My little brother downloaded a trojan I don’t know how long ago, I found out when I realized my malware bytes was gone for some reason, and when I got it back, I had 36 files sent to quarantine after the first scan! He tried downloading a mod for something, he is still afraid to tell me the truth. The hackers have been sending messages on steam and instagram, but I have 2FA on all of those and I get login alerts, what’s the point if they got through all of these?? What can I do besides changing my passwords?

  • BlueKnight87125@alien.topBEnglish
    1·
    1 year ago

    Likely the same way LTT got hacked earlier this year; someone in the company downloaded a disguised piece of malware, which took about 30 seconds to steal all the session tokens in their web browser. Put simply, a session token is basically a key card that grants your computer access to your account when asked, provided that you haven’t hit log out, which invalidates it and then requires your password again.

  • RabuSamurai@alien.topOPBEnglish
    1·
    1 year ago

    This is the right move gonna do this now, I gave him my administration pass so his ability to cause damage is unlimited

  • NutellaGuy_AU@alien.topBEnglish
    1·
    1 year ago

    1. Download and install a reputable AV that actually works, Eset, Kaspersky or Bitdefender.

    2. Change all your password from a different machine or Phone

    3. Reformat your PC

    4. Have better control over what others are doing on your PC

    2FA is easy to bypass if they can see/read your 2FA keys via what you type on screen on your PC or are logging your keystrokes. They can simply change your passwords or remain logged into your accounts on their devices.

  • tamudude@alien.topBEnglish
    1·
    1 year ago

    First and foremost, on a different device, make sure you update ALL your passwords.

    Next, do a fresh install on your PC. Consider the machine compromised beyond repair. Do NOT use it without the clean install.

    Finally, never give someone unfettered access to a PC. Always, always have safeguards such as Family Safety etc in place.

  • bothunter@alien.topBEnglish
    1·
    1 year ago

    Your machine is compromised, so the hackers are simply stealing the post 2FA session tokens from your computer. Basically, once you enter your password and complete the 2FA challenge, the server grants an access token to your computer so you don’t need to repeat the process for every interaction with that service. If there is malware on your computer, those tokens can be stolen and reused by nefarious actors.

    2FA isn’t a foolproof system; it just makes it significantly harder for hackers to log in. And they’re basically piggybacking on your successful login to hijack your accounts.

    Format the machine and change *all* your passwords.

    (And don’t let your little brother use your computer again)

    • AllPurposeGeek@alien.topBEnglish
      1·
      1 year ago

      Great advice above but some additional advice. Some programs can be ‘authorized’ to access your account so depending on the platform, you may need to look for “connected services” and purge them.

  • NaZGuL_of_Mordor@alien.topBEnglish
    1·
    1 year ago

    Hackers used to do so with a Reverse Proxy (with their RAT) and stealing the cookie session makes It possible. Doing so, they have your IP and your cookie session so for example Instagram Will think its the same session.

    Some recent RATs/Trojans have something called HVNC which creates a hidden desktop and they can open almost any app on your Computer silently like being at your phisical PC. This makes It way easier for hackers to do that.

  • Misty_Veil@alien.topBEnglish
    1·
    1 year ago

    I got banned in siege because of my u I acc getting compromised with no login alerts or anything.

    It took 6 months of fighting with support to get unbanned by which time I had lost interest in playing