Beware of Computer Highjackers...
I've just had my PC highjacked while doing some innocent browsing in Google and my PC no longer belongs to me.
To begin, I have an IBM Thinkpad R40 running XP Professional. BlackIce is installed and runs in paranoia mode (because I'm paranoid) Gibson's 'Shields Up' site can't see it, so the stealth presumably works at full strength. My Norton virus definitiion file was last updated on 07/04/2004 and was set, as usual, to auto-protect mode.
My niece is thinking of taking up a job offer in Qatar so I looked the place up in Google and clicked on the first country information site in the list. Blackice went into an immediate frenzy, so I hit the back button and had a look at the record - something like 23 hits in the time it took from the first audio alarm until getting back to Google. No harm seemed done and all hits were indicated as blocked so I continued the session and shut down when finished. Next day when I fired up the PC I found that I couldn't sign in. Three shots at my password and then I was locked out, so I shut down and tried starting up again. This time my name had disappeared from the list of users and was replaced with an anonymous Administrator account. I logged in as administrator without needing a password and the PC booted to a blank desktop with only three icons - IE, Trash and My PC. I went into control panel, turned off system restore and ran a virus check - nothing found. I then reset system restore, and did a restore that brought me back to 25 March. Upon rebooting, my account appeared as usual and I logged in successfully using my old password. Then I tried resetting my password, but a message says that my new password doesn't meet the password criteria, although it clearly does - ten characters including upper and lower case, numbers and symbols. I tried different combinations all to the same effect; I cannot change my password. After shutting down the PC and rebooting again I found myself back to square one - user name missing from the user list and replaced by an anonymous Administrator account which requires no password. Leaving the password blank, I logged in and repeated the above process - with the same result.
Someone else now 'owns' my pooter and I can't safely use it on the internet any more. The paranoid firewall was useless and so was the bang up-to-date virus protection. Does anybody have any idea what is happening? Visit an innocent looking site, and bang! - your computer is no longer yours to play with. If hackers can so easily work around firewalls and virus protection the Internet seems far too dangerous a place to be anymore....
Does this mark the end of the Internet as we know it?
Last edited by Blacksheep; 12th Apr 2004 at 08:12.