I am not sure if this is right section to post this please move if this is wrong place. So tonight i started my PC and my Gtalk is set to auto login when computer starts, After turning on my pc gtalk couldn't login it showed username/password error , I tried to login manually but didn't work then i decided to open gmail and after entering credentials gmail brought a new page to me , where they said 'We have found suspicious activity on your account" So i had to enter my mobile number they sent me a code and i changed my password. After login into gmail i checked the last login IP and it was 99.240.121.180 (I guess posting "hackers IP" is not violation of rule) hacker tried to send Mass mail through my account and he sent this link
DO NOT CLICK . I recovered my password but my question is what should i do now? I mean should i take screen shot and send details to Google support ? and do you guys have any idea what type of link that is ?? How my account was hacked ?
I am really impressed with the google security
Do a whois search on the IP and report him to his ISP.
(10-10-2010, 01:42 PM)Fragma Wrote: [ -> ]Do a whois search on the IP and report him to his ISP.
Well last time a Hacker tried to hack my server i traced him , saved all logs and reported to his ISP but i don't think they did anything to him. But i will do it thanks for the reply.
Hey, statistics about your hacker:
General IP Information
Hostname: cpe0013f7bcb9d4-cm0013f7bcb9d0.cpe.net.cable.rogers.com
ISP: Rogers Cable
Organization: Rogers Cable
Proxy: None detected
Type: Broadband
Assignment: Static IP
Blacklist:
Geolocation Information
Country: Canada
State/Region: Ontario
City: Mississauga
Latitude: 43.15
Longitude: -79.5
Area Code:
Postal Code:
Geolocation Map
Map data ©2010 AND, Europa Technologies, Google, INEGI - Terms of Use
200 km200 mi
(10-12-2010, 06:50 PM)L3g1tWa5te Wrote: [ -> ]Hey, statistics about your hacker:
General IP Information
Hostname: cpe0013f7bcb9d4-cm0013f7bcb9d0.cpe.net.cable.rogers.com
ISP: Rogers Cable
Organization: Rogers Cable
Proxy: None detected
Type: Broadband
Assignment: Static IP
Blacklist:
Geolocation Information
Country: Canada
State/Region: Ontario
City: Mississauga
Latitude: 43.15
Longitude: -79.5
Area Code:
Postal Code:
Geolocation Map
Map data ©2010 AND, Europa Technologies, Google, INEGI - Terms of Use
200 km200 mi
I'm guessing thats a domain lookup? Where did you get that?
Edit: For the link, in my website bar it starts with "xxx" ? He was trying to spread something through your account. Theres lots of things that it could have been, but the source is your email.
Sorry to hear it mate.
But i suspect the hacker would be behind a proxy and ultimately hard if not impossible to trace.
Google did protect you and thats the real bonus out of this story.
Ultimately though. You need to try find out how they hacked your account.
Was it a simple password? dictionary type password or perhaps short? These are pretty easy to hack.
Was your or is you pc compromised? Scan it and scan it heavily.
Check all other accounts for all forums and what not.
As for the url. Its a spam site.
![[Image: 12869500165328_avg.jpg]](http://www.ftw.net.au/fileuploads2/12869500165328_avg.jpg)
Glad to here you recovered your account, as for reporting, to be honest it would just fall on death ears. The user will more than likely have used a proxy, and if he didn't he would simply tell his isp someone has gained access to his ip/pc through malicious software.
But at the same time, if enough people report the same user for similar things, they may take more action.
(10-12-2010, 11:19 PM)phire nuk3r Wrote: [ -> ]But at the same time, if enough people report the same user for similar things, they may take more action.
Thats a good point actually. Enough complaints to his isp assuming its possible to obtain then it would create a wave effect of a big enough proportion to get his account banned.
(10-12-2010, 11:19 PM)phire nuk3r Wrote: [ -> ]Glad to here you recovered your account, as for reporting, to be honest it would just fall on death ears. The user will more than likely have used a proxy, and if he didn't he would simply tell his isp someone has gained access to his ip/pc through malicious software.
But at the same time, if enough people report the same user for similar things, they may take more action.
You mean fall on "def" ears?
And sometimes you can tell if they are using a proxy or not.
If you ask me, he got sniffed. Really badly like exploit lol. Do you have anything valuable worth money or something? Hackers don't target random people, they target the big corporations. More money. Like the lion doesn't eat that rat, it would eat the zebra. More meat.