What I learnt from getting Hacked

[casey15]

So a few weeks back I got hacked.. someone was accessing my PC remotely. I'm still.doimgy digital forensics to know how it occured. It took me some hours to discover it.
      This hacker tried to use my Google password manager ( because it is logged into my chrome on my PC) to autofill crypto exchange websites to log in.
Anytime I opened my chrome, I'll see that he had tried to access Binance or OKC and try to log in.. but thank God for good security practices and knowledge.. even though I have majority of my passwords saved with Google, none of my financial or crypto passwords are saved there.. I do not use the laptop for anything financial, I use it only for school and my cyber security training.
He did logged me out of my telegram and whatsapp but I've been able to get them back. I immediately changed the password of my Google accounts and logged them out of every device as soon as I discovered the breach.
  One keey take away from this experience is that you can never be too careful, and I have made a thread concerning the dangers of digitalizing your seed phrase. Imagine I wrote it and stored it inside the laptop as a backup or maybe I had left my financial passwords there on my ggole account, may e all my funds would have been gone by now..
Do not store your seed phrase digitally, yes it may look more easier but it's has more risks. Any breach and someone else can get access to them and steal your funds....  Always store important information offline because the digital landscape is always undergoing attacks of all types . Protect your funds. Do the right thing

Alright folks... Be careful out there

[I_Anime]

I’m always security conscious when come to stuff like This , this is one of the reason I don’t like saving passwords in google to avoid stuff like this I literally prefer going through the stress to type my password than to save it online for auto filling and stuff .

Yes you can never be too careful, after hearing a friend lose his assets due to poor handling of his seed phrase (he didn’t have much knowledge on the seed phrase work then ) , so he didn’t wrote it down and his device got stolen and he loss his assets in the process , so after hearing it the care of my seed phrase increased I can never be too lazy to write my seed phrases down than to store it online (which may easily become target for scammers ).

[SatoPrincess]

So a few weeks back I got hacked.. someone was accessing my PC remotely. I'm still.doimgy digital forensics to know how it occured. It took me some hours to discover it.
 

You say you don know how the hackers take control your PC but you no tell us how them take do am. Na say you click phishing link way them send you or na another thing been happen? They say prevention is better than cure, and person like you way dey into cybersecurity suppose dey cautious pass regular people. Na why I won know which format them use take get you.

[Nwada001]

Eh fit be say the hacker no really get access to your PC but eh just gain access to your email way be the primary email way they connected to your chrome browser and if eh synchronize that your email with in own PC and chrome eh go they get both your browsing history and the password way you save for your password manager and nah that thing fit make you notice say eh they try login your exchanges as eh go still appear for you chrome as last/recently visited web pages.

For me even as you don revoke access for the email from where eh they logged in the best thing way u suppose do now nah to change all the password way they connected to the password manager, because the person fit don get am backup already eh fit fail to gain access to your exchange but you never know which other information eh get access to already.

[casey15]

You say you don know how the hackers take control your PC but you no tell us how them take do am. Na say you click phishing link way them send you or na another thing been happen? They say prevention is better than cure, and person like you way dey into cybersecurity suppose dey cautious pass regular people. Na why I won know which format them use take get you.

I just completed the digital forensics to know how he got access. It definitely wasn't from a phishing link.. it was a trojan.. Apparently I downloaded a file, a presentation template... I had to pay for a premium antivirus software to scam through the enter PC. It took a while because I have a lot of files mainly from school .. all the materials and textbooks I use are inside and I make slides a lot for presentation...
I've detected the malicious file .. apparently when I installed the template into my PowerPoint, he was able to get access

[Hypnotizer]

This is a practical example why it’s very absurd to store details or passwords of your crypto wallet in google cloud, assuming you are one of the people that store their passwords or keys in Google cloud..this hacker could have gain access to them and steal them. But thank goodness you no dey part of those people.

This is like a call for all those people storing their passwords on any digital devices to be very careful and cautious.

You say you don know how the hackers take control your PC but you no tell us how them take do am. Na say you click phishing link way them send you or na another thing been happen? They say prevention is better than cure, and person like you way dey into cybersecurity suppose dey cautious pass regular people. Na why I won know which format them use take get you.

I just completed the digital forensics to know how he got access. It definitely wasn't from a phishing link.. it was a trojan.. Apparently I downloaded a file, a presentation template... I had to pay for a premium antivirus software to scam through the enter PC. It took a while because I have a lot of files mainly from school .. all the materials and textbooks I use are inside and I make slides a lot for presentation...
I've detected the malicious file .. apparently when I installed the template into my PowerPoint, he was able to get access

Wow, Since you use this Laptop for school and other stuffs why not buy another laptop..if you have the means to, for your crypto related stuff, it will be better off that way since you have to be downloading some more stuffs for your schoolwork, so you don’t have to to face something like this again.

