Question

  • Creator
    Topic
  • #4215801

    Attacker using root or SSh to hack my devices how do I remove them?

    Locked

    by vpozada8424 ·

    All of my devices are compromised by an attacker that I believe is living of the land by staying stealthy and gaining root access to my systems or using ssh. If this is indeed the case l, how were they able to gain access and what do I need to do to remove them and keep them out. Any advice into locking down my Windows laptop and Android device will be most appreciated. Thanks in advance.

All Answers

  • Author
    Replies
    • #4215905
      Avatar photo

      Reply To: Attacker using root or SSh to hack my devices how do I remove them?

      by kees_b ·

      In reply to Attacker using root or SSh to hack my devices how do I remove them?

      I’m afraid nobody knows how you let them in.

      If your antivirus programs (on your Windows and Android devices) can’t remove them, the easiest way is to go back to factory conditions by a clean install of the OS’es (after backing up everything you don’t want to lose).
      And, of course, update everything on these devices with the latest security updates.

      We have many spam posts here (which are all deleted) of people claiming that they hired an “ethical hacker” to hack their partners or boyfriends/girlfriends device (most often a phone), so they could read all texts and apps on the phone. Many thanks to the hacker that they could see that their partner or friend was cheating them. You make live somewhat harder for such a hacker by carefully installing all security updates.

      • This reply was modified 11 months ago by Avatar photokees_b.
      • This reply was modified 11 months ago by Avatar photokees_b.
    • #4216029
      Avatar photo

      Reply To: Attacker using root or SSh to hack my devices how do I remove them?

      by birdmantd ·

      In reply to Attacker using root or SSh to hack my devices how do I remove them?

      I have to ask, why do you think you are being “hacked”? What is happening to make you suspect it?

    • #4216458

      Reply To: Attacker using root or SSh to hack my devices how do I remove them?

      by vpozada8424 ·

      In reply to Attacker using root or SSh to hack my devices how do I remove them?

      Non spam actual question. I suspect my devices are compromised because on my windows laptop the password to the login screen and to my router were changed. No one else has access to these devices but me. I had to reset the router and my PC to get back in, worst yet I had just reinstalled the OS on that PC. I know that the router I’m using isn’t the greatest in security which I’m using my ISP modem combo and a wpa3 router but the login page is running HTTP! Prior to doing a clean reinstall I noticed that Powershell was running in the background which made me really suspicious. because I am an average user with some knowledge of security and networking. I NEVER use Powershell and no programs that I use should run it. Also in task manager I noticed that CMD would be running in the background without me initiating it, and not just one session/ or window but multiple ones would be running on the background. As soon as my laptop started up, a lot of the resources were being used up when there was no software being used or browsers open, even while the computer was idle. The fan would turn on. Resources such as, the CPU would shoot up to 100%, high memory etc. I know attackers exploit these trusted tools to write scripts and stay hidden and undetected. I know that windows has many vulnerabilities that can be exploited. What I’m unsure of is what all information the attacker needs and how are they getting it and remotely when I have remote settings disabled, what I’m I missing? what do I need to block/ disable on Windows, Android, Apple jailbroken iphone? and If I change my IP address will that do anything? and are there any tools with logging capability that I can use. On my new jailbroken iPhone, it gets burning hot as soon as I turn it on. It didn’t used to do that. It started when I connected it to the router, (the one using HTTP) and on my android device it keeps crashing,.

      • #4216490
        Avatar photo

        Reply To: Attacker using root or SSh to hack my devices how do I remove them?

        by kees_b ·

        In reply to Reply To: Attacker using root or SSh to hack my devices how do I remove them?

        This is the first mention of an iPhone, and a jailbroken one especially. So let me add the IPhone to the advice I gave above to do a clean reinstall (go back to factory conditions) on your Windows and Android devices.

        For the iPhone, of course, no jailbreak. Just the latest available and supported iOS from Apple. Are you sure it’s “new” as you say, and not some old second-hand one out of support?

        More tips:
        – If you don’t trust the ISP supplied modem, put it in bridge mode to connect it to a router you trust.
        – If you don’t trust the ISP switch to another. You’ll get a new IP-address.
        – Did you check all lines written in event log (use the event viewer) after a boot of your (Windows 10 or 11?) PC?

        • This reply was modified 11 months ago by Avatar photokees_b.
        • This reply was modified 11 months ago by Avatar photokees_b.
        • This reply was modified 11 months ago by Avatar photokees_b.
    • #4218948

      Proper Security Measures

      by MilesWeb679 ·

      In reply to Attacker using root or SSh to hack my devices how do I remove them?

      Tackling the complicated cyberattack is easier for professionals. It is recommended to outsource techies and use their expertise. From our side, we can provide you with generic information that will enhance your cybersecurity.

      Isolate your devices
      Switch off your all devices including Windows, and Android as soon as possible. Remove their internet connections and try to prohibit any kind of online communication.

      Secure your online accounts
      First of all, change your bank or any sensitive login credentials that may cause you more damage later. There are different password generators available to help you get stronger passwords. Moreover, two-factor authentication (2FA) on all accounts is helpful which gives you an extra layer of security by requiring a second verification code in addition to your password when logging in.

      Seek professional help
      Contact a reputable cybersecurity to investigate your system and ask for strong security measures that can be implemented in the future.

Viewing 3 reply threads