Hacked

[lukeeales]

My hotmail and namecheap accounts have been hacked, they share a password, neither of which will let me log in.

Can anyone suggest a way of contacting hotmail? my secret question has been changed. am i f--ked?

 

[stuff]

am i f--ked?

Looks like it.
better start changing domain passwords, if You where using email in whois info.

 

[NameAlot.com]

Contact namecheap, if you're able to verify the credit card number used for your purchases amongst other details, you should be fine...

With hotmail, I would recommend doing a "forgot password" request and chances are, if the theif hasn't changed any details yet, your password could be sent to the alternative email account for a reset...

Hope this was helpful... Good luck

 

[lukeeales]

I have regained control of a lot of stuff, barring Namecheap and my inbox. Would you recommend I cancel my card at Namecheap? I always use Paypal to add funds, but there is an option for direct bank transfer?

 

[Bender]

contact namecheap for now, forget about hotmail.
also change the password if you used it for any other sites

 

[lukeeales]

I cancelled my card and am fixing passwords now. Interestingly, they changed the FTP password to one of my websites. Now, my inbox contains nothing that should point them towards this site. This means the perpetrator knows what sites I own; and I have a fair idea who it is.

 

[Bender]

if he knows that much, and you used the hotmail address to signup to some other sites, he might use the passwod recovery to get into other sites as well.
You'll have a busy day, funny how hackers work on week-ends...

 

[actnow]

You'll have a busy day, funny how hackers work on week-ends...

The minute I see anything happening strange on a weekend, I immediately act.

The hackers know that busy people are not around much on weekends.

Nor are the companies you need to contact.

It has been stated many times on the forums, hotmail and similar free services
are the weakest link in the security of your domains.

 

[lukeeales]

According to Namecheap, my Namecheap contact email address has been changed to "[email protected]". If that means anything to anyone, or you find any dirt, please post in here.

 

[jdk]

I hope everything works out well Luke. Let us know if you need any assistance.

 

[lukeeales]

Thanks jdk. I just found that ZangoCash activeX has been loaded onto the site. I'm trying to their their ID banned from the ad network, but if what I hear is true, activeX sites won't give a crap.

 

[MrDude]

Hey luke, I gotta run right now but ill speak to you on aim as soon as I get back.

I might be able to help.

Paul

 

[tas38]

You are using the #1 email target for hackers, and remember use a super long password. That would take many moons to brute force, the one I use would take more then a 100 years for them to get.

 

[MrDude]

You are using the #1 email target for hackers, and remember use a super long password. That would take many moons to brute force, the one I use would take more then a 100 years for them to get.

Unless...They got your password another way?
Keyloggers?
Sniffers?
There are lots of programs a hacker can use, including trojans!

 

[tas38]

That is true, but alittle safty can go a long way. Hackers kept hitting my computer, and put viruses on it as well. Then I closed the door, by getting a hardware firewall up and running. They kocked out my system 3 times before the firewall, and they have kocked out my system 0 after it was in place.

They can still hack a system with a hardware firewall, but it's very unlikely they will go through the bother. When they got tons of easy targets, that they can hit much easier for sure. The harder you make it, the more unlikely they will keep at it true.

 

[lukeeales]

It appears the domain Sengo.com has been hijacked. I am waiting for America to wake up before I call my registrar. I have already contacted the webhost they moved Sengo to.

 

[tas38]

GOOD to see you are getting control over your account again, I hope you get your domain back with out any trouble.

 

[BLazeD]

Sorry to hear all this - let us know the outcome

 

[labrocca]

ah jeez..sorry to hear this Luke. PM me about who you think this is and anyway I can help you.

I wish you had sent me a PM right away...I would have helped as much as possible. You always been a good person to deal with. It sucks this happened to you.

My advice is to ditch hotmail service or any free email service. If you need to get a domain to use strictly for your whois like sengo.com.

For anyone else with issues like this the first thing you do if you have a registrar account compromised is to make sure to DENY any transfers. If your email was changed you won't be aware that a transfer is taking place. contact the registrar asap and tell them you want to lock all domain and cancel any transfers out.

bah...

 

[lukeeales]

Catalog.com just got back to me - their response was simply "Go to ICANN.org". This is disgraceful, I'm expected to pay thousands of dollars for a UDRP, when if the company had any sense they could simply check the whois history and make a f-cking effort to verify me. This is b-llshit.