Tech

I’ve Been Hacked! Now What?

Here’s how to restore your zombie PC to normal without cutting your hair.

I opened an email attachment that I shouldn’t have and now my computer is slowing down and other strange things are happening. Your bank has called you, claiming that there has been some strange activity on your account and that your ISP “routes you” all traffic from your computer and is now part of a zombie botnet. It’s all Monday.

If your computer is compromised and infected with a virus or other malware, you must take steps to ensure that your files are not corrupted and that your computer is not used to attack other computers. Here are the basic steps you should take to get back to normal after being hacked: Has your smartphone been hacked? Here’s what to do:

Steven Pützer / Photographer’s Choice RF / Getty Images

computer isolation

If you want to break the connection that hackers use to “get a string” from your computer, you need to isolate it from communicating on the network. Quarantine prevents it from being used to attack other computers and prevents hackers from continuing to get your files and other information. Unplug the network cable from the PC and turn off the WiFi connection. If you have a laptop, there is often a switch to turn Wi-Fi off. Do not rely on software to do this. A hacker’s malware can tell you something is off when you’re actually connected.

Shutdown and hard drive removal

If your computer is damaged, you must shut it down to prevent further damage to your files. After powering down, you must remove the hard drive and connect it to another computer as a non-bootable secondary drive. Make sure other computers have the latest antivirus and antispyware installed. You should also download a free spyware removal tool or a free rootkit detection scanner from a reputable source like Sophos.

To make things a little easier, we recommend that you buy a USB drive caddy to insert your hard drive into so that you can easily connect it to another PC. If you are not using a USB caddy and instead choose to connect the drive internally, make sure the DIP switch on the back of the drive is set to Secondary Drive. If you set it as the default drive, you can try to start another PC with the operating system and all hell is unlocked again.

If removing the hard drive yourself is inconvenient or if you do not have a computer to replace, you can take your computer to a trusted local PC repair shop.

Scan your drive for infections and malware

Use the other host PC’s antivirus, antispyware, and anti-rootkit scanners to ensure that all infections are detected and removed from the file system on your hard drive.

Backup important files from previously infected drives

You must remove all personal data from the previously infected drive. Copy photos, documents, media, and other personal files to a DVD, CD, or other clean hard drive.

Move the drive back to the PC

After you confirm that your file backup was successful, you can move the drive back to your old PC and prepare for the next part of the recovery process. Also set the drive’s DIP switch back to default.

Completely erase the old hard drive.

Even if a virus and spyware scan shows the threat is gone, don’t believe your PC is free of malware. The only way to ensure that the drive is completely clean is to completely erase the drive using a disk erase utility and then reload the operating system from trusted media.

After backing up all your data and putting the hard drive back into the computer, use the Hard Drive Secure Erase utility to completely erase the drive. There are many free and commercial disk wiping utilities available. Because disk erase utilities overwrite all sectors on the disk (including empty ones), it can take several hours to completely erase the drive, often repeated several times to make sure nothing is missing. It may seem time-consuming, but you can be sure that the stone is left unturned and only in this way can you be sure that you have removed the threat.

Reload the operating system from trusted media and install updates.

Use the original operating system diskettes that you purchased or shipped with your computer, and do not use diskettes copied from other sources or from unknown sources. Reliable media can help prevent viruses present on infected operating system hard drives from re-infecting your PC.

Be sure to download all updates and patches for your operating system before installing anything else.

Reinstall antivirus, antispyware and other security software

All security-related software must be loaded and patched before loading any other applications. For other applications containing malware that may not be detected if virus signatures are not up to date, you should ensure that your antivirus software is up to date before loading other applications.

Scan your backup disk for viruses

Even if you are sure everything is clean, always scan your data files before putting them back into your system.

Create a full backup of your system

Once everything is clean, it’s a good idea to do a full backup so that you don’t spend a lot of time rebooting your system even if it happens again. A backup tool that creates a bootable disk image as a backup will help greatly speed up future restores.


More information

I’ve Been Hacked! Now What?

How to turn your zombie PC back to normal without cutting off its head

You opened an e-mail attachment that you probably shouldn’t have and now your computer has slowed to a crawl and other strange things are happening. Your bank called you saying there has been some strange activity on your account and your ISP has just “null routed” all traffic from your computer because they claim it is now part of a zombie botnet. All this and it’s only Monday.

