Reply
New Contributor
geebee
Posts: 2
0
Accepted Solution

Just been hacked - LogMeIn Free

Sitting at my PC when suddenly the mouse went crazy as someone started using it.

 

No LogMeIn box sayinganyone was connected at the top of the screen.

 

They tried to download a file called "blaat.exe"

 

I had a "chat" with them then disconnected them. They had a Netherlands IP

62.45.208.15

from the logfile.

 

 

How did they get past my login details? I use a very secure password.

 

 

 

 

 

2009-01-24 20:35:17.098 - Info      - LogMeIn - Session - 62.45.208.15 - Single user mode.
2009-01-24 20:35:17.098 - Info - LogMeIn - Session - 62.45.208.15 - Referrer: https://secure.logmein.com/r.asp?r=mycomputers
2009-01-24 20:35:17.098 - Info - LogMeIn - Session - 62.45.208.15 - Browser: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5
2009-01-24 20:35:17.100 - Info - LogMeIn - Session - 