I'm under heavy Cyberattack.

contrasia
contrasia Posts: 3 New Member

I have been under heavy cyberattack for a long time now. I bought F-Secure sense in the hopes it'd be able to stop it, but in the latest attack it shows no sign of seeing it at all. 

 

So in the latest one it could either be a compromised network or a harmless port scan. I got hit 3 times, and in the traffic analysis it reports the XFER Utility was used. Does F-Secure Sense use the XFER Utility during setup, or has my network been compromised already on it's first day?

 

Cyberatks(Edited).pngXFERLogged(Edited).pngaccording to IBM the IPs used in the attack are only scanning at the moment. Last time I ignored them though it turned into a DDoS and Botnet attack. 

 

You can see by the weird graph how much I was trying to stop the attacks.

Original Cyberatk Server continues(Edited).pngI don't know a great deal about networks, or cyberdefence or anything. I'm just a guy at home who works in the IT sector. I don't own a business, this is entirely on my home network. Can you confirm if the XFER Utility was the F-Secure Sense that I now have installed, and if it worked, or if it failed to see this attack and my network might have been compromised again? The app reports zero detections at the moment.

 

edit: Removed some identifying information.

Comments

  • contrasia
    contrasia Posts: 3 New Member

    update: The network was compromised. They used a near zeroday vunerability, the same one that was used against Facebook. Once they broke past the router, and the F-Secure Sense, they had remote access for about 8hrs whilst I was asleep. When I got to my PC in the morning there were several save as and a few open as dialogue boxes open on the desktop.

     

    All my credentials had been stolen, and they had free roam overnight so I have no idea what else they could've done.

  • contrasia
    contrasia Posts: 3 New Member

    Thankyou for responding.

    I shall do as mentioned, thankyou for pointing me in the right direction. I hope the issue can be resolved, and that any information exchanged can help even if in some small way, to improve your services further to secure everyones networks.

     

    Thankyou again for responding, I really appreciate your advice during this difficult time.

  • flour
    flour Posts: 1 New Member

    There is a security risk using bluetooth, so to configure a router via bluetooth is.....

    Port 5555 is maby open , malware like that port. on Sense.

    Do a hard reset and, dont trust Sense for all your connection.

    Se that every thing is wiped and dont even use wifi for serius work.

    You have to build layer upon layer, and vlan 1 for netflix and spotify apple tv and vlan 2  on secure layer 

    mabyy Sense and and a vpn unify .

    Always stay on vpn, best is to have it on your router and your computer.

    Spofe mac ID . It tells the hacker what kind of router you use , firs 6 digits tells it .

    Port mirroring with a switch 

    Even then ther is aways a chanse that they will comprimise you.

    But some kind of watchdog and Hips , So you see the ip and ports that they use.

    Rent a hacker and make him test your network. He will also guide you in a trace if he is good

     

    axelflour@outlook.com

     

    Axel

     

This discussion has been closed.