was successfully added to your cart.

WordPress hack attempts.

By | Case Study !, Hacking | No Comments

One of the given perils of this business is you become prime target for hack attempts. A quick look at the history of security companies (From RSA to recent hacking team) shows that, it is imperative to  expect successful and unsuccessful hacks.  So we weren’t surprised when we got the below alert last week from word press.

word press alert

word press alert

The IP turned out to be from a very well know hotel in Kansas. They advertise complementary wifi in hotel rooms, lobbies and coffee shops. It is very hard to say weather the hacker is a resident of the hotel, an insider, a bot or some hacker sitting in their coffee shop. We did the prudent thing to do, sent the “hotel contact” a detailed information of the alert. Hope that will lead them to something that they can fix.

Coming back to the hack itself, the fact that saved this site from further damage is the security settings that wordpress provides. We have limited the login attempts to bare minimum. We have also taken all the security precaution possible (except hiding the wp-login link, which we have corrected now).

If your website does get hacked and it is a wordpress hack please check this for a detailed analyses and recovery. Of course official wordpress article does have  a very detailed list of steps both to prevent issues and recovery https://codex.wordpress.org/FAQ_My_site_was_hacked.

Gnawing suspicion of hacked gmail ?

By | Case Study !, Hacking | 3 Comments

Couple of days ago a friend of mine called me frantically and asked me for the help. She suspected her gmail account is hacked. Apparently few of her friends called her and said they are getting strange messages from her account. I took a look at her account. It wasn’t hacked, it was just a virus that she contracted while she clicked a spam email.

However her paranoia was justified, because gmail happens to be account recovery email for many folks. It is usually tied to bank accounts, social media account and other important websites for recovery. If one gets access to the gmail they can get access to lot of other important sites.

Here are the steps I asked her to do just to be sure,

  • First login to your gmail and click the “detail” on the bottom right link. It will give you details of all active sessions and login information. For normal cases it will be from devices owned by you such as mobile, ipad and laptop.  To be sure logout of all sessions and login again for the next step.
  • Change your password, it is always good to change it often. The steps are well documented on the google forum https://productforums.google.com/forum/#!topic/gmail/JEu0Dlm0DAE. As you notice there are couple of additional unintuitive steps here.  You may be wondering why those steps are necessary. Here is a 30 thousand feet explanation.
    • Signatures can be used to track one by injecting invisible scrips (written in white color). So turn them off. Same is true for vacation responders.
    • Email forwards are a great way of reading your emails with out raising any suspicion. (It could be done by a close associate who has access to your computer and surreptitiously adds this while you take say a  bio brake).

She did this and reported feeling peaceful :-). Irrespective of your state of mind, it is always a good practice to do these steps for your important accounts.

How to hack ? Dont; For your own sake !!

By | Cyber Bullying, Information | No Comments

My SEO person pointed to me that about 15-20% of folks reach our website are reaching with keyword searches such as “How to hack FB for free”, “Fake email generator” etc. The demography puts them as young adults. This post is for them.

It is so easy to be tempted by fun, thrill and swayed by negative emotions such as anger, jealousy and pain. But just pause and think for a moment, Is it really worth it ? Consider these

  • It is crime in most countries and punishable under many new and old laws.
  • In spite of all sorts of technology precaution, with the law enforcement it is very easy to retrieve your activities online. Nothing is truly anonymous.
  • Internet never forgets anything. You are leaving a permanent mark of your criminal activities.
  • It will have severe impact on your career, social life, your family, in short life itself.

Check the case below for details of the judgment https://www.argbyte.com/2015/07/cyber-stalking-judgement-details/.

So just dont. There are many healthy ways of dealing with emotions, talk to your friends, family or a psychologist.

Cyber Stalking Judgement Details !

By | Cyber Bullying, Information | No Comments

Recently a techno legal case made news in Bombay and dealt with online harassment, intimidation. Check the judgement copy here for a great information on how the court views these and some in detail clues  on how to go about gathering and providing evidence. Cyber Stalking – Yogesh Prabhu Court Judgement (although it is legal document it is surprisingly easy to read).

This case demonstrates very interesting aspects of how criminals who think they cant be caught by changing email locations are blind in their belief. It also demonstrates the importance of keeping documents related to any harassment that one receives so that it can be used intelligently in case of escalations.

Thanks to Advocate Prashant Mali of www.cyberlawconsulting.com for providing the access to this document. He opines that only S66E of The IT Act 2000 & S509 of IPC is applied in this judgement. Section 67 & 67A are not applied in this case. The specifics applied are,

1. Punishment for Violating of privacy of the person under Section 66E of The IT Act,2000.
2. Word ,Gesture or Act intended to insult the modesty of a women under the section 509 of The IPC.

Reach out to us (ArgByte) for any technology queries or Prashant and his firm  for any legal aspects.