Laptop hacked and information stolen

[Karthik B S]

Hi Team,
This must be an old topic for you guys but I am new to this.

Last night my Laptop was hacked using an application. Not sure what it is but I received a RAR file which I scanned thoroughly and then opened. The file passed the scan but the application got installed on my computer. Then I received a message that I was hacked and they provided the proof like the web sessions I was running at that time. It took around 2 hours to send me this message and demanding money. They even activated my Webcam and took a pic and sent me the link which made me believe completely.

I formatted my Laptop but I am not sure if my MAC address was hacked or not. What is the worst case scenario and what can happen?

Do I need to change my LAN card, replace my ADSL modem and replace the Belkin router?

Please let me know how I should go about.. waiting for your reply at the earliest.
Thanks.

 

[Cobalt006]

Ok have you got any more threats sense you reformatted? You are behind a router and you do have your firewall up. You left them in,Buy opening the file. I doubt now that you have reinstall windows that they can get in. But to be on the safe side scan all email and do not open anything you do not know were it came from. There are few members here that are good with helping you with this problem so hold on, Hopefully they will pick up from here and help you out.

 

[Razer]

the worst case scenario that I can think is (maybe/there is a possibilty) the culprit has your password like email or bank account and other personal information that saved to your laptop..

 

[Cobalt006]

the worst case scenario that I can think is (maybe/there is a possibilty) the culprit has your password like email or bank account and other personal information that saved to your laptop..

Like Razor has posted, I would change any and all passwords if you kept them saved on the laptop. Plus change your email. As you said it took them two hours to send you another message. I also would keep a eye on your bank account.

 

[DjKraid]

Like Razor has posted, I would change any and all passwords if you kept them saved on the laptop. Plus change your email. As you said it took them two hours to send you another message. I also would keep a eye on your bank account.

Personally I would lock everything, all bank accounts, change all passwords using an other computer in an other network, change all the "secret questions and answers" (the "fail safe" login-reset thingy) and when that is done I would take a serious look at the modem/routers firewall and settings plus the firewall and antivirus that is installed.

 

[learninmypc]

Not to mention, let your bank know via a phone call , that you were hacked so they can do their part.

 

[Karthik B S]

After reformatting I have not received any more threats.. I have reset all the passwords with a different computer in a different network. Do I have to replace my Modem and router? Can Mac address be tracked when I try to login through the same computer and network and yes what can be done to prevent this? Not to mention, I have a dynamic IP. Thanks

 

[Leeky]

Your modem and router will be fine. Reset the router to factory settings and re-configure it. Make sure the firewall is up and running, and I highly recommend you change the wireless name and password, as full access will have compromised the password.

It goes without saying that ANYTHING using that password (if you've used them elsewhere online) need to be changed ASAP. At the very least change your email passwords and passwords and reminders for any financial accounts you use online.

More importantly, I think you need to revisit your practices with online activity. The way you were hacked is a common method by which people are caught out. A simple but paramount rule is never to open any attachment sent by an unknown source. If you must open it, do it in an isolated account or in a sandbox to ensure your computer is not compromised.

Also, I would follow DjKraid's advice to the letter: at this point its crucial that you change absolutely everything, and remember, all a hacker needs is access to your email account, they can easily "reset" any online account associated with that email address from there. Additional steps like two-step authentication can help to reduce the risk further, like for example Gmail.com which if activated requires users to enter a unique code sent to your mobile in real-time to verify the request is genuine.