I’m barely even coherent at this late of an hour due to lack of sleep over the past week (stressed to the max due to all this bullshit), but I have finally figured out what happened. A keylogger was installed on my machine, specifically this one (that link is safe to click on). For a very humorous read, have a look at their “remote installation guide” (again, safe to click on) which explains in detail how to remotely install this software. The wording is unreal…this was obviously a package written for hackers.
Long story short, if the scammer/hacker is careful enough and can get you to click on a rogue link, the software can be installed without you knowing, which in hindsight has to be what happened. Who knows how it got on my machine, but after running several keylogger removal tools I finally tracked it down to this exact program.
I wouldn’t have even thought to start searching for a keylogger on my machine…I met a buddy of mine Sunday evening for a drink and mentioned everything that was going on; his first response was “did you get keyloggered?” Of course my reply was “no way, I have a/v software, am behind a firewall (2 actually, one software and one hardware), and I run anti-spyware scans on a weekly basis, etc.” But he got me to thinking, so I figured what the hell, I’ll check it out. And as I stated above that’s when I found this very nasty package.
So here are the facts:
- It was installed about a month ago, which is right around the time I did my last eBay auction (coincidence?…perhaps, but who knows).
- It has the potential to log everything I did on my machine for the last month depending on how it was configured (I have of course zapped it and reformatted all of the machines on my network, and have changed all of my passwords…too little too late though).
- Whoever was monitoring it has A) my social security number (it’s my login ID to my online banking site…when I signed up years ago that was the only option they offered for an ID, and I have since learned that they’ve changed this requirement but didn’t fucking enforce it, i.e. I was never notified that I could change it) B) all of my bank account numbers as I use them to pay some of my bills online C) numerous credit card/check card numbers as again I use these to pay various other bills/order stuff/etc D) drivers license number E) account numbers/passwords to all of my utility companies…in other words, everything.
- Who knows what else…I’m deliriously tired and will post more later.
Norton A/V missed it. Spybot missed it. It’s that f’ing stealthy. According to what I’ve read, the installation program can detect these programs and bypass them, which is completely ridiculous IMO, but apparently it worked. What’s funny (if you can even say that) is that I did indeed take screenshots of the detection process, but being the brilliant person I am stored them on my drive…before formatting my machine. Great job J.
You always think that it can’t/won’t happen to you. It’s surreal, and I’m still reeling…not even beginning to think that I am now an identity theft statistic, along with how much time it will take to get this all sorted out. Hell, it might not even be related to eBay. I’m starting to think about attachments I clicked on in emails from friends (email addresses are easily spoofed, and given the amount of info that is available about people on the internet, wouldn’t be too hard to figure out email addresses that would be familiar to the “victim” and then spoof them). Who knows.
Updates to come as they present themselves. All of the involved parties are being less than useful at this point though. Imagine that. This absolutely sucks.
Sidenote: Sorry for all of the negativity as of late. I hope to get back to regular posting soon.
Wed, Aug 9 2006 3:37 AM