Good afternoon everyone. I just thought it would be helpful to provide information on how to protect your computer and account from being compromised. This is to all the computer amateurs out there who currently have a computer or planning to buy one. It's okay, I've been a computer amateur for a long time and hearing computer talk gave me a head ache! I'm sure everyone hates getting hacked, you work on your avatar for a very long period of time and get kinda attached to it well because, you put so much hard work into it! Anyway, let's talk about the the two most common ways people get hacked. They are KEYLOGGERSand BRUTE FORCE.(Only ones I can think off the top of my head...) It's good to know what you can be facing so you can avoid it.
What is Keylogger?
Keylogger is a dangerous software that executes almost invisibly as a low level system process. It is usually started up in an invisibility mode when your computer is booted – so there is no way the user can detect it. This program logs all the key strokes that you type on the keyboard and then transmits the logged information to the intruder who infected the computer with the keylogger program.
Keyloggers are extremely dangerous and can be used to steal personal information such as your social security number, credit card number, and passwords to just about everything. This may lead to identity theft or theft in general. Keyloggers are especially dangerous to anyone who uses online banking or online cash sites such as PayPal for a large amount of money.
What is Brute Force Cracking?
- Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies. Just as a criminal might break into, or "crack" a safe by trying many possible combinations, a brute force cracking application proceeds through all possible combinations of legal characters in sequence. Brute force is considered to be an infallible, although time-consuming, approach.
Crackers are sometimes used in an organization to test network security, although their more common use is for malicious attacks. Some variations, such as L0phtcrack from L0pht Heavy Industries, start by making assumptions, based on knowledge of common or organization-centered practices and then apply brute force to crack the rest of the data. L0phtcrack uses brute force to crack Windows NT passwords from a workstation. PC Magazine reported that a system administrator who used the program from a Windows 95 terminal with no administrative privileges, was able to uncover 85 percent of office passwords within twenty minutes.
How To get Rid of Keylogger and Brute Force Cracking
When you suspect that you are infected with a keylogger, do NOT type any personal information. Even if you are typing in a normal word document, the keylogger still keeps track of everything you type.
If you desperately need to login to your Email or somewhere secure and password protected, there is one way to get around the keylogger.
Click on Start -> Go to All Programs -> Click on Accessories -> Select Accessibility ->Click on On-Screen Keyboard
Executing the above steps opens a keyboard on your screen so that you can click whatever letter you would like to type. Since a keylogger does not track where and what you click, this helps you to get around it in times of urgency. Typing with the on-screen keylogger is a great hassle. The only alternative is to eradicate the keylogger program completely from the computer.
Before you can eradicate the keylogger program and make the compute safe, you will need to detect it. Detecting a keylogger is not simple. It can be installed in over a 100 places on your computer, usually located in one of the system files. However, there is a much easier way to detect if a keylogger is running or not. Right click on your desktop’s task bar and click on Task Manager. Alternatively you can press Ctrl + Alt + Del simultaneously to open the Task Manager. Task Manager displays a list of all the applications currently executing on the computer. Click the tab that says Processes. This gives you information about all the programs, hidden and visible that your computer is currently running.
Unless you know a lot about system processes and application processes, you will have difficulty figuring out what you are looking at. The name of each process is under Image Name. The keylogger will show up on the list of processes as well as many other programs and background processes. However, you may not be able to distinguish between the different processes.
You will need to know which process to end before you can stop the keylogger. There are many sites available on the Internet that provides a vast amount of information on each and every process that you may encounter. One of these sites is Liutilities. This site provides some background information on each process as well as specifying the author and which program it is part of. One of the best features of this site includes a recommendation about what to do with that process. Most of the time, the process you look up will be harmful and simply part of the operating system or another program you are running.
Another fantastic site for information on processes is Neuber. As with Liutilities, Neuber gives you background information on that process. A special feature they have is user created comments. Anyone can rate a process in terms of its security a leave a comment about how to deal with the process. Generally, these comments are very accurate. Neuber also provides a ‘security rating’ for each process based on the average rating by users.
However, some find it hard and long drawn out to research each process individually. Thankfully, there is a program called Security Task Manager that is free to download. It will display information about each of the processes that are currently running, as well as specifying if they are dangerous or not. You will immediately be notified should anything harmful come up. Produced by Neuber, the program also shows the security rating and a random comment made by a user for each process. This program does have its disadvantages though. Processes that the program has never encountered before are not given a security rating or a comment. It is therefore advised that you research these processes individually.
Once you have found the harmful process in the Task Manager, click the process and then click the ‘End Process’ button towards the bottom right. The process you have selected should be terminated immediately.
Once this is complete, you should be safe until you reboot your computer. If you do not delete the keylogger, upon rebooting your computer, the keylogger will start up again.
Once you have stopped the keylogger, run anti-virus and spyware checks on your entire computer. Some free virus scan utilities that are recommended are A2, Dr. Web and AVG. However, highly advanced keyloggers such as TypeAgent, KGB, and SpyOutside can often slip through these scans and remain undetected.
If the antivirus scans fail to show any result, you will need to manually detect and delete the keylogger. Keyloggers are usually located in the system files, so do not delete anything that you aren’t 100% sure is the keylogger. Doing so may lead to errors in other areas of the computer. Go to 411-spyware and search for the type of keylogger that has infected your system. If it is listed, there should be instructions about how to manually remove the keylogger.
A great way to check if the keylogger has been completely removed from the system is to reboot. Remember the name of the keylogger’s process and reboot the computer. If the process is not there when the computer has rebooted, you are safe.
Unfortunately, the only way I know how to be safe from Brute Force is to make a strong password length 10-15 with lower and upper case letters, numbers and symbols. Changing your password monthly or even weekly if you're paranoid. There is also a security token which you can purchase for your account which strengthens your security to around 90%. You can also get hacked from consoles such as Xbox 360, Play station 2 and Play station 3. Brute Force is usually responsible for consoles. If you play on PC and want to strengthen your security more and have an extra computer or laptop around, use one specifically for gaming and one for browsing the internet.
I'm also just going to continue based on what I think is fishy on my mind...but I believe RMT is also responsible for many of the comprised accounts in FF11. I hear they ask for too much information when you purchase gil and I even hear they do a power leveling service!? I also hear they are in other MMOs including this one! So don't do any business with them! Not to mention there are no computer laws in China so...they can kinda get away with these third party programs!
That's pretty much it, thanks for reading!
Edited, Jan 31st 2011 3:47pm by Zacky1720
Edited, Jan 31st 2011 3:48pm by Zacky1720