Please provide comments and solutions that are helpful to the author of this topic.
I’ve changed passwords and signed out of all sessions except the current one on most of not all my accounts. I’ve also wiped windows clean on my devices except for new pc but I don’t see how it can be infected as I’ve ran nothing and if I did it would have been blocked by Kaspersky default deny.The problem is, if your attackers never disconnect from your accounts, never close their browser etc. Then they would not have to go thru 2FA. When you sign on to several gmail accounts in different tabs, you get the option to 'sign out of all accounts' . Try that.
2) A Windows RESET is not the same as a Reinstall. With a resinstall: boot from USB setup stick > custom install, you get the chance to delete all partitions and start from a blank hard drive. This eliminates things like boot sector infections, I think. Whenever I am in doubt of this, I use Parted Magic to secure erase my Nvme before proceeding with Windows Reinstall. Parted Magic is not free, but their older versions are. You can google for it. Parted Magic boots from USB stick. So you need 2 USB sticks; one for Parted Magic and one for Windows setup. Don''t shy from this expense, it appears you need it.
Never intended to argue with you. I will do that when I get the chance, as I literally do not have a USB yet.Don't argue with me and present lazy work arounds. The Clean Install - deleting all partitions is the universally accepted way of doing it.
Generic and vague. We need you to provide more background information, be as detailed as possible.People are logging into my accounts despite 2FA being enabled and me changing all my passwords.
1: So far I’ve seen suspicious logins for Discord and Bitdefender Gravityzone.Generic and vague. We need you to provide more background information, be as detailed as possible.
Have you requested the accounts to be temporary locked.
- Can you list all accounts & services that are affected? (Provide screenshots of proof if necessary).
- Which method of authentication is being used for these accounts? Are all 2FA codes stored using the same app? Where are your backups stored?
- Have you revoked permissions and devices of the affected accounts?
- What kind of suspicious IP addresses are you seeing for your accounts?
- Are the accounts and passwords being changed immediately after YOU access/change them? How do you know this is happening?
- Do you use any VPN service, free or paid, on-device or router?
2nd Factor Authentication is only another layer of defence, it is not bulletproof against unauthorised attackers if that layer is compromised.
Edit: Apparently there’s going to be some sort of safeguard they’re putting on my computer to make me not be able to look at emails or change passwords to accounts and stuff, so, I don’t really know what to do.
I don't understand. Are you using a Gmail account for GravityZone ? You say your Gmail account is not compromised. But you say "there's going to be" ...." make me not able to look at emails". Did the attackers make you unable to read your Gmail emails ?At the time of the login, I believe google Authenticator was being used only for Bitdefender. My google account is not compromised.
Gravityzone has a gmail email attached to it, yes. My google account is not compromised. When I say that I will not be able to look at emails, I mean that my parents are placing safeguards on my stuff because I’ve worried about this too much, which sucks (if you don’t know, I’m only 15). I need to calm down a bitI don't understand. Are you using a Gmail account for GravityZone ? You say your Gmail account is not compromised. But you say "there's going to be" ...." make me not able to look at emails". Did the attackers make you unable to read your Gmail emails ?
I think you missed my point, he talks almost same as an other one, that one was trolling that time.@jango. Paranoia is not a problem. We are security professionals, we are Paid to be a bit paranoid. It is problem solving skills that he needs. Address each individual security problem and a bit of that paranoia is eliminated one at a time.
So far I’ve narrowed it down to a possible Kaspersky Password Manager breach. I’ve changed the main password and disabled syncing between devices however the main password I changed it to is one that is used for other accounts, however I’m pretty sure disabling syncing between devices still locks attackers out.Worrying about something is when you have jumbled thoughts. You're jumping to this thought and then another. Write down the possible attacks. Then remedy each one by one.
You implemented default deny using Kaspersky. Have you thought of ways that it could be circumvented? Write them down.
I suggested that malware may be affecting the boot process and that your Windows reset may leave them still embedded. Write it down. And you've ordered a USB. So a remedy to this is in the works. Write it down too.
Write down other ways the attackers can know about and change your Bitdefender + Discord password. Use your security knowledge and list all the attacks you know.
Carefully writing down problem points will enable you to see and read them. Then you can think of how to remedy each one at a time. Then you won't have jumbled thoughts.
Writing down and reading them will make your head clearer.
Solutions to each point may involve several steps. Don't let that faze you. List down all the steps. Execute those steps one by one and you will have that point addressed and eliminated the possibility of that attack.
If you have addressed the possibility of a Kaspersky Password Manager breach, then good. Now see if there's a way to test it out.disabling syncing between devices still locks attackers out
Chances are that isn’t an issue. Yes I play modded Minecraft but only utilizing popular, reputable modpacks.@Jengo. If I remember that thread, he lost focus of the risk he wanted addressed which was java malware.