HACKED AND BEING HACKED !!!!! PLEASE READ IMPORTANT INFO.!!!
have heard a lot of reports lately about people camera's being hacked,
but the information being reported is incorrect!!!! no hacker can just
magically turn on your camera ,, it doesnt work like that. This letter
serves to inform you on how its done, the methods involved , what can be
done to stop it, how to detect it and how to catch that person.
Laptops and Web Camera's. (Wired and Inbuilt)
is the safest type to have for personal use. A Hacker cant just turn it
on ,, it doesnt work like that. In order for this to happen the hacker
must have the victims computer "Zombiefied" , in other words hijacked.
This simply means that there must be a program in the computer which
allows the hacker backdoor access. This type of software is called a
TROJAN. There are different ways for this to transmit this software to
the victim, 1.) A Dropper in an infected email attachment e.g. "HARD
ENCRYPTED IN A PHOTO (merging) , 2.) Hidden in a piece of software e.g,
freeware or sharware 3.) As a TROJAN in Pirated Software, 4.) Via A
flashdrive 5.) In an Active X Control or Plugin for Websites and Web
Browsers, 6.) Email BOMB e.g auto redirect to an infected url containing
Now the Virus (Trojan) isnt transmitted directly
to the system, what happens is that firstly a dropper is installed, this
dropper is small , can be installed at the blink of an eye, and deletes
it self so quickly coders of antivirus identities will see hell to find
it. Now the dropper then can take its precious time, disable your
security measures (anti virus, firewall etc) and download and install
the Trojan then delete itself. Now this means that once the hacker gets
your IP address he can use that to access the Trojan on the specified
port which he/she can then execute remote arbitrary code , like get
access to the display drivers of the webcam, open your drives, shut down
the system etc. basically anything he or she designed it to do.
How To Catch the hacker or tell if your infected.
Now if your computer is being hijacked there must be a connection to
it! Basically data must flow from your pc to your hackers and the
commands from your hackers pc to yours. So basically all you need to do
is find out who your computer is connected to.
1.) click start
2.) In the run box type cmd and hit enter
3.) type netstat -n in the command prompt that appears and hit enter
now you will see 4 columns Proto , Local Address , Foreign Address , State
ok crash course,
Proto is the type of protocol
Local Address is your Ip address on the network, 127.0.0.1 is a loop back, next to it is the open port of your system
Foreign Address is the Ip your connected to
State is bacically the state of the connection.
ok so you see a lot of foreign IP's with an established connection, start from the top.
1.) open a browser window and go to a whois webserver e.g http://domains.whois.com/domain.php?action=whois
2.) do a whois search on the IP, e.g in the http://domains.whois.com/domain.php?action=whois
type the foreign ip in the box and hit enter .. e.g 126.96.36.199
this shows me this
Address: 701 First Ave
ok so thats yahoo's Ip thats safe..
this too all the Ips you have. once you find one that appears to be
your hacker simply do a reverse DNS on thaty IP to get your hackers
location or report it to the authorities (NO I AINT WALKING YOU THROUGH A
REVERSE DNS).. So what if your hacker is using a proxy ?? chances are
no, for one thing the connecting bandwidth needed will be to slow on a
proxy server so he's using his own IP..
Wireless Web Cams, IP CAMERAS, AND Wireless Networks,
All of these operate with an inbuilt server that allows the person
access once he has the appropriate IP address. Hell a quick port scan on
that Ip and i will have all your open ports, then simply log in to that
Ip on that port , If prompted for a username and password try the
default, if that dont work try sql, or js injection or other exploits
and walla I have access. no need for a trojan.
routers can be exploited by basically capturing wireless packets sent,
from this i will have your ssid and and encryption type. Simply use Cain
and Abel or other brtue enforcer or a jacker which will get me your
encryption key, to make the process faster use the captured packets to
limit the characters to generate the key. now I can connect to your
router and if you have a home network I can join it or search all the
computers to get to all your shared documents and files etc..
Ok what to do??
1.) firstly in your router settings use a really strong (character , number and sysmbol) password
use a WPSK2 or stronger encryption system and use a really stron key
(13 + characters, numbers and symbols) this will make cracking the key
3.) turn off transmist SSID ,, basically I cant crack what i dont know about
4.) limit your antenna transmit power so its only connectible within your house, I cant hack what I cant connect too can I ??
Now some point of information..
1.) your IP address Dynamic. meaning it will change everytime your router resets, do this at least once every week
All antivirus / spyware / malware programs can only remove what it
knows about regular updates are necessary. In order for it to function.
Virus, malware, trojans, spyware, worms etc, are all different things ,
most antivirus will remove viruses , some spyware etc. use multiple
software.. e.g AVG Free Anti Virus, Super Anti Spyware , Malware bytes.
dont use more than 1 dedicated antivirus.
4.) Be safe!
on the response this gets I will write a few more letters like this or
if anyone is interested I'll be happy to get into more details about how
these things work. Please send this around to as much people as you can
and be safe .. regards Dark_Lord_TnT Ps. If you need any help feel
free to ask..