Page 1 of 1

hacker scum and cyber security (even in chess)

Posted: Sat Nov 21, 2020 8:09 pm
by jefk
now CTF is gone (never to bother to post there coz
politics is a no go for me in combination with chess)

about hackers in computer (correspondence) chess:
when i won the semifinals of the worldcup21 tourn,
with a simple win7 system, no external firewall,
and -apparently - a vulnerable dropbox, i got hacked
about 1.5 yrs ago. no big deal, i saw them copy and
then delete (the original)files, and unpulled the plug.

Damage was bigger than i suspected, the thugs
left a virus, and my win7 system got a blue screen.
Now i'm not an idiot, and managed to save the content
of the disk (not the working programs) after
re-installing a new windoze. After inspection i
also discovered some big books (eg chessbase.ctg
had been deleted but i had a backup on an external disk._

Now my question is, who could be such scum ?
(that they try to steal my book, ok, not legal,
but in some way i can have some understanding
for such (already criminal) minds; but then going
to ****** my computer with a bad virus, of which i
only (but many others not) could recover with a new
windoze install, is simply psycho behaviour; yes this
thus exists in the compchess world and you be warned

btw the world cup21 final only had prize money 1000 dlr,
and while i didn't get into the top 3, i also did not
lose a single game, when i had come back into
my systems again; yet some annoyance of such
a security breach remained. i still have win7 (and
backups), and a little extra firewall

Re: hacker scum and cyber security (even in chess)

Posted: Sat Nov 21, 2020 8:47 pm
by flok
jefk wrote:
Sat Nov 21, 2020 8:09 pm
about hackers in computer (correspondence) chess:
when i won the semifinals of the worldcup21 tourn,
with a simple win7 system, no external firewall,
and -apparently - a vulnerable dropbox, i got hacked
about 1.5 yrs ago. no big deal, i saw them copy and
then delete (the original)files, and unpulled the plug.
How did you see that?

Re: hacker scum and cyber security (even in chess)

Posted: Sun Nov 22, 2020 11:07 pm
by jefk
hi 'Flok' (mr van Heusden i presume)

well it's 1.5 yrs ago, and my recollection may not be 100 pct
accurate, but i have a reasonable memory, so to answer:

- one miserable day, when i started the Chesspartner interface, for
which i made a strong book (and played with the Shredder engine on Fics),
it couldn't find the book (which was stored in my dropbox file).
(also checked the recycle bin of-course, but nothing there
- so i browsed in windows-explorer to this dropbox file,
and noticed some more irregularities (*)
- earlier i had noticed already some strange activity in my AVG
antivirus program (looks like it was disabled (anyway, i know have
Avast, and seems to work better for my purposes)
- besides that, as i have the back of my comp in sight, i noticed
a flickering light on my internet plug (cable connection) which
indicated there was quite some traffic (while i was doing
nothing unusual)
- so i pulled the plug, and went back to my dropbox file
to my astonishment, quite some chess files were gone,
eg. a book a made for the bookbuilder program, and some
more stuff (i knew i had some (older) backups on an external
disk (but not regular/daily backup procedures, so i was still
a bit annoyed as you can maybe imagine
- now at first i suspected that maybe someone had hacked
my dropbox account (so i decide to change the password for that)
- but at some more inspection of some chess files, eg
the Cchessbase folder in 'my documents' (subdirectory 'books') i
also noticed that my large 'superbook' in .ctg format was gone...
(also found a backup later, but anyway, annoying again).
After which i decided to install an extra firewall (besides
the MS win7 firewall

Then, after restarting my comp, i got some strange things,
and then a blue screen. I didn't hesitate, and re-installed
windows7, with preserving the old data in a backup directory
(of-course installed programs were gone, and i had to
re-install quite some programs later again in my system).
So, resuming, i had became a bit angry, as you may
well imagine, i should have called my provider and ask for
logfiles (in an attempt to locate the hacker ie his IP address
but i was starting to get busy with correspondence chess again,
preparing a new tournament, and didn't bother, coz such hacker
may well use a zombie comp or network with another IP ...),
Anyway, with the Lco/Nnue revolution, opening theory
is changing as well, and i'm working already on a
better repertoire (for correspondence chess) again...

How they dunnit ? Well i suppose they found out my IP,
and then the rest was probably reasonably simple.
(during those times, youtube vids starting to appear
how to hack a system, (especially older windows as 7/8)
when you know the IP, from a special linux CD made
for hacking/cybersecurity (at that time, i wasn't aware
of such possibilities, otherwise i at least would have
maintained my earlier backup routines (with a 'Todo" backup
program which worked reasonably well and easy).

PS How safe such extra 'personal' firewall programs are,
i don't know, maybe i should update to Win10 (or even have
an additional linux system for the more sensitive data), and/or
use a VPN for the whole comp, but that isn't free nor
cheap i think... (anyway, a silly solution, but theoretical effective,
nowadays i simply remove my internet cable at night times..
:)

Re: hacker scum and cyber security (even in chess)

Posted: Tue Nov 24, 2020 1:54 am
by Milos
jefk wrote:
Sun Nov 22, 2020 11:07 pm
How they dunnit ? Well i suppose they found out my IP,
and then the rest was probably reasonably simple.
(during those times, youtube vids starting to appear
how to hack a system, (especially older windows as 7/8)
when you know the IP, from a special linux CD made
for hacking/cybersecurity (at that time, i wasn't aware
of such possibilities

(anyway, a silly solution, but theoretical effective,
nowadays i simply remove my internet cable at night times..
:)
You really don't have much clue about cyber security, networking, OS's, hacking, do you?
You know, one doesn't learn how to hack something watching youtube videos. ;)

Re: hacker scum and cyber security (even in chess)

Posted: Tue Nov 24, 2020 2:01 pm
by jefk
no Milos, i'm not a specialist
in cybersecurity, which is why i made my posting btw

yes hackers don't need youtube, but i do suspect the Kali
Linux distribution (which was widely promoted on youtube)
made such intrusion as in my situation, a lot easier.

