Sunday, June 9, 2013

I got hacked! Now what do I do?

I got hacked! Now what do I do?

I got hacked! Now what do I do?

This is a real situation: You opened an attachment from an email that you, probably, should not have opened, and now your computer has become too slow, some strange things are happening. Does the world ends or is there something you can do to take back control of your PC?
Then somebody has been calling from your bank to tell you that there have been some strange activity on your account and your ISP does not have information on traffic information from your computer, they claim that in recent days has generated a kind of nebula.

All this means that your computer has been attacked and infected with a virus or other kind of "malware", you need to do something to prevent your files from being destroyed and also to prevent your computer from being used to attack others.
These are the basic steps you must take to return to normal after being hacked.

Isolate your computer.

To disconnect that hacker is using to "pull strings" from your computer, you need to isolate it so that it cannot communicate to others on a network. The isolation will prevent the use of your computer to attack other computers; as well as prevent the hacker continue to obtain records and other information. To do this, you must unplug the network cable from your computer and turn off Wi-Fi. If you have a laptop, surely there is a switch to turn off the Wi-Fi.
Do not rely on doing this by means of some software, as malware hacker could tell that something is off when it is actually connected, so if better to relay in the hardware aspect.

Turn off the computer, remove the hard drive and connect it to another computer as an external drive.

If your computer is at risk, you have to turn it off to avoid further damage to your files. After turning it off, you have to remove the hard drive and connect it to another computer as a secondary external drive.
Make sure the other computer has antivirus and anti-spyware both installed and up to date. In addition, you should also download a scanner Free rootkit detection from a reliable source, such as Sophos.
To make things a little bit easier, consider buying a "drive caddy" USB to connect your hard drive to another PC easier.
If you are not using a USB caddy and, instead, choose to connect the indoor unit in place, make sure that the switches on the back of the unit disk is preset as a secondary or slave drive.
If you set it as main drive, you could try to move the data from other PC to the new OS, also transferring malware and all the problems that entails.
If you do not feel confident enough to remove the hard drive on your own or do not have a spare computer, then consider the option of taking your machine to a good PC repair shop.

Scan your disk for viruses and malware.

Use anti-virus, anti-spyware and anti-rootkit from another computer to ensure detection and removal of any viruses that can damage files on your hard drive.

Back up (always) all important files hacked disk.

You want to remove all your personal data from infected disk. Copy your photos, documents, videos and other personal files on a DVD, CD, or hard drive clean.

Replace your hard drive in the PC.

Once you have ensured that your backup files has been successful, you may move the disk back to the original PC and prepare for the next part of the recovery process.
Replace disk DIP switches back to "main" or master.

Thoroughly clean the old hard drive (format it).

Although antivirus and spyware reveal that the threat is gone, still should not trust that your PC is free of malware. The only way to ensure that the unit is completely clean is to use a blank hard disk to completely clean the unit, and then re-load the operating system from a reliable means.
After you've backed up all your data and having put the hard drive back into the computer, use a disk wiping application hard to make clear the entire disk.
There are many of these applications to get free. The disk wiping applications can take several hours to completely clean a disc, and which formats all sectors of the hard drive, even the empty ones, and tend to make several passes to make sure not to skip anything.
It may seem a waste of time, but this way you will be sure that there will be nothing for review and is the only way to be sure that the threat has been removed.

Reload the operating system from a reliable source and install updates.

Use the original operating system disks that you purchased or that came with the computer, do not use any copy or a disc of unknown origin.
Use reliable means will help ensure that no virus is found in a disk operating system re-infect your PC. Be sure to download all available updates and patches for your operating system before installing anything else.

Re-install the antivirus, anti-spyware and other security software before any other action.

Before loading any application, you must load the patches and all safety-related software.
You need to make sure your antivirus software is up to date before you load other applications, whether those applications contain malware, this might go unnoticed if your antivirus is not updated.

Scan backups of your hard drive for viruses before copying them to your computer.

Even if you're pretty sure everything is clean, always scan the files data before reintroducing them back into the system.

Make a complete backup of your system.

Once everything is in perfect condition, you should make a full backup, so that if this happens again it will not take too long to reload the system.
Use a security tool that creates an image of your hard drive as a backup will help accelerate a possible future recovery immensely.
If you are not to comfortable with all this process, you can contact some trained people to do it, thing that could apply a very low rate. In this moment there is a must do it question: What if you tell me your thoughts about this matter?