this post was submitted on 04 Dec 2023
6 points (80.0% liked)
Cybersecurity
5638 readers
156 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]
Notable mention to [email protected]
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Try using a USB boot stick to boot into Linux and just save whatever you need from the machine and then reformat it. Since this way the machine won't automatically connect to Wi-Fi and potentially cause more issues.
That's the quickest, simplest way without needing to try to diagnose and dig into the system to see what is affected and trying to fix it.
Also what is the computer doing when it boots up? There's not really enough information being given to be able to provide any other advice.
Yeah, even if you're extremely knowledgeable with computers I do not recommend trusting the OS (or sometimes the whole device) after it's been compromised. Back stuff up, wipe, reinstall.
That or have a fresh drive installed and then a clean OS, then pop the old one on a USB enclosure and grab just what you need from it. Beware that a really nasty hacker could have invented remaining files with Trojans/malware so definitely re-download any installers rather than using the stuff from the old drive.
Thanks, we might give that a go. I don’t really know what else is happening, TBH. I only heard about this briefly last night. Apparently my FIL is now being “stalked” and he’s had to change phone number etc.
Hopping on a live USB to recover files is your safest option.
It will also give you an opportunity to scan files (with something like clam av) while running from a system other than Windows, so you're less likely to encounter any further infections. Not that Linux can't be infected, it's just much less likely and you'd be running from a flash drive and off network anyway so it's about as safe as you can get.
You would need to connect the live USB to the Internet to install clam av on the USB stick or something similar, but that can be done while using a separate machine before actually plugging into the affected machine.
I can't really offer any advice on using any software for scanning as I keep personal things on separate drives segregated from the network so if something ever did happen I'd just wipe and start over.
May be a good idea to take though. Get him a USB drive that he can store files on and disconnect when he doesn't need it.
Just some thoughts from someone that works in desktop support and has been tinkering for a little over 20 years.
Good luck!