Solved My google account got hacked in April 2023, what should I do?

Xeno1234

Level 14
Thread author
Jun 12, 2023
699
Today I found out that my google account was hacked in April 2023. Some guy got on Linux and just logged on and changed my password.

What should I do? I’ve already changed passwords to all my accounts and enabled 2fa on the important ones. Wiped all of my pcs fully clean aswell.
 
  • Wow
Reactions: oldschool

Bot

AI-powered Bot
Verified
Apr 21, 2016
3,438
I'm sorry to hear about your hacked Google account. It's good that you have already taken some important steps to secure your accounts. Here are a few additional actions you can take to further protect yourself:

1. Recover your Google account: If you haven't already, try to regain access to your hacked Google account. Visit the Google Account Recovery page and follow the instructions provided. Google has a dedicated support team that can assist you in the recovery process.

2. Check for suspicious activity: Review your account activity logs to see if there have been any unauthorized actions or changes made to your account. Look for any unfamiliar login locations, devices, or suspicious emails that may have been sent from your account.

3. Update your recovery options: Make sure your recovery email address and phone number associated with your Google account are up to date. This will help you regain access to your account in case of future incidents.

4. Enable two-factor authentication (2FA): You mentioned that you have already enabled 2FA on important accounts, which is great. Ensure that you have also enabled it for your Google account. This adds an extra layer of security by requiring a second verification step, such as a code sent to your phone, when logging in.

5. Monitor other accounts: Keep an eye on your other online accounts, such as social media, banking, and email accounts. Change passwords for these accounts as well and enable 2FA wherever possible. Be vigilant for any suspicious activity or unauthorized access.

6. Be cautious of phishing attempts: Hackers may try to trick you into revealing personal information through phishing emails or messages. Be cautious of any unsolicited emails or messages asking for sensitive information or directing you to click on suspicious links. Verify the legitimacy of such requests before taking any action.

7. Use strong, unique passwords: Ensure that you are using strong, unique passwords for each of your online accounts. Consider using a password manager to generate and securely store complex passwords.

8. Stay updated on security practices: Keep yourself informed about the latest security practices and trends. Regularly check for software updates on your devices, use reputable antivirus software, and be cautious when downloading files or clicking on links from unknown sources.

Remember, it's important to act quickly and take these steps to minimize the potential damage caused by a hacked account. If you have any concerns or need further assistance, consider reaching out to Google's support team for guidance specific to your situation.
 

Xeno1234

Level 14
Thread author
Jun 12, 2023
699
I'm sorry to hear about your hacked Google account. It's good that you have already taken some important steps to secure your accounts. Here are a few additional actions you can take to further protect yourself:

1. Recover your Google account: If you haven't already, try to regain access to your hacked Google account. Visit the Google Account Recovery page and follow the instructions provided. Google has a dedicated support team that can assist you in the recovery process.

2. Check for suspicious activity: Review your account activity logs to see if there have been any unauthorized actions or changes made to your account. Look for any unfamiliar login locations, devices, or suspicious emails that may have been sent from your account.

3. Update your recovery options: Make sure your recovery email address and phone number associated with your Google account are up to date. This will help you regain access to your account in case of future incidents.

4. Enable two-factor authentication (2FA): You mentioned that you have already enabled 2FA on important accounts, which is great. Ensure that you have also enabled it for your Google account. This adds an extra layer of security by requiring a second verification step, such as a code sent to your phone, when logging in.

5. Monitor other accounts: Keep an eye on your other online accounts, such as social media, banking, and email accounts. Change passwords for these accounts as well and enable 2FA wherever possible. Be vigilant for any suspicious activity or unauthorized access.

6. Be cautious of phishing attempts: Hackers may try to trick you into revealing personal information through phishing emails or messages. Be cautious of any unsolicited emails or messages asking for sensitive information or directing you to click on suspicious links. Verify the legitimacy of such requests before taking any action.

7. Use strong, unique passwords: Ensure that you are using strong, unique passwords for each of your online accounts. Consider using a password manager to generate and securely store complex passwords.

8. Stay updated on security practices: Keep yourself informed about the latest security practices and trends. Regularly check for software updates on your devices, use reputable antivirus software, and be cautious when downloading files or clicking on links from unknown sources.

Remember, it's important to act quickly and take these steps to minimize the potential damage caused by a hacked account. If you have any concerns or need further assistance, consider reaching out to Google's support team for guidance specific to your situation.
I’ve checked this account. No suspicious emails sent, no issues with financial stuff, no scam emails or calls either. Passwords are now strong ones instead of weaker ones.
 

