blonde poker forum

Hi Guys,
Over the past couple of days, my Hotmail and Facebook accounts have been hacked. The only thing I have found has happened is that my hacker has sent loads of friend requests, but they seem to be only to fellow poker players. Has anyone else suffered with this situation.
I have found the IP address of the person who has done this, is there anyway in which I can find out where tat IP address is registered to? (I already know the City)
Thanks

Get a mod here to see if it has ever been used on the forum.

It's been happening to a good few poker players this past month.

There's been a lot of it about recently - people from here and other poker players have been hit.

Stick the ip address in this link to get info on it.

https://apps.db.ripe.net/search/query.html?searchtext=XX.XXX.XX.XXX

and Kev

FB wouldn't let me log in until I confirmed that i had changed my email password. Then they gave me a warning message saying that a virus (Ramnit I think) had stolen my credentials and posted them on a website (a security firm saw it and alerted FB of this). I have to go now and change all of my passwords for everything.
I did in fact have Ramnit at one point, clean now though. It was tough to remove, took me a few scans and various programs.

Someone used my PC USB port to charge their phone, it got passed across that way.

Has anyone experience of fingerprint readers that replace passwords? Are they any good?

http://www.bbc.co.uk/news/technology-16426824

A computer worm has stolen 45,000 login credentials from Facebook, security experts have warned.

The data is believed to have been taken largely from Facebook accounts in the UK and France, according to security firm Seculert.

The culprit is a well-known piece of malware - dubbed Ramnit - which has been around since April 2010 and has previously stolen banking details.

Facebook told the BBC that it was looking into the issue.

The latest iteration of the worm was discovered in Seculert's labs.

"We suspect that the attackers behind Ramnit are using the stolen credentials to login to victims' Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware's spread even further," said the researchers on the firm's blog.

"In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services to gain remote access to corporate networks," it added.

'Viral power'
Social networks offer rich pickings for hackers because of the huge amount of personal data that is stored on them. Increasingly malware is being updated for the social networking age.

"It appears that sophisticated hackers are now experimenting with replacing the old-school email worms with more up-to-date social network worms. As demonstrated by the 45,000 compromised Facebook subscribers, the viral power of social networks can be manipulated to cause considerable damage to individuals and institutions when it is in the wrong hands," said Seculert.

According to Seculert, 800,000 machines were infected with Ramnit from September to the end of December 2011.

Microsoft's Malware Protection Center (MMPC) described Ramnit as "a multi-component malware family which infects Windows executable as well as HTML files... stealing sensitive information such as stored FTP credentials and browser cookies".

In July 2011 a Symantec report estimated that Ramnit worm variants accounted for 17.3% of all new malicious software infections.

For Facebook users concerned that they have been affected by the worm, the advice is to run anti-virus software.

"It won't necessarily be obvious that you have been attacked. The worm is stealing passwords so it is not going to announce itself," said Graham Cluley, senior security consultant at Sophos.

Update - Friday 6 January, 10:22am: Facebook has responded to this article with the following statement:

"Last week we received from external security researchers a set of user credentials that had been harvested by a piece of malware. Our security experts have reviewed the data, and while the majority of the information was out-of-date, we have initiated remedial steps for all affected users to ensure the security of their accounts.

"Thus far, we have not seen the virus propagating on Facebook itself, but have begun working with our external partners to add protections to our anti-virus systems to help users secure their devices. People can protect themselves by never clicking on strange links and reporting any suspicious activity they encounter on Facebook.

"We encourage our users to become fans of the Facebook Security Page for additional security information."

just got a weird email from dewi, suspect he's been hacked or compromised, whatever you call it

yeah, he has. he knows about it

Facebook needs to introduce an additional layer of security to the login, a 'token' that requires access to an app or mobile as well as the password.

was it in english?

there is an option available where any attempted logins from an unrecognised device require a texted passcode.  I didn't know this or set it up until after i got hacked, obv.

Oh, that's exactly what I meant. Going to switch this on for my account now. If I can see how to do it...

...OK, that's now set up and working. It's been there for AGES, but hidden away and I didn't know it was there.  I'd advise everyone else to use it as well if you're at all worried about the security of your facebook account.

That's my gmail, paypal and now facebook that have the two-step verification. 

Thanks Clur :)up

https://accounts.google.com/b/0/SmsAuthConfig

click this for similar on gmail

I've already got it on gmail (whole thread about that elsewhere).  I use an app rather than SMS for the gmail verification though.

Shit, only just seen your thread Claire about the accounts being hacked.  Get it all sorted?

it works well. claire couldn't log into her fb on my phone without getting a code sent to her own phone first