[Wolf of One Street]

You see this issue of digitalizing everything, it's good but also comes with it's disadvantages. Digitalizing your passwords, especially saving them in Google account manager makes it to be easily accessible anytime you need it but sometimes sweet things also bitter. From on set when i was onboarded in the crypto space, the counsel an orientation was to never store seed phrase in email or anywhere inside phone, but to rather write it down manually and keep in a safe place to avoid had i know, especially for major Holding wallets. So I would say you are lucky and this should serve as a lesson to everyone and should open our eyes to cyber threats and how we can avoid being a victim.

[Pablo-wood]

I just completed the digital forensics to know how he got access. It definitely wasn't from a phishing link.. it was a trojan.. Apparently I downloaded a file, a presentation template... I had to pay for a premium antivirus software to scam through the enter PC. It took a while because I have a lot of files mainly from school .. all the materials and textbooks I use are inside and I make slides a lot for presentation...
I've detected the malicious file .. apparently when I installed the template into my PowerPoint, he was able to get access

I am glad you were able to figure out how the attack was made, more credit to your cyber security classes. Can I ask the file was it downloaded from an official website or it was sent through a device or possibly came with another file installation. It's always good we understand how this things work so which ever way the attacker might come from with the knowledge gathered one can easily spot a possible Trojan attack.

[Dr.Bitcoin_Strange]

We just have to be extremely careful with the way we handle our privacy and security because hackers are targeting us always and if you are careless with your security, they will steal your asset. There's one of my friend that lost an account just like this too, the hacker gained access to his gmail, changed the password and number attached their, logged into his exchange account, reset the password and phone number and also added a google authcator to the account.

[Creeper0]

Security is never possible while connected to the internet, you can be attacked at any time. If important information is on a device that is connected to the internet most of the time, your information is never safe. In particular, financial information such as seed phrases, private keys for wallets and passwords for important accounts should never be digitized.

I am now trying to reduce my dependence on the internet as much as possible for privacy or security and try to keep my information offline. Even offline seems risky to me, what if it gets lost? Or someone steals it? I still worry a lot about financial matters.

[Nathrixxx]

Things like this happens as a result of our hunting shadow from the things we have done in the past our of ignorance, it could be that we log in to another user device, carelessly safe our password or keys on a storage that permits a third party to see them, or maybe the online cloud storage may be another reason, but if we had maintain the safety use of all these, practice the right security measures and maintain our privacy, things like this may not happen, while we should not also allow someone use our own device for anything.

[Odusko]

I try to understand and connect this story but for some reason I am unable to do that, the ops did not provide us much adequate information as to how the hack happened to him and which of the platform that was hacked he mentioned crome and then Whatsapp and telegram control for a few moments, well the thing is that hacker's work's with the information the get at their hands, and most times through an insider informant.

[Progress101]

So a few weeks back I got hacked.. someone was accessing my PC remotely. I'm still.doimgy digital forensics to know how it occured. It took me some hours to discover it.
      This hacker tried to use my Google password manager ( because it is logged into my chrome on my PC) to autofill crypto exchange websites to log in.
Anytime I opened my chrome, I'll see that he had tried to access Binance or OKC and try to log in.. but thank God for good security practices and knowledge.. even though I have majority of my passwords saved with Google, none of my financial or crypto passwords are saved there.. I do not use the laptop for anything financial, I use it only for school and my cyber security training.
He did logged me out of my telegram and whatsapp but I've been able to get them back. I immediately changed the password of my Google accounts and logged them out of every device as soon as I discovered the breach.
  One keey take away from this experience is that you can never be too careful, and I have made a thread concerning the dangers of digitalizing your seed phrase. Imagine I wrote it and stored it inside the laptop as a backup or maybe I had left my financial passwords there on my ggole account, may e all my funds would have been gone by now..
Do not store your seed phrase digitally, yes it may look more easier but it's has more risks. Any breach and someone else can get access to them and steal your funds....  Always store important information offline because the digital landscape is always undergoing attacks of all types . Protect your funds. Do the right thing

Alright folks... Be careful out there

When i was first introduced to web 3, it was made very clearly to me that you don't store your seed phrase digitally, i was told to write it down and kept in like 3 different places, just in case something like what you just explained happens, nothing of much importance would be breached.

Some days ago my WhatsApp was even logged off my pc just like that, maybe i might even need to look into that. I initially just thought it to be because of an update like that but nevertheless this was an eye opener so thanks for sharing

[Crypto_Timothy]

Well thankfully you were security conscious. I'm just try wrap my head around the fact that if you were saving your financial details on google for comfort then your story right now might have been different.

