off it for a while was thinking they are all text message based (none if them are anymore, hence Google Authenticator) and thinking you have to do it every time. You don't, most can set 'remember me' or trusted devices (ie your PC) to remember for 30 days or so. Again, that's not an issue with the scenario of passwords leaking online as any new location will require 2fa.
 
Last edited:
Finally, I ran superantispyware; it found 4 X Pup.OpenCandyVariant and 4667 x Adware Tracking Cookie (seems like a lot...).

I think most people on Overclockers can count on Bit Defender, Malwarebytes and Kapersky.

However, the bit of your post I quoted concerns me. "Superantispyware" to me sounds like one of those fake antispyware programs that will throw up a load of positives, then it asks you to pay x amount of money to have the "positives" removed. Some of these fake programs can even go as far as actually being spyware in its own right!
 
The fact that Sony still doesn't have 2-step authentication, to me, is criminal given the company's past performance at safe guarding customers personal data.
 
I use Bitdefender Total Security, and never have had an issue with infections, or anything.
That's all well and good, but even with Bitdefender OP can still get a trojan or virus if he is not as aware of certain "dangers" as you. Take a look at Pawnless Endgames post for an example.
 
I think most people on Overclockers can count on Bit Defender, Malwarebytes and Kapersky.

However, the bit of your post I quoted concerns me. "Superantispyware" to me sounds like one of those fake antispyware programs that will throw up a load of positives, then it asks you to pay x amount of money to have the "positives" removed. Some of these fake programs can even go as far as actually being spyware in its own right!
I'm pretty sure it's legit, it's recommended by good sources if you search it.
 
To be honest, hacking is something I'm generally quite paranoid about. I know this guy who says his entire network was hacked, every single device was hacked into and they tried to basically destroy his life and get money out of him. Is that even possible?

its certainly not profitable put it that way.

its more likely he kept clicking yes to the porn adds :p
 
Zonealarm free firewall might be good, I just have Wondows for playing games, I log in to cc/bank or any site with important info on Linux & soon I am trying PC-BSD so that is a safe option also... This is hard ofcourse on Steam and others like it where you have to log in to Steam or another service that may have payment info through the windows client... If they had you put the website pay info on your credit card site instead of you putting you CC info on each estore/online game site it might work better... You most times have accounts anyway, so why can't they give you a account# & you can put that on your cc site???

its more likely he kept clicking yes to the porn adds

That is a no no in windows, I mean porn sites are bad, mkay... :D
 
Last edited:
Seconding the suggestion of Lastpass. Don't ever let one site being compromised affect your accounts anywhere else by using its generated password function.
 
Myself I use Firefox to save the majority of my passwords - as a result, I try to set them to the maximum length.

It seems as though you need to beef up your security. I have always used ESET Smart Security as a backup security. You will probably get somebody saying that you should never need antivirus software as long as you use common sense - which is true, but I find that spyware and PUPs are getting sneakier and are a bigger problem than viruses themselves. Even when some installers are extracting before installing, ESET will pick up PUPs and ask me what I want to do with them.

Stat1c, run another scan with with ESET's online scanner, here. Follow this up with a scan using Hitman Pro, downloadable from here.
 
Seconding the suggestion of Lastpass. Don't ever let one site being compromised affect your accounts anywhere else by using its generated password function.

Didn't Last pass get hacked though? I've put a question to our it team for then to suggest a Last pass esque system for all our execs who simply don't bother remembering all their passwords - usually their assistants have then all saved in Exchange notes which is not great. I haven't had an answer yet...

Oh and nobody seconding the 2 factor authentication?
 
I think theres an real issues with sites and services requesting things like real names and date of birth and other details. Which then can be used for other services. I use a fake DOB and dummy emails. So even if they get that info through a website breaches it not usable anywhere else. I see a couple of my accounts were are listed on breached services. But I've never had a problem.

other things to consider
http://krebsonsecurity.com/2012/06/attackers-target-weak-spots-in-2-factor-authentication/

I must review my own security after reading that.
 
Didn't Last pass get hacked though? I've put a question to our it team for then to suggest a Last pass esque system for all our execs who simply don't bother remembering all their passwords - usually their assistants have then all saved in Exchange notes which is not great. I haven't had an answer yet...

Oh and nobody seconding the 2 factor authentication?
I was about to say that storing all my passwords online in the same location doesn't really sound like a good idea.
 
Back
Top Bottom