Quote: "
Quote: "so now we have people with advanced hacker knowledge on TGC forum?"
Ahem. I doubt.
"
Why would you doubt this? There's a fine line between computer expert an hacker, in fact, there's really no difference at all.
For example, any computer expert knows that you should sanitize any input into a php script, especially if it uses SQL. The hacker knows this as well, they just exploit it on websites that don't sanitize their input too run their own SQL queries.
Any assembly coder knows about the security issues with machine code, stack smashing etc. The hacker just exploits this knowledge on software that doesn't protect the stack properly, and runs their own code on the system.
The Script Kiddie on the other hand is more harmless. Basically just keep all your software updated and have good AV and you're safe because they use well known exploits that can be protected against.
What haliop's friends did may not even be illegal, depending on how they did it. If they simply looked at logs on the computer, found the attackers IP, and traced it, there's nothing illegal in that [1]. Of course, if they then gained remote access to the attackers computer and found evidence, they is illegal.
But simply tracing an ip address is not always accurate,
this website says I live in Baulkham Hills, NSW, Australia. But I don't, NSW, Australia, yes, but I'm no where near Baulkham Hills. That's probably where my ISP's main server is.
Despite what I wrote about hackers, I strongly doubt a competent hacker broke into your system, more likely a skiddie, reason? Breaking into a well protected system requires 0-day exploits, which, as soon as they're are used, will obviously become known and will normally be patched up within a week. I think company's legally have to patch up known exploits within 14 day, not sure on that though.
An attacker wouldn't waste one on something like this.
You said you received an email from him, were there any links in it? Maybe attachments. This is the easiest way, especially if you've got a vulnerable version of java, which is quite likely.
If he managed to get you to install some software on your computer that was infected (easy to do), it could have connected back to his machine and given him full remote access.
Anyway, I'll stop guessing how it was done, all you really need to do is reinstall your OS (after backing up of course), reinstall your software (get latest versions), put your files back on and you're uninfected.
Too get back, you should contact the authorities.
[1]
Can you legally track an IP address
The
NEW, awesomest app on Google Play
