Tech

I’ve Been Hacked! Now What?

How to get your zombie computer back to normal without turning around?

You opened an email attachment that you probably shouldn’t have, and now your computer is slowing down and other weird things are happening. Your bank is calling you to say some strange activity happened on your account and that your ISP just “routed” all your computer traffic because they claim you are now part of a botnet. It’s all just Monday.

If your computer has been compromised and infected with a virus or other malware, you should take steps to prevent your files from being damaged and prevent your computer from being used to attack other computers. Here are the basic steps you need to take to get back on track after being hacked. Has your smartphone been hacked? This is what you should do.

Steven Puetzer/RF Photographer’s Choice/Getty Images

Quarantine your computer

In order to break the connection that the hacker uses to “pull” on your computer, he has to isolate it so that it cannot communicate over the network. Quarantine will prevent it from being used to attack other computers, and will prevent hackers from continuing to gain access to files and other information. Unplug the network cable from the PC and turn off the WiFi connection. If you have a laptop, there is usually a switch to turn off Wi-Fi. Don’t rely on software to do this, as hacker malware can tell you there’s a problem while it’s still plugged in.

Shut down and remove the hard drive

If your computer is affected, shut it down to avoid further damage to your files. After shutting it down, you need to remove the hard drive and connect it to another computer as a secondary non-bootable drive. Make sure the other computer has the latest antivirus and antispyware software installed. You may also want to download a free spyware removal tool or a free rootkit scanner from a reputable source like Sophos.

To make things even easier, consider using a USB drive cage to hold your hard drive for easy connection to another PC. If you are not using a USB enclosure and choose to connect the drive internally, make sure the DIP switch on the back of the drive is set to secondary. If it’s set as the primary drive, you can try to boot another PC into its OS and everything will probably crash.

If you’re uncomfortable removing the hard drive yourself, or you don’t have a spare computer, you can take your computer to a local reputable PC repair shop.

Scan your drive for infections and malware

Use the other host PC’s antivirus, antispyware, and antirootkit scanners to ensure that any file system infections on the hard drive are detected and removed.

Backup your important files from previously infected drives

It will want to extract all your personal data from the previously infected drive. Copy your photos, documents, media and other personal files to a clean DVD, CD or other hard drive.

Move the drive back to the PC

After confirming that your files were backed up successfully, you can restore the drive to your old PC and prepare for the next part of the recovery process. Also set the device’s DIP switch back to the main switch.

Completely wipe old hard drives

Even if virus and spyware scans show that the threat is gone, you should still not rely on your PC to clean up malware. The only way to ensure a completely clean drive is to use a hard drive wipe utility to completely wipe the drive and then reload the operating system from trusted media.

After you have backed up all your data and put the hard drive back into the computer, use the Secure Drive Erase utility to completely wipe the drive. There are many free and commercial disk wipe tools available. Disk wipe utilities can take hours to completely wipe a drive, as they overwrite all sectors of the hard drive, even empty ones, often through multiple passes to ensure they don’t miss anything. It may seem slow, but it ensures that no effort is spared and is the only way to ensure you eliminate threats.

Reload the OS from trusted media and install updates

Use the original operating system disc that you purchased or that came with your computer, and do not use discs copied from elsewhere or from unknown sources. Using trusted resources helps ensure that viruses on a damaged operating system disk cannot reinfect your PC.

Make sure to download all updates and patches for your operating system before installing anything else.

Reinstall antivirus, antispyware, and other security software

Please upload and patch all security-related software before uploading any other applications. Make sure your antivirus software is up to date before loading other applications, in case those applications contain malware that may go undetected if their virus signatures are not up to date.

Scan your data backup drive for viruses

Even if you are pretty sure everything is clean, you should always scan your data files before re-entering them into your system.

Take a full backup of your system

Once everything is in perfect working order, you should make a full backup so that if this happens again, you don’t have to spend too much time reloading the system. Using a backup tool that creates a bootable hard drive as a backup will greatly speed up future recovery.

Content

I’ve Been Hacked! Now What?

How to turn your zombie PC back to normal without cutting off its head

You opened an e-mail attachment that you probably shouldn’t have and now your computer has slowed to a crawl and other strange things are happening. Your bank called you saying there has been some strange activity on your account and your ISP has just “null routed” all traffic from your computer because they claim it is now part of a zombie botnet. All this and it’s only Monday.

