http://www.techtimes.com/articles/98427 ... sponse.htm
http://www.webroot.com/us/en/business/r ... ce-devices
http://www.computerworld.com/article/29 ... tbwcw.html
http://www.digitaltrends.com/mobile/and ... hack-news/
http://www.forbes.com/sites/thomasbrews ... -and-macs/
and
https://www.google.com/webhp?sourceid=c ... wirelessly
These are the good'ol days
Originally Posted by bucknaway
Read your own quoted articles. All of these exploits involve using out dated software on your phone. Keep your phone operating software up to date and you have little to worry about,
I guarantee that it wasn't from the Bluetooth vulnerability.
My guess: You used a public computer in a hotel lobby or cyber cafe to log in and check your email. Or you used a friend's computer. And that computer had a keylogger virus on it. Thus, your email account was compromised.
Or, you used a free wifi connection somewhere and logged in to Gmail without using SSL ( you used http instead of https ). And your email account was compromised.
Or you used your own computer to log in to your gmail.... and it has a keylogger virus on it.
Whatever you do.... Go to a known "clean" computer and change your email password.... NOW. They very likely still have access to your email account.
check out http://gaysexthailand.com every day
Sounds possible but it has been months since I have had to enter my G-mail password.
The public wifi... Now that is possible. I do know that what is done on public wifi is not private and once you connect to a public wifi spot it is nothing for someone to set up a copy wireless connection with the same name that will allow your phone to connect and once they have access.... Well... anything is possible.
The other security flaw was with the Samsung galaxy phones itself related to the samsung OEM apps, but I can't find that info now. I think I may have heard it on the security now vlog on the twit network or it may have been one of the all about android episodes.
These are the good'ol days
Nice to see that the OP is coming around to the idea that he may have been "hacked" somewhere else other than in Pantip
Like CameronCat, IT security is what i do for my career... and i like to think i am good at it!
Hacking is not like the movies or "24" and there are no computer prodigys in Pantip waiting to hack people bluetooth connections in real time... Hacking take time!
The most likely source of the hack is a "man-in-the-middle" attack, probably over a hotel or public wifi
In the MITM attack the wireless router that you are connected to (in a hotel or public wifi) fakes the SSL cert of your destination website...
By doing that it can then obtain your passwords in clear text, but at the same time proxy'ing them on to the real website to make it feel like you are getting a real experience...
Remember that time you told your device to treat the Wifi like a "trusted zone?" == Gotcha!
How do i know this?
Because EVERY employer or Wifi can do the same, as long as they have a WAF (Web Application Firewall) or Proxy in their office (which most corporate employers will have by default these days) which is capable of spoofing the SSL cert, of course the average emploee is oblivious to this...
But most employers who are security concious try to teach their employees to be security concious... and not even trust their employer....
Buffalo me die! Send Money!
I've no idea whether this will help you going forward, but I subscribe to HideMyAss https://www.hidemyass.com a virtual private network (VPN) which encrypts your computer, tablet and phone comms. through its servers. It also lets you spoof where you are located. If you keep an eye out during Black Friday тАФ Cyber Monday, they usually offer the annual subscription at half-price, in the past c. $40.
They also have a free service at https://hidemyass.com/proxy which you can use via a web browser.
If it helps anyone, for VPNs I can recommend http://nordvpn.com/ -- they even take Bitcoin bucky, so you can spend your $12 there.
I now have $13.21 in Bitcoin. I just hired a 24-hour guard to keep them safe I'm going to go out and buy a gun later today. No one will be stealing my Bitcoin !
These are the good'ol days
Remember that VPNs are only as trustworthy as..... well... as the VPN itself is. The out-point of the connection is readable by the VPN company itself.... so you must choose a VPN company that you really trust.
( If you are ever doing anything where you require anonymity, you will need to use the Tor Browser.... and learn how to use it correctly and safely to stay anonymous. )
check out http://gaysexthailand.com every day
To fake a destination website sounds like hard work. How common is this ?
Posting Permissions
Reply With Quote