Join 3,512 readers in helping fund MetaFilter (Hide)


Wuz she hax0r3d?
February 3, 2006 8:16 PM   Subscribe

Wuz she hax0r3d?
Scenarios that explain this situation, please: Someone (not I) tries to connect to the 'Net on her AOHell account & gets an error message, the gist of which is "Ain't gonna log you on; reppy5 is already logged on to your account at another location." reppy5 is not one of the accounts/screen-names she has ever created. Has she been hacked? Used as a zombie? Hacked by a zombie? A zombie for what, for spam?

A few minutes later she logs onto the 'Net and DOES get online, she calls AOL and is told to change her password. That's all she is told & she can barely understand this much from the AOHell CSR. She asks them to investigate reppy5 & they tell her to e-mail the TOS-General.

If she changed her password to something with letters (lower AND upper case) & numbers, it's not likely she'll be hacked again, right? Someone probably set up a program to run a random password generator on a list of confirmed usernames s/he got from AOL, got lucky with my friend, & now it's not likely to happen again? I'm no Techno-God, I'm just spex-you-lating.

Various scenarios? Whahappened? She wants to e-mail reppy5--should she?

Thanks, youse technorati ;-)
BTW, I only added "britney spears" to the list of tags on this post because anybody searching MeFi for info on Britney deserves to be misdirected ;-)
posted by Shane to Computers & Internet (12 answers total)
 
My parents use AOL and have for years. Numerous times people have gotten into sub-accounts, sent a ton of spam from it (and it wasn't spoofed, the spam was in the "sent" box) and my parents were left having to argue with AOL about preventing it from happening again. Now, no one has ever created a new account/screenname on their account, but I guess my point is that it's definitely possible that someone got into her account and screwed around.
posted by tastybrains at 8:59 PM on February 3, 2006


Oh, and it probably wasn't a zombie. Unless of course her username is something like omgyummybrains220 or something. ;-)
posted by tastybrains at 9:01 PM on February 3, 2006


When she logs on and goes to keyword "screen names" is "reppy5" in fact on there?

If not, the error message was probably just a momentary glitch in the Matrix.

If it's there, yeah, she's been haxx0red.
posted by kindall at 9:07 PM on February 3, 2006


AOL has had sloppy security for years. Once somebody hacked a program that gave you administrator-level privileges to log into accounts, for instance. In 2004, an employee committed an inside job that passed out customer information (mainly names connected to screen names, it appears) for 92 million people. Other times, employees have been known to create backdoors for themselves on lesser-used accounts and other such things.

But look at the list of Screen Names, and remove any that don't belong. (Don't screw this up, though, as AOL doesn't like to reinstate usernames that are deleted.)
posted by dhartung at 10:52 PM on February 3, 2006


MeTa
posted by grouse at 7:49 AM on February 4, 2006


(Don't screw this up, though, as AOL doesn't like to reinstate usernames that are deleted.)

At least since 2002 there has been a button to undelete sub accounts that have been deleted in the last 6 months.

Either your friends account was phished or she d/l a trojan that recorded her keystrokes when your friend entered there password.

If the account was phished. someone im'ed or emailed your friend for there account information. Whichever it was probably a message that there was problems with her account and they needed to verify there account information. Not only could they have asked for username/password but also social security # and credit card information.

Aol only sends official message through e-mail that are marked with a special blue icon that note there from aol.

If it is a trojan horse. your gonna have to detect it somehow. And clean it out. because if you change the password and the trojan horse is still present it will resend the password to the same email account.

Also the hax0r could be using services on her account that cost extra money. the 1-800 dial up number at $3 bucks every hour, premium games, itunes d/ls billed to your aol account, etc. you can find out what your current bill is at keyword: billing

Be prepared to dispute any of these extra charges.

Aol is for rubes but luckily the majority of these hax0rs are teenage kids and not real threats. This shit has been happening since when aol was called quantum link and it cost $5.95 a hour to log-on.
posted by Dreamghost at 11:29 AM on February 4, 2006


Thanks, folks. I'll make sure she runs Ad-Aware and Spybot. I'm not really web-savvy enough to have run thru all these scenarios myself.
posted by Shane at 12:13 PM on February 4, 2006


How many times did your parents attempt to log on? Was this a one-time problem? I ask because the last I knew, you could log into an AOL sub-account at the same time you are logged into the main account. I seem to recall this was a feature AOL added a couple of years back.

My point is, with the information given in the post, we don't really know that anything untoward has happened.
posted by dunderhead at 12:39 PM on February 4, 2006


Back in the days of yore when I had AOL (I think it may have been AOL version 5.0), you were allowed 5 accounts; a master, and 4 sub accounts. My parents took 2 and my brother and I took 2. I was living at school at that point and I wanted to give my roomie the last sub account. I tried to create it and it wouldn't let me, saying that I had already used all 5 accounts. I looked in the drop down and there were only 4. What happened was, my brother had taken the last sub account, and I had installed my copy of the software on my machine BEFORE he created it. When I went into the "switch screen names" menu, it did appear there, but it did not appear in the initial "sign on" screen until I reinstalled the software later on. Basically if you did not know to look in the switch screen names menu, you would never know there was another sub account in the sign on screen because (I assume) that info was stored locally. So it is indeed possible that if one gained access to a master account (and keep in mind that you can designate any and all accounts you wish as masters) that they could create a sub account on your account from a different machine and the owner of the account would be none the wiser. Additionally if you had gained access to a master account you could presumably delete any notification emails that were sent upon the creation of the sub account. Like I said earlier, this may all be moot because this was an old version of AOL, but I just wanted to share it in case it still holds true.
posted by Emperor Yamamoto's Eggs at 1:31 PM on February 4, 2006


Ad-Aware and Spybot are not enough. You need an antivirus program - AVG Free is not bad. Pay attention to billing for the next couple months, just to be safe.
posted by theora55 at 3:50 PM on February 4, 2006


dunderhead - Shane didn't mention any parents, I did. And in my comment, I'm not expressing any confusion as to whether something untoward happened, because it did.

I was really just emphasizing that people do "hack" into other people's AOL accounts all the time, that's all.
posted by tastybrains at 9:55 PM on February 4, 2006


tastybrains - On re-read, I see my mistake. Thanks for pointing the right direction.
posted by dunderhead at 5:41 AM on February 8, 2006


« Older I want to collect 200,000+ sig...   |  could this country withstand a... Newer »
This thread is closed to new comments.