Well, for those who dont know or not aware, my google account was hacked by somebody in UTP. Here are the investigation report:
Attack type: Sniffing
Attack media: WIFI or LAN
Damage: Some personal info disclose, some accounts password was changed, annoy email to all contacts, annoy Gtalk shoutout created
Damage rating: 4 stars (5 star max)
Attack flow: Suspected two Google accounts of mine been sniff through network (WIFI or LAN) and cookies was captured. Intruder somehow with the sniffed cookies enter my account and change both of my Google account password. Immediately after obtain permits into my account, intruder view chat logs and email kept and changed shoutout in gtalk, retrieve other account password linked with gmail via forget password feature.
Recovered: Thanks god that recovered my account via??? Thank you.
A login log confirms intruder is a UTP-ian as
Intruder use forget password and obtain new password
Intruder login with the new password (Login details logged here)
I recover the account and found the login IP was UTP LAN IP.
Solution: Kindly be careful when access your Gmail. Use https instead of http.
Last but not least, shame on you as a UTPian.
Subscribe to:
Posts (Atom)