If I can take away any lesson from what you just shared it will be to be very much security conscious, most people who even know they got hacked till like days later and probably people like that would store financial details digitally. Even me wrting i need to go and delete most of my saved passwords and just write them down for safe keeping and all.

[Curious T]

I'm more concerned about how the hacker got access to your Google account remotely. Because if he didn't have access to your Google account, he wouldn't be able to access your Google password manager remotely. I know Google doesn't have the best security, but you're mostly alerted when trying to log into a new device and all.
You need to figure out where the breach came from so it doesn't happen again.

Also, you need to have 2FA in most of your apps. If you had 2FA, I don't think they would be able to access your WhatsApp and Telegram on another device, even if they have your Google account details. All your financial apps and personal apps should have 2FA for more security.

[casey15]

I'm more concerned about how the hacker got access to your Google account remotely. Because if he didn't have access to your Google account, he wouldn't be able to access your Google password manager remotely. I know Google doesn't have the best security, but you're mostly alerted when trying to log into a new device and all.
You need to figure out where the breach came from so it doesn't happen again.

Also, you need to have 2FA in most of your apps. If you had 2FA, I don't think they would be able to access your WhatsApp and Telegram on another device, even if they have your Google account details. All your financial apps and personal apps should have 2FA for more security.

He didn't get access to my Google account, he didn't know the password.. he only accessed the PC remotely and was using my chrome not his ...since my account are logged in my chrome, he doesn't need to start looking for passwords, he just tried to access the websites from my own chrome

[Judith87403]

This example is real of how quiet and dangerous modern market can be. No drama, no alarms, only silent access and patience. Managers of password and convenience tools are not evil, though they turn a single reason for failure as soon as a device gets compromised. You did was is right faster, and that is what possibly saved you. The bigger lesson to learn here is concerning modeling of threat. Make assumption that devices can be breached and make plan with such reality. Credentials with high value and seed phrases don't have space on internet connected machines, despite how cautious you may think you are. Storage that are offline reduces your attack surface to possibly zero. Protection is not paranoia, it is discipline. Convenience is just for small time, losses are permanent. Remain alert and remain boring with your security.

[B-BossMan]

It's better we should always be security conscious expecialy in the internet or any online stuffs like that, at times people get to make friends with you just to have access to your privacy or knowing waht you are earning online, although we are individuals differences in te4ms of trust and beliefs, I will like to use myself as an example, I am the kind of person that always saved any of my passwords on goggle account, so that I can easily get an access to my accounts, I did that because I know I was the only operating my phone, I don't like sharing my personal phone with my friends, but I do share my pc with friends but I don't saved any accounts passwords there to maintain my privacy. Well thank God we were able to notice that movement before it becames something else.

[9ja Amaka]

I just completed the digital forensics to know how he got access. It definitely wasn't from a phishing link.. it was a trojan.. Apparently I downloaded a file, a presentation template... I had to pay for a premium antivirus software to scam through the enter PC. It took a while because I have a lot of files mainly from school .. all the materials and textbooks I use are inside and I make slides a lot for presentation...
I've detected the malicious file .. apparently when I installed the template into my PowerPoint, he was able to get access

ThankGod say you done know how the thing take happen and how to prevent it. Similar thing don happen to me, but na with phone no be my PC. Ah go download game wey i see for Facebook, immediately i install the app, na so so my phone start to they control himself. The only time i fit control my phone na when i restart the phone, the safe mode only last 5 minutes. After then the malware app must have start running and taking control of my phone. The next thing I saw were access to my Gmail and trust wallet. What saved me is that after restarting it again, i quickly used the 5 minutes to factory reset my phone. I lost my things that were not backed but it was better because I saved myself from loosing my Gmail and important apps.

[Amphenomenon]

I'm more concerned about how the hacker got access to your Google account remotely. Because if he didn't have access to your Google account, he wouldn't be able to access your Google password manager remotely. I know Google doesn't have the best security, but you're mostly alerted when trying to log into a new device and all.
You need to figure out where the breach came from so it doesn't happen again.

Also, you need to have 2FA in most of your apps. If you had 2FA, I don't think they would be able to access your WhatsApp and Telegram on another device, even if they have your Google account details. All your financial apps and personal apps should have 2FA for more security.

He didn't get access to my Google account, he didn't know the password.. he only accessed the PC remotely and was using my chrome not his ...since my account are logged in my chrome, he doesn't need to start looking for passwords, he just tried to access the websites from my own chrome

Thank God you didn't have your wallet in your Pc because the attacker would have gotten access to this also.
This is why it is important not to have your wallet kept on devices you use often especially when you know you have to download random things online and not some specialize known site or platforms, although the sites or platforms might also be use by hackers, after all, a lot of malware has been identified ad applications from the playstore and fewer on the appstore.