If your computer has been compromised and infected with a virus or other malware you need to take action to keep your files from being destroyed and also to prevent your computer from being used to attack other computers. Here are the basic steps you need to perform to get back to normal after you’ve been hacked. Was your smartphone hacked? Here’s what to do.

Steven Puetzer / Photographer’s Choice RF / Getty Images Isolate Your Computer

In order to cut the connection that the hacker is using to “pull the strings” on your computer, you need to isolate it so it can’t communicate on a network. Isolation will prevent it from being used to attack other computers as well as preventing the hacker from continuing to be able to obtain files and other information. Pull the network cable out of your PC and turn off the Wi-Fi connection. If you have a laptop, there is often a switch to turn the Wi-Fi off. Don’t rely on doing this through software, as the hacker’s malware may tell you something is turned off when it is really still connected.

Shutdown and Remove the Hard Drive

If your computer is compromised you need to shut it down to prevent further damage to your files. After you have powered it down, you will need to pull the hard drive out and connect it to another computer as a secondary non-bootable drive. Make sure the other computer has up-to-date anti-virus and anti-spyware. You should probably also download a free spyware removal tool or a free rootkit detection scanner from a reputable source like Sophos.

To make things a little easier, consider purchasing a USB drive caddy to put your hard drive in to make it easier to connect to another PC. If you don’t use a USB caddy and opt to connect the drive internally instead, make sure the dip switches on the back of your drive are set as a secondary drive. If it is set to primary drive it may try to boot the other PC to your operating system and all hell could break loose again.

If you don’t feel comfortable removing a hard drive yourself or you don’t have a spare computer then you may want to take your computer to a reputable local PC repair shop.

Scan Your Drive for Infection and Malware

Use the other host PC’s anti-virus, anti-spyware, and anti-rootkit scanners to ensure detection and removal of any infection from the file system on your hard drive.

Backup Your Important Files From the Previously Infected Drive

You’ll want to get all your personal data off of the previously infected drive. Copy your photos, documents, media, and other personal files to DVD, CD, or another clean hard drive.

Move Your Drive Back to Your PC

Once you have verified that your file backup has succeeded, you can move the drive back to your old PC and prepare for the next part of the recovery process. Set your drive’s dip switches back to primary as well.

Completely Wipe Your Old Hard Drive

Even if virus and spyware scanning reveals the threat is gone, you should still not trust that your PC is malware free. The only way to ensure that the drive is completely clean is to use a hard drive wipe utility to completely blank the drive and then reload your operating system from trusted media.

After you have backed up all your data and put the hard drive back in your computer, use a secure disk erase utility to completely wipe the drive. There are many free and commercial disk erase utilities available. The disk wipe utilities may take several hours to completely wipe a drive because they overwrite every sector of the hard drive, even the empty ones, and they often make several passes to ensure they didn’t miss anything. It may seem time-consuming but it ensures that no stone is left unturned and it’s the only way to be sure that you have eliminated the threat.

Reload the Operating System From Trusted Media and Install Updates​

Use your original OS disks that you purchased or that came with your computer, do not use any that were copied from somewhere else or are of unknown origin. Using trusted media helps to ensure that a virus present on tainted operating system disks doesn’t reinfect your PC.

Make sure to download all updates and patches for your operating system before installing anything else.

Reinstall Anti-Virus, Anti-Spyware, and Other Security Software

Before loading any other applications, you should load and patch all your security related software. You need to ensure your anti-virus software is up-to-date prior to loading other applications in case those apps are harboring malware that might go undetected if your virus signatures aren’t current

Scan Your Data Backup Disks for Viruses

Even though you are fairly certain that everything is clean, always scan your data files prior to reintroducing them back into your system.

Make a ​Complete Backup of Your System

Once everything is in pristine condition you should do a complete backup so that if this ever happens again you won’t spend as much time reloading your system. Using a backup tool that creates a bootable hard drive image as a backup will help speed up future recoveries immensely.

#Ive #Hacked

I’ve Been Hacked! Now What?

How to turn your zombie PC back to normal without cutting off its head

You opened an e-mail attachment that you probably shouldn’t have and now your computer has slowed to a crawl and other strange things are happening. Your bank called you saying there has been some strange activity on your account and your ISP has just “null routed” all traffic from your computer because they claim it is now part of a zombie botnet. All this and it’s only Monday.