Bot

AI-powered Bot
Verified
Apr 21, 2016
3,438
I’ve checked this account. No suspicious emails sent, no issues with financial stuff, no scam emails or calls either. Passwords are now strong ones instead of weaker ones.
That's good to hear that you haven't noticed any suspicious activity or issues with your other accounts. It's also great that you have updated your passwords to stronger ones. However, it's still important to take a few more precautions to ensure the security of your accounts:

1. Enable two-factor authentication (2FA) on all your accounts: This adds an extra layer of security by requiring a second verification step, such as a code sent to your phone, when logging in. It's a good practice to enable 2FA on all your important accounts, not just your Google account.

2. Regularly monitor your accounts: Even if you haven't noticed any suspicious activity so far, it's a good idea to continue monitoring your accounts for any signs of unauthorized access. Regularly review your account activity logs and keep an eye out for any unusual login locations or devices.

3. Be cautious of phishing attempts: Stay vigilant for any phishing emails or messages that may try to trick you into revealing personal information. Be cautious of any unsolicited emails or messages asking for sensitive information or directing you to click on suspicious links. Verify the legitimacy of such requests before taking any action.

4. Keep your devices and software up to date: Regularly update your devices and software to ensure you have the latest security patches and bug fixes. This includes your operating system, web browsers, and any other software you use.

5. Use a reputable antivirus software: Install and regularly update a reputable antivirus software on your devices. This will help protect against malware and other security threats.

6. Educate yourself on online security best practices: Stay informed about the latest security practices and trends. Familiarize yourself with common security risks and learn how to protect yourself from them. This will help you stay one step ahead of potential threats.

Remember, it's always better to be proactive when it comes to online security. By taking these additional precautions, you can further minimize the risk of future security incidents.
 

Shadowra

Level 34
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,303
Before changing your passwords, make sure your computer is not infected by malware (Trojan, Backdoor, Botnet, RAT, Keyloggers, Stealers etc).

In fact, even if you change your passwords, if you're infected, so is the cyber-criminal.

I'd advise you to run several tools, such as KVRT, NPE, Eset OnlineScan and Malwarebytes. Only run complete scans.

Then, once the malware has been removed (if you have one or more), refresh your browsers. Some (like ZBot/ZeuS and others) inject the browser to stay persistent and capture your information.

Then, change ALL your passwords to ones that are difficult to crack (letters, uppercase, lowercase, special characters, numbers, etc.). I recommend a password of between 10 and 20 characters.

And finally, activate 2FA with SMS/App authentication.
 

Xeno1234

Level 14
Thread author
Jun 12, 2023
699
Before changing your passwords, make sure your computer is not infected by malware (Trojan, Backdoor, Botnet, RAT, Keyloggers, Stealers etc).

In fact, even if you change your passwords, if you're infected, so is the cyber-criminal.

I'd advise you to run several tools, such as KVRT, NPE, Eset OnlineScan and Malwarebytes. Only run complete scans.

Then, once the malware has been removed (if you have one or more), refresh your browsers. Some (like ZBot/ZeuS and others) inject the browser to stay persistent and capture your information.

Then, change ALL your passwords to ones that are difficult to crack (letters, uppercase, lowercase, special characters, numbers, etc.). I recommend a password of between 10 and 20 characters.

And finally, activate 2FA with SMS/App authentication.
I’ve reset windows on all of my devices. I’ve verified the new PC is clean aswell. I’ve changed all passwords to all the accounts I can recall and enabled 2FA on all important ones.

I’ll delete the google account and make a new one. Nothing like serious has happened since the account was hacked (nothing suspicious currently and no financial issues happened. Wasn’t locked out of any game accounts either) but I’ll do my best to ensure I’m safe.

I’m not going to go super OCD about this either. I’ll quickly glance over gmail to see if that leads me to any accounts I don’t have passwords saved for I can secure. Other than that I’ve done everything.
 

Xeno1234

Level 14
Thread author
Jun 12, 2023
699
I am reciving suspicious activity alerts from google that say the device doing the activity is mine. While that alone isn’t a cause for concern because cellular makes my IP change - I noticed a suspicious activity from my device saying I tried to change my password when I didn’t. I logged in using the password forget feature 40 minutes before I received the email.

Is this a cause for concern, if so, what should I do?
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top