|
Title: [HELP!] What should I do after being phished? Post by: kira4light on July 04, 2013, 07:30:46 PM Follow up on the "5 coins Raffle scam".
I actually clicked on this link: [Be cautious! This link is dangerous! Unless you are absolutely sure what you are doing please do NOT click on it] http://rghost.net/47200539?r=1096 and clicked the Trojan script..... Now I'm thinking about re-install my whole operational system and change every single password I have... Could anybody look into the script and see what it does? Or any general suggestions or help would be appreciated!!! Big lesson from this >:( Title: Re: [HELP!] What should I do after being phished? Post by: threeip on July 04, 2013, 08:00:12 PM The first thing you should do is remove the link to the phishing page?
Title: Re: [HELP!] What should I do after being phished? Post by: kira4light on July 04, 2013, 08:12:10 PM The first thing you should do is remove the link to the phishing page? I think the link is ok as long as you don't download the actual script... Or I may be wrong... Title: Re: [HELP!] What should I do after being phished? Post by: chadtn on July 04, 2013, 08:22:27 PM I'm ashamed to say I fell for it. I thought it was a wallet file and accidentally clicked on it while I was trying to import the keys. I deleted the file and scanned my computer for problems. I thought I removed the problem and went to bed. I woke up about twenty minutes ago and saw my mouse moving by itself. Someone had messed with my firewall settings, opened up bitcoin-qt, and had just downloaded a file called _DVSoy.exe from plasmon.ghost.ru.
Chad Title: Re: [HELP!] What should I do after being phished? Post by: CurbsideProphet on July 04, 2013, 09:06:53 PM The first thing you should do is remove the link to the phishing page? I think the link is ok as long as you don't download the actual script... Or I may be wrong... To be safe, I would just remove it so others don't run the script on accident. Title: Re: [HELP!] What should I do after being phished? Post by: cp1 on July 04, 2013, 09:17:16 PM You could go through a long process and remove it or just format, which is what I'd do.
Title: Re: [HELP!] What should I do after being phished? Post by: Mylon on July 04, 2013, 10:42:04 PM The first thing you should do is remove the link to the phishing page? I think the link is ok as long as you don't download the actual script... Or I may be wrong... To be safe, I would just remove it so others don't run the script on accident. You could go through a long process and remove it or just format, which is what I'd do. the long process... is so long that I could spend months on it... and still see the mouse move on its own after I hook it back up to the internet... reinstalling is the only safe option...Title: Re: [HELP!] What should I do after being phished? Post by: nottm28 on July 04, 2013, 10:44:32 PM MOD's- can someone please remove the link from the OP's post - he seems incapable of editing his own post
[EDIT] wouldn't be surprised if this is a sock puppet post [EDIT2] reported to moderator Title: Re: [HELP!] What should I do after being phished? Post by: chadtn on July 04, 2013, 11:00:35 PM On my system the downloaded file opened up access to DarkComet RAT. They used that to remote onto my system to try installing other software. In the details of the file it downloaded Dell Datasafe was mentioned. It looks like a service similar to Dropbox.
Chad |