If your computer has been compromised and infected with a virus or other malware you need to take action to keep your files from being destroyed and also to prevent your computer from being used to attack other computers. Here are the basic steps you need to perform to get back to normal after you’ve been hacked. Was your smartphone hacked? Here’s what to do.

Steven Puetzer / Photographer’s Choice RF / Getty Images Isolate Your Computer

In order to cut the connection that the hacker is using to “pull the strings” on your computer, you need to isolate it so it can’t communicate on a network. Isolation will prevent it from being used to attack other computers as well as preventing the hacker from continuing to be able to obtain files and other information. Pull the network cable out of your PC and turn off the Wi-Fi connection. If you have a laptop, there is often a switch to turn the Wi-Fi off. Don’t rely on doing this through software, as the hacker’s malware may tell you something is turned off when it is really still connected.

Shutdown and Remove the Hard Drive

If your computer is compromised you need to shut it down to prevent further damage to your files. After you have powered it down, you will need to pull the hard drive out and connect it to another computer as a secondary non-bootable drive. Make sure the other computer has up-to-date anti-virus and anti-spyware. You should probably also download a free spyware removal tool or a free rootkit detection scanner from a reputable source like Sophos.

To make things a little easier, consider purchasing a USB drive caddy to put your hard drive in to make it easier to connect to another PC. If you don’t use a USB caddy and opt to connect the drive internally instead, make sure the dip switches on the back of your drive are set as a secondary drive. If it is set to primary drive it may try to boot the other PC to your operating system and all hell could break loose again.

If you don’t feel comfortable removing a hard drive yourself or you don’t have a spare computer then you may want to take your computer to a reputable local PC repair shop.

Scan Your Drive for Infection and Malware

Use the other host PC’s anti-virus, anti-spyware, and anti-rootkit scanners to ensure detection and removal of any infection from the file system on your hard drive.

Backup Your Important Files From the Previously Infected Drive

You’ll want to get all your personal data off of the previously infected drive. Copy your photos, documents, media, and other personal files to DVD, CD, or another clean hard drive.

Move Your Drive Back to Your PC

Once you have verified that your file backup has succeeded, you can move the drive back to your old PC and prepare for the next part of the recovery process. Set your drive’s dip switches back to primary as well.

Completely Wipe Your Old Hard Drive

Even if virus and spyware scanning reveals the threat is gone, you should still not trust that your PC is malware free. The only way to ensure that the drive is completely clean is to use a hard drive wipe utility to completely blank the drive and then reload your operating system from trusted media.

After you have backed up all your data and put the hard drive back in your computer, use a secure disk erase utility to completely wipe the drive. There are many free and commercial disk erase utilities available. The disk wipe utilities may take several hours to completely wipe a drive because they overwrite every sector of the hard drive, even the empty ones, and they often make several passes to ensure they didn’t miss anything. It may seem time-consuming but it ensures that no stone is left unturned and it’s the only way to be sure that you have eliminated the threat.

Reload the Operating System From Trusted Media and Install Updates​

Use your original OS disks that you purchased or that came with your computer, do not use any that were copied from somewhere else or are of unknown origin. Using trusted media helps to ensure that a virus present on tainted operating system disks doesn’t reinfect your PC.

Make sure to download all updates and patches for your operating system before installing anything else.

Reinstall Anti-Virus, Anti-Spyware, and Other Security Software

Before loading any other applications, you should load and patch all your security related software. You need to ensure your anti-virus software is up-to-date prior to loading other applications in case those apps are harboring malware that might go undetected if your virus signatures aren’t current

Scan Your Data Backup Disks for Viruses

Even though you are fairly certain that everything is clean, always scan your data files prior to reintroducing them back into your system.

Make a ​Complete Backup of Your System

Once everything is in pristine condition you should do a complete backup so that if this ever happens again you won’t spend as much time reloading your system. Using a backup tool that creates a bootable hard drive image as a backup will help speed up future recoveries immensely.

#Ive #Hacked


Synthetic: Vik News

Đỗ Thủy

I'm Do Thuy, passionate about creativity, blogging every day is what I'm doing. It's really what I love. Follow me for useful knowledge about society, community and learning.

Trả lời

Email của bạn sẽ không được hiển thị công khai. Các trường bắt buộc được đánh dấu *

Back to top button