I use a Web browser with a WhatsApp extension, chatting with her she sent me a link to a website to see if I can see the website, she said “I cannot see it, please help me” I did it and the site was visible for me and I notified to her. I think that was the way she used to hack me, I don’t know.
Starting from that day she started to tell me indirects about the info I saw in the sites I visited, I always suspected that she hacked me and she monitored my Web activity, besides that I’m almost sure she recorded all of our videocalls through WhatsApp to show videos of me speaking about others, I lost one friendship because of that.
I formated my pc several times and even with that she could hacked me again and again, this person is toxic is pure envy and gossiping and I want to leave her behind. She asked me how many hard drives I have on my pc and kept telling me indirects about my Web activity, that scared me a lot.
So I stopped speaking to her and today I’m going to change my phone number.
Regarding the hacking I did this and I want to ask for advice to see what else can I do:
-
My pc is connected through ethernet cable to a router me and flatmates use, I changed the router password.
-
I formated again my pc I reinstalled all my programs and installed the free versions of avira and avast.
-
Today I’m going to use the Internet data of my phone to change all my passwords.
-
I will run a full scan of my hard drives using avast and avira.
-
Probably I will pay one year of norton antivirus plus.
Is everything OK,? What else can I do? What if I disassemble the pc and format it again this time with only one hard disk while scanning the other hard disk in another pc?
You just visited a website and now she can see all your web activity?
I severely doubt that.
First of all this doesn’t sound like you got hacked.
You don’t get a virus if you simply click on a link.
If you suspect a virus than it’s always the safest option to re install windows via USB stick.
And you don’t need these 3th party av. Especially these two they are just junk and bloatware. And never install 2 av that will kill everything.
Use only Windows defender.
If you want to be safe just change passwords and enable 2fa.
And you’re fine.
What would be helpful is if you remember that site she sent you to.
but in order for that to work, there must be some unknown exploit it is using. Which do exist, just its fairly rare outside government activity and organized crime. and your friend would unlikely have access without spending a good bit of money on the dark web. Now if you are into crypto…those website exploits are fairly common, but they are trying to make money.
However, despite like others, im not sure you were hacked, still reinstalling windows(which you did) and changing all your passwords is a good idea. its just safer even if the probability she used a zero day on you is low.
Sorry, just reread your post. If you cleaned everything, than it might be some internet account like your mail, from which any password could be reset. Check sensitive accounts, close all sessions, set up 2fa
its not going to do anything. why? because she probably has your account linked to another device. format everything. use an antivirus, and most important, got to whatsapp and all other services you have used, and close your sessions on all devices. all. also, change the passwords
Bonus points if you use a password manager and make all passwords randomly generated and different for every account.
And setup 2FA on everything possible.
She knows your web history, to supposedly think she hacked your pc or any other thing that backs up the argument of being hacked, I don’t think it should work that way but anyhow, can you give examples of how indirectly shes giving a hint bout your web activity Cuz if you think you are hacked by clicking on some damn link, like I’m thinking it probably like beEF or smthg that hooks to browser, and if I correctly remember it doesnt have good success rate in newer browsers tho. So which OS nd browser were you using at the time of attack?
Opera Web browser
Nah nothing to worry about mate, it’s just some OSINT gathered by her somehow. I too mess with my friends if I find something during recon on them.
Nah nothing to worry about mate, it’s just some OSINT gathered by her somehow. I too mess with my friends if I find something during recon on them.
i dont think she hacked you, theres a lot of social engineering ongoing and with enough information she can run some tools like sherlock which searchs for your username on other sites, thats how she probably knew which sites you visited, if you really think you got hacked just reinstall windows and youre fine but thats very unlikely. Most likely placebo effect
If you are syncing your browser there should also be a way to check all sign ins to your account. Review them and disconnect all of them but your current connection. Then change the password and configure 2FA if itnis available.
I think others have covered most other things, but I haven’t seen anyone say to check your Microsoft account, assuming you’re using windows.
Kick off all devices and sign ins that aren’t yours and setup MFA on your MS account.
Norton isn’t a good antivirus, nor is avast
A lot of folks already mentioned this but it could be a synced browser session or a synced account info. Most places have an option to see other log ins or history as well as an option to log out on other devices. use 2 factor authentication on everything and thirdly drop this friend. They are not a friend and stop communicating with them.
Because the top comment here isn’t really helping (Placebo Effect? What?) and you seem very worried OP I’ll say that you are on the right track (especially using your phone data to do some of your browsing for now to change your passwords. I assume this post was written on your cellphone? Or at least on your computer with internet access disabled and then transfered to your phone). I am wondering if she has a remote access software on your computer and rather than using it for that purpose she’s using it to mainly monitor what you’re doing. Aside from the norton antivirus for a year part (Windows Defender is actually good enough on that front. Add Malwarebytes to that and you’re good) I think you’ll be fine. Maybe don’t get a new number yet/cut her off until a few weeks after you’ve done all of this to “test” and see if she still brings up sites that you’re going to. Then when you get some confirmation that she can’t/isn’t get a new number and block her without any warning. Also, yes, if it makes you feel better remove all of your hard drives and format them one at a time. If you have a hard drive with a lot of info close your internet connection, go through that harddrive file-by-file (to see if there are suspicious software in any folder) and then transfer it to one of the reformatted harddrives and then reformat that previous one (would be great if you have an External hard drive). You can always download and create a windows usb from the microsoft website. Good luck
WOW thanks you so much!
My suggestions are:
- Change all passwords of your accounts, social media, windows, browsers, emails, etc., and where possible enable 2FA (2 factor authentication), and use the function to close all sessions in all devices.
- Uninstall all browser add-ons for the time being. IF you have a browser account enabled, check it doesn’t reinstall those add-ons. Enable the “Clear browsing data” function for everytime you close your browser, at least until you are sure your accounts are not compromised.
- Enable 2FA for WhatsApp and and select the option to close session in all devices.
- You don’t need to install a 3rd party antivirus. If your computer has Windows 10 or 11 and it’s up to date (version 22H2 at least) it will have Windows Defender. It’s all antivirus you need. Stay away from Norton and McAfee, they are not so good now in 2023. If you insist on getting an antivirus try BitDefender.
- You say you reset your computer. See thoroughly if maybe you are using a cracked application or game, don’t install it yet, hold on until you can be certain it is not compromised.
- If you have remote support applications (TeamViewer, Anydesk, VNC, etc.) don’t install them yet.
- Disable Windows remote assistance (you can find it using the search bar).
- When you reinstall applications, download them from their official pages, not 3rd party sites (like uptodown, softonic, filehorse, etc.).
- Do the same with your phone, maybe it could be compromised somehow, specially if your main WhatsApp is there. Do a factory restore and don’t install all your apps yet. Don’t use apk files to install applications if possible or get them from reputable sources.
- Be wary of links sent to you in WhatsApp or your email, check twice what you are clicking.
- If you have your Windows system linked to a Microsoft account, do not restore your backed up configuration when you link it again to your computer.
Hope this tips help you.
“She” is probably using this supposed WhatsApp browser extension to monitor your web activity. Remove it immediately and don’t install things from unofficial sources.
100% remove extension AND exit from all accounts on both your WhatsApp and whatever browser you use.