Sorry if this is not suitable for oot, but I want to warn as many 2p2ers as possible. I'm also kind of shaken up right now at the prospects of what could have happened so, please, bear with me:


Last week I hadn't used neteller for a few days. On friday evening I attempted to log in and it said my account had been closed due to security reasons.

I give them a call today and start talking to security personel. They ask me about the last transaction I can remember. I tell them and they ask if I remember depositing $1000 with a credit card last Wed. I tell them no. They ask me for the last 4 digits of my CC. It doesn't match.

They explain that most likely my account was hacked using a virus that tracked my keystrokes. The credit card used to deposit was stolen but they were not able to make any merchant purchases before the account was frozen.

The security guy explains that most likely it was a variation of a virus called MYTOB. Now, keep in mind, I have a 2 week old laptop with all the current virus-stuff, firewlls, etc.

I am honestly pretty freaked right now. I did not think this could happen so easily. I'm at a loss for words. I do not want to open up another neteller. If anyone has any info about the virus or something like this, please give me as much info as possible, I will update when my head is more clear.

what browser, virus-stuff are you using?

Sounds like you got a nasty one:

http://securityresponse.symantec.com/avcenter/venc/data/w32.mytob@mm.html

Quick and dirty - replicates through e-mail or file sharing; can log keystrokes, steal cached passwords, and anything related to keywords such as "ebay, bank, credit" etc.

Recommend you use the removal tool found on that webpage and check all your bank accounts for activity. Also suggest changing all passwords after running removal tool (while unplugged from the internet.)

May want to post this in computer / tech help too. Sorry man.

ScottieK

That sucks, dude. Is it not possible that the hack was done on whatever computer you used prior to getting the new laptop?

[ QUOTE ]
They explain that most likely my account was hacked using a virus that tracked my keystrokes

[/ QUOTE ]

http://www.roboform.com/

Do you use encyption for your wireless conections?

i use firefox, have nortons and microsoft spyware. i don't use any sort of file transfer service and use gmail (i have opened 0 unknown emails in the past month).

i use a wireless connection, could these have anything to do with it?

It could, but it would be unlikely. Someone in the range of your connection would have to know what they are doing, and you would have to be using an unsecure connection.

[ QUOTE ]
i use firefox, have nortons and microsoft spyware. i don't use any sort of file transfer service and use gmail (i have opened 0 unknown emails in the past month).

i use a wireless connection, could these have anything to do with it?

[/ QUOTE ]

I would bet that this is most likely the cause (wireless). If you run virus/spyware programs, and dont mess around with email too much, or at least safely it was probably a wardriver/neighbor that did it. take a look at cain and abel, you will be able to monitor how many computers are associated, but most likely they passively sniffed everything. So get encryption for the wireless net.

if you live close enough and dont encrypt your traffic totally can, even if you have a firewall your wirless traffic it self can be intercepted and decoded.

[ QUOTE ]
i use a wireless connection, could these have anything to do with it?

[/ QUOTE ]

Extremely doubtful.

Edit to mean doubtful that was how a virus could have been planted on your computer.

Waitaminute - someone hacked into your neteller and deposited $1000?

with stolen credit cards, yes. they attempted to spend it somehwre but neteller froze it.

[ QUOTE ]
I do not want to open up another neteller.

[/ QUOTE ]

I would think you would be impressed with their quick security, and would be more likely to stay with them as a result of their protective and speedy action on your behalf.

[ QUOTE ]
[ QUOTE ]
I do not want to open up another neteller.

[/ QUOTE ]

I would think you would be impressed with their quick security, and would be more likely to stay with them as a result of their protective and speedy action on your behalf.

[/ QUOTE ]

When I read the OP, I thought, cool, those dorks at Neteller rock. They're able to protect me even if I do really dumb stuff and get my passwords stolen!

Perhaps OP has another reason to be scared of opening another Neteller acct?

[ QUOTE ]
what browser, virus-stuff are you using?

[/ QUOTE ]

salty, just STFU. ok?

duder, this sucks. i am going to buy roboform after reading this. while i am not glad this happened to you of course, it is eye opening and hopefully will show others that net security is a serious issue.

i thanked the security profusely.

how am i not supposed to feel uncomfrtable after this happened so easily? the reason the account was put on hold was because they purchased money with stolen credit cards from an unfamiliar ip. had i had a lot of cash laying around they easily could have made purchases from random internet merchants without neteller noticing immediately.