Re: hacker scum and cyber security (even in chess)

Posted: Tue Nov 24, 2020 2:16 pm
by flok
jefk wrote:
Tue Nov 24, 2020 2:01 pm
no Milos, i'm not a specialist
in cybersecurity, which is why i made my posting btw

yes hackers don't need youtube, but i do suspect the Kali
Linux distribution (which was widely promoted on youtube)
made such intrusion as in my situation, a lot easier.
Why would linux make it more easy?

Is your computer directly on the internet? Or is there some NAT-appliance ("router") in between? And/or do you have ipv6?

Re: hacker scum and cyber security (even in chess)

Posted: Tue Nov 24, 2020 7:31 pm
by jefk
hi Folkert van H,

nope Linux itself doesn't make hacking easier,
but all the tools on this Kali distrib do make it easier... :
https://itsfoss.com/best-kali-linux-tools/
and like i said, lots of youtube vids eg
https://www.youtube.com/watch?v=K1bMSPje6pw

As for my connection, i'm simply connected via cable on my ziggo
provider (a Wan connection i think), no router myself; i do
have a second computer, but no network); previously i thought
that because of the dynamic iP allocation it would be
difficult for hackers to find my IP and intrude,
but this now obviously has been an illusion...

Any tips for cheap or free security enhancements are welcome.

PS meanwhile, i'm already intending to find a win10Lite
download which can be installed with dual boot, keeping
my older win7 system available. (apparently Win10 is bit
more secure, especially while win7 isn't supported anymore).

Re: hacker scum and cyber security (even in chess)

Posted: Tue Nov 24, 2020 8:19 pm
by Milos
jefk wrote:
Tue Nov 24, 2020 7:31 pm
hi Folkert van H,

nope Linux itself doesn't make hacking easier,
but all the tools on this Kali distrib do make it easier... :
https://itsfoss.com/best-kali-linux-tools/
and like i said, lots of youtube vids eg
https://www.youtube.com/watch?v=K1bMSPje6pw

As for my connection, i'm simply connected via cable on my ziggo
provider (a Wan connection i think), no router myself; i do
have a second computer, but no network); previously i thought
that because of the dynamic iP allocation it would be
difficult for hackers to find my IP and intrude,
but this now obviously has been an illusion...

Any tips for cheap or free security enhancements are welcome.

PS meanwhile, i'm already intending to find a win10Lite
download which can be installed with dual boot, keeping
my older win7 system available. (apparently Win10 is bit
more secure, especially while win7 isn't supported anymore).
You don't seem to realize that hacking an OS has very little to do with hacking the network.
Even if one gains access to your network, you still have your software firewall and assuming you are not running some web services from your machine the only realistic way for someone to gain access to your system would be to hijack when you are download some executable from the internet and plant some malware in it. However, that's much easier said than done. It's not something script kiddies would know how to do, or you'd find a tutorial on youtube.

Re: hacker scum and cyber security (even in chess)

Posted: Tue Nov 24, 2020 10:08 pm
by jefk
Milos wrote
"only realistic way for someone to gain access to your system would be to hijack when you are download some executable from the internet and plant some malware in it"
|
well that's probably what had happened (although i do have a malware
detector (from iobit) NB normally i also don't download unknown
'executable' but malware can also be hidden in some other stuff i
presume.
What i suspect is that some undetected malware already was
residing for some time on my comp, and when the 'thief'
thought it became a good moment, he (i presume he was a he)
took his chance.. Mind you, the hacker clearly was after
chess stuff, especially opening theory. Maybe i've downloaded
a chess program earlier, with a trojan horse hidden in it, who knows..

PS for it's not so important how it may have been done,
but more how to prevent such a thing in future.
(in some ways you already give a clue, be careful
with malware, run regular malware scans, etc)
For the rest i consider to use my virtualbox in future
more for certain downloads (trials, pdfs, of whatever),
to safeguard my main system...

Re: hacker scum and cyber security (even in chess)

Posted: Wed Nov 25, 2020 7:44 am
by flok
Milos wrote:
Tue Nov 24, 2020 8:19 pm
jefk wrote:
Tue Nov 24, 2020 7:31 pm
hi Folkert van H,

nope Linux itself doesn't make hacking easier,
but all the tools on this Kali distrib do make it easier... :
https://itsfoss.com/best-kali-linux-tools/
and like i said, lots of youtube vids eg
https://www.youtube.com/watch?v=K1bMSPje6pw

As for my connection, i'm simply connected via cable on my ziggo
provider (a Wan connection i think), no router myself; i do
have a second computer, but no network); previously i thought
that because of the dynamic iP allocation it would be
difficult for hackers to find my IP and intrude,
but this now obviously has been an illusion...

Any tips for cheap or free security enhancements are welcome.

PS meanwhile, i'm already intending to find a win10Lite
download which can be installed with dual boot, keeping
my older win7 system available. (apparently Win10 is bit
more secure, especially while win7 isn't supported anymore).
You don't seem to realize that hacking an OS has very little to do with hacking the network.
Even if one gains access to your network, you still have your software firewall and assuming you are not running some web services from your machine the only realistic way for someone to gain access to your system would be to hijack when you are download some executable from the internet and plant some malware in it. However, that's much easier said than done. It's not something script kiddies would know how to do, or you'd find a tutorial on youtube.
Thank you for explaining all of that. I wasn't aware of it at all. I wonder why I haven't been hacked in the last 30 years on-line. Pure luck I guess?