They may be able to put a watch on your accounts or may decide to change your account details etc. To be on the safe side, you should also report the incident to your bank. ![]() In general, once a system has been compromised, the best thing to do is re-image it and start with a fresh known good system, though be careful restoring data from any backups you make as you don't know when you were first compromised and you may have backed up compromised files etc. While you cought them in the act of downloading files, you can't be sure they haven't done other things or for how long they have had access to your system. I would also be rather concerned about how they gained initial access. They are generally either under resourced or just overwhelmed with such cases to really do much other than record the incident for stats etc (which is important for things like getting more resources). ![]() Certainly report this to your IT area (if you have one) and you can report the incident to the police, but don't expect much action. Even if you could, more than likely they are in a different country and trying to do anything legally will be near impossible. ![]() HOwever, as it is trivial to spoof both MAC addresses and IP addresses, you are unlikely to be able to track down the source. I disabled it right away and looked through the files they transferred, which include a blank check with my routing and account numbers, my personal CV, and a few other items including my Chrome User Folder (hopefully not any password files they can crack? UGH!)Īnyway I just opened the log.txt and see this:Ģ96361708 11-09-2013 02:35:35 11-09-2013 03:26:42 116 Filetransfer is, the last part might be a MAC address. Walked into my office an hour into a Remote File Transfer initiated by an unknown user.
0 Comments
Leave a Reply. |