I /images/graemlins/heart.gif Roboform. Been using it for about 4-5 years after some user at where I worked was using gator (which is/was spyware). Everyone who I turned on loves it. Whats nice is you can grab the file too and say you wanted to use it at work or anotehr laptop you can too, firggn rocks. Get the pro version, integrates well with Firefox and IE.

To Add the Pass2go device looks pretty sick too...

[ QUOTE ]
i thanked the security profusely.

how am i not supposed to feel uncomfrtable after this happened so easily? the reason the account was put on hold was because they purchased money with stolen credit cards from an unfamiliar ip. had i had a lot of cash laying around they easily could have made purchases from random internet merchants without neteller noticing immediately.

[/ QUOTE ]

from what i have read, neteller is really good with noticing when somebody other than the account holder is attemting to make transactions. i would just get a new account with them, make sure that virus is off your computer and invest in roboform. what else can you do?

yash- are you trying to imply something?

sublime- yes, this was very eye opening for me as well. i thought i did a good job of protecting myself, too.

evan- thanks, i will be getting that asap.

all- regarding wireless- would it be possible just to get my passwords over an unprotected wireless source without giving my computer a virus? i am going to call linksys support and ask them to help me set up my wireless router to highest possible security. should i feel comfortable with that?

yash- are you trying to imply something?

i dont think he was, but flame him anyways.

I got hit for 5K about 2 years ago thanks to a keylogger.

Nasty buggers.

[ QUOTE ]
yash- are you trying to imply something?

sublime- yes, this was very eye opening for me as well. i thought i did a good job of protecting myself, too.

evan- thanks, i will be getting that asap.

all- regarding wireless- would it be possible just to get my passwords over an unprotected wireless source without giving my computer a virus? i am going to call linksys support and ask them to help me set up my wireless router to highest possible security. should i feel comfortable with that?

[/ QUOTE ]

Technology is a dangerous thing in the hands of someone who is ignorant about what they are using. It wasnt a virus, basically what you setup allws anyone with a laptop to drive by your house and monitor every and anythign that happens on any of your computers/network.

[ QUOTE ]
[ QUOTE ]
yash- are you trying to imply something?

sublime- yes, this was very eye opening for me as well. i thought i did a good job of protecting myself, too.

evan- thanks, i will be getting that asap.

all- regarding wireless- would it be possible just to get my passwords over an unprotected wireless source without giving my computer a virus? i am going to call linksys support and ask them to help me set up my wireless router to highest possible security. should i feel comfortable with that?

[/ QUOTE ]

Technology is a dangerous thing in the hands of someone who is ignorant about what they are using. It wasnt a virus, basically what you setup allws anyone with a laptop to drive by your house and monitor every and anythign that happens on any of your computers/network.

[/ QUOTE ]
How hard is it for someone driving by to decode encrypted information?

[ QUOTE ]
[ QUOTE ]
[ QUOTE ]
yash- are you trying to imply something?

sublime- yes, this was very eye opening for me as well. i thought i did a good job of protecting myself, too.

evan- thanks, i will be getting that asap.

all- regarding wireless- would it be possible just to get my passwords over an unprotected wireless source without giving my computer a virus? i am going to call linksys support and ask them to help me set up my wireless router to highest possible security. should i feel comfortable with that?

[/ QUOTE ]

Technology is a dangerous thing in the hands of someone who is ignorant about what they are using. It wasnt a virus, basically what you setup allws anyone with a laptop to drive by your house and monitor every and anythign that happens on any of your computers/network.

[/ QUOTE ]
How hard is it for someone driving by to decode encrypted information?

[/ QUOTE ]

i wonder if it matters if they have a convertable or not

[ QUOTE ]
[ QUOTE ]
[ QUOTE ]
yash- are you trying to imply something?

sublime- yes, this was very eye opening for me as well. i thought i did a good job of protecting myself, too.

evan- thanks, i will be getting that asap.

all- regarding wireless- would it be possible just to get my passwords over an unprotected wireless source without giving my computer a virus? i am going to call linksys support and ask them to help me set up my wireless router to highest possible security. should i feel comfortable with that?

[/ QUOTE ]

Technology is a dangerous thing in the hands of someone who is ignorant about what they are using. It wasnt a virus, basically what you setup allws anyone with a laptop to drive by your house and monitor every and anythign that happens on any of your computers/network.