If your computer has been compromised and infected with a virus or other malware you need to take action to keep your files from being destroyed and also to prevent your computer from being used to attack other computers. Here are the basic steps you need to perform to get back to normal after you’ve been hacked. Was your smartphone hacked? Here’s what to do.

Steven Puetzer / Photographer’s Choice RF / Getty Images Isolate Your Computer

In order to cut the connection that the hacker is using to “pull the strings” on your computer, you need to isolate it so it can’t communicate on a network. Isolation will prevent it from being used to attack other computers as well as preventing the hacker from continuing to be able to obtain files and other information. Pull the network cable out of your PC and turn off the Wi-Fi connection. If you have a laptop, there is often a switch to turn the Wi-Fi off. Don’t rely on doing this through software, as the hacker’s malware may tell you something is turned off when it is really still connected.

Shutdown and Remove the Hard Drive

If your computer is compromised you need to shut it down to prevent further damage to your files. After you have powered it down, you will need to pull the hard drive out and connect it to another computer as a secondary non-bootable drive. Make sure the other computer has up-to-date anti-virus and anti-spyware. You should probably also download a free spyware removal tool or a free rootkit detection scanner from a reputable source like Sophos.

To make things a little easier, consider purchasing a USB drive caddy to put your hard drive in to make it easier to connect to another PC. If you don’t use a USB caddy and opt to connect the drive internally instead, make sure the dip switches on the back of your drive are set as a secondary drive. If it is set to primary drive it may try to boot the other PC to your operating system and all hell could break loose again.

If you don’t feel comfortable removing a hard drive yourself or you don’t have a spare computer then you may want to take your computer to a reputable local PC repair shop.

Scan Your Drive for Infection and Malware

Use the other host PC’s anti-virus, anti-spyware, and anti-rootkit scanners to ensure detection and removal of any infection from the file system on your hard drive.

Backup Your Important Files From the Previously Infected Drive

You’ll want to get all your personal data off of the previously infected drive. Copy your photos, documents, media, and other personal files to DVD, CD, or another clean hard drive.

Move Your Drive Back to Your PC

Once you have verified that your file backup has succeeded, you can move the drive back to your old PC and prepare for the next part of the recovery process. Set your drive’s dip switches back to primary as well.

Completely Wipe Your Old Hard Drive

Even if virus and spyware scanning reveals the threat is gone, you should still not trust that your PC is malware free. The only way to ensure that the drive is completely clean is to use a hard drive wipe utility to completely blank the drive and then reload your operating system from trusted media.

After you have backed up all your data and put the hard drive back in your computer, use a secure disk erase utility to completely wipe the drive. There are many free and commercial disk erase utilities available. The disk wipe utilities may take several hours to completely wipe a drive because they overwrite every sector of the hard drive, even the empty ones, and they often make several passes to ensure they didn’t miss anything. It may seem time-consuming but it ensures that no stone is left unturned and it’s the only way to be sure that you have eliminated the threat.

Reload the Operating System From Trusted Media and Install Updates​

Use your original OS disks that you purchased or that came with your computer, do not use any that were copied from somewhere else or are of unknown origin. Using trusted media helps to ensure that a virus present on tainted operating system disks doesn’t reinfect your PC.

Make sure to download all updates and patches for your operating system before installing anything else.

Reinstall Anti-Virus, Anti-Spyware, and Other Security Software

Before loading any other applications, you should load and patch all your security related software. You need to ensure your anti-virus software is up-to-date prior to loading other applications in case those apps are harboring malware that might go undetected if your virus signatures aren’t current

Scan Your Data Backup Disks for Viruses

Even though you are fairly certain that everything is clean, always scan your data files prior to reintroducing them back into your system.

Make a ​Complete Backup of Your System

Once everything is in pristine condition you should do a complete backup so that if this ever happens again you won’t spend as much time reloading your system. Using a backup tool that creates a bootable hard drive image as a backup will help speed up future recoveries immensely.

#Ive #Hacked

Trả lời

Email của bạn sẽ không được hiển thị công khai. Các trường bắt buộc được đánh dấu *

Back to top button