Got a call from a long-time client of mine. She said “Justin! Call me immediately!” Took me a little bit to get back to her, and I told her I could fix it remotely. She said that would be fine had the bank not already told her to shut down her computer and not turn it back on. They closed her accounts and made her open new ones after she told them that she had an order for Norton LifeLock for $499 and an Amazon gift card for $100. Luckily, she caught the order emails in time and the money didn’t come out… here’s where it gets good.
THERE WAS SOMEONE USING THE SAME REMOTE ACCESS TOOL I USE AS A HACKING TOOL. Whoever they were changed the default splash screen to a screen that would say “please wait while we are updating your computer” and keep you from doing anything other ctrl+alt+del to try to bring up Task Manager.
So anyway, I did just that, hit c+a+d and was going to click on Task Manager… and my customer kept clicking CANCEL on me before I could get to task manager…I messaged her the fourth time and told her to PLEASE QUIT CLICKING that cancel button me. I got so mad and was cussing, and even punched my Magic Trackpad I was getting so livid.
She then messages me back on Facebook after I ask her to stop and says “I’m not clicking it” so I was like hmmm… okay sure… then it stops happening and I’m able to do stuff again, because they were letting me (I didn’t know any of this at the time) so I proceed to download MalwareBytes, SuperAntiSpyware and Spybot Search and Destroy to try to find what tool/malware was installed. I didn’t know for sure anybody was in remotely at this point.
So, I go through my scans, this takes like 4 hours because I guess this clown is running who-knows-what on her computer to run their fraud scheme and slowing it down to a complete CRAWL. It finds like 200 items, and I remove them all. Everything seems kosher at that point, so I tell her it should be clean and good to go… write a letter saying her computer is safe because she said her bank said she had to have something to reactivate her online banking accounts.
I then send her the bill… and as she’s reading it, she tells me AMAZON came back up again and they are checking the status of the $100 Amazon gift card, and I mean INCESSANTLY checking and then closing the browser, then opening it and checking again. So I get in on my backend part of my remote software and find that there are three instances of my remote software running, and it looked fishy, so I kept digging.
I went into Windows Services and checked all the services running for my remote software and find one instance that isn’t running from C:\program files where mine is running. It’s instead in a folder called something like KJHSDKFjh513Dfhg\aslkdjas\sdfjhasdf.sfj\sx.cone_ex.g912uhlas or something like that, and I’m thinking “CAUGHT YA!!!!”
So I proceed to open a notepad and taunt this guy. HE WRITES BACK! HE ACTUALLY WRITES ME BACK RIGHT IN FRONT OF MY CUSTOMER. I told him that I was putting it there to taunt him before I block him and delete his software.
He writes back “ok sir but only one option Im go ever can” and then NOTHING. I was in the backend suspending his instance of my remote software. I had to get him doing stuff so that I could see if I actually killed his connection to her computer, so taunting him seemed like a good idea, and it worked. So there he was, mid sentence and just stops… so I watched the computer for 90 minutes after that, and even typed more things to put him on tilt, because I figured if I could do that, he’d be stupid enough to keep showing his presence vs hiding in the shadows. Needless to say, either he is taking a hiatus (he’s not, I blocked him) or he’s gone for good. I have screen recorded her screen all night watching for the mouse to move a pixel, but nothing. So she’s good again. And that’s my story. Thank you for coming to my Ted Talk.
I’m just proud of myself for beating a hacker. It was so cool. Had my testosterone and adrenaline pumping like some dickhead on 79 just tried to pass me in the slow lane while I’m passing someone, thinking they were going to zip in front of me. Damn, that grinds my gears and almost gives me a heart attack every time. LOLOLOL
Here, check out the attached screenshot. LOL
What a joker. I felt like the scene in the movie Hackers where Kate Libby and Dade Murphy are fighting to pick a VHS on the automated cable TV system. I should have wrote “mess with the best, die like the rest” like he did. HAHA