[/ QUOTE ]
How hard is it for someone driving by to decode encrypted information?

[/ QUOTE ]

depending on what kind of setup you want to go with, anywhere from trivial to impossible. my advice dont listen to dlink, and do your own research.

Is that roboform thing with the USB thingy really as sweet as it sounds? Then again if they get ahold of that couldn't they get ahold of everything related to your computer?

[ QUOTE ]
Is that roboform thing with the USB thingy really as sweet as it sounds? Then again if they get ahold of that couldn't they get ahold of everything related to your computer?

[/ QUOTE ]

what would be the benefits of getting the USB thing? it costs more, why? i have no idea about this stuff. i suppose you could use it and then have all your passwords on any computer.

[ QUOTE ]
Waitaminute - someone hacked into your neteller and deposited $1000?

[/ QUOTE ]

I am looking around to try to download the mytob virus as we speak!

~D

Update: I ran a virus scan with Nortons and it found nothing. I then downloaded the program FixMYTOB and ran a system scan/recovery and it found nothing.

I got a little perturbed and more paranoid about my wireless connection. I called Linsys support and asked them to make sure that my wireless security was as high as possible. It was currently set at "disable" (when previously configuring the router for my homes three computers they told me to disable it and we never went back... WTF!). My current security is now WPA, the highest possible they said.

I then downloaded AVGs free edition. This scan finally found something! It found a trojan horse called SDBOT (irc/backdoor.sdbot.ltg). It seems do the same things as the MYTOB and I am hopefully assuming this was the cause for the rape of my computer's security.

I am now working on changing my passwords, a pretty big hassle considering how many I have. This whole situation has been pretty eye-opening and I encourage everyone (especially those that are dealing w/ a lot of cash on neteller) to take as many precautions as possible.

I still have no clue as to how I got this virus and that is frustrating as well.

you can set master passwords in roboform, without that the data is useless

[ QUOTE ]

I then downloaded AVGs free edition.

[/ QUOTE ] AVG rules. I recommend everyone get it.

[ QUOTE ]

How hard is it for someone driving by to decode encrypted information?

[/ QUOTE ]

Not hard at all. They could sniff the packets out of the air, or connect to your network and sniff the packets from there. However, neteller and all reputable poker sites are ssl encrypyted which means that if they got your neteller information they either got into your emailj (very possible) or they used a keylogger (also pretty easy).

I doubt that the problem is your wireless connection, I bet that it has a lot more to do with a virus/worm/keylogger on your current machine or some other machine.

My best guess is the thief got hold of a CC whose owner had the same name as the OP.

The scam would then be to deposit the CC cash into a poker site and dump the chips to a friend.

However, this theory does not explain why the hacker didn't simply use the CC directly at a pokersite.

What are you talking about? I already explained what happened. I got a trojan horse that logged my keystrokes allowing the to find my PWs.

i got my neteller account hacked by a keylogger a little over a year ago when i used to post on rgp that someone sent me.

luckily i got all my money back because it wasn't much ($200)

[ QUOTE ]
[ QUOTE ]

I then downloaded AVGs free edition.

[/ QUOTE ] AVG rules. I recommend everyone get it.

[/ QUOTE ]

I use Avast!, very happy with it. Also free.

Please describe more on Roboform, and I assume you are suggesting that everyone on 2+2 should use this?

If I learned anything from working at an ISP, no traffic is safe. A virus can watch key strokes, or your intenret packet (esp unencrypted wireless) can easily be sniffed.

Ok here is the poop: Never do any sort of banking wirelessly. If you do I can read it. You are using a radio frequency to connect to the router that ANYONE in the area can pick up. Even if it is encrypted, if I record your key strokes I can figure out what you are sending. 128 bit encryption is not infallible. There are also a ton of other thing a hacker can do. The easiest to do especially if you have a password set up for your wireless connection would be to spoof your router. This is how they do it. They find out why kind of router you have, very easy to do, send out a spoofed log in window that looks exactly like your normal log in. You type in your user name and password, it says "You password is wrong please try again" and then they swap back to your real router. You just gave them your user name and password and they can see EVERYTHING you broadcast from that point on. People do this a lot in coffee shops because its so easy to do.

So in the future DON’T bank over your wireless and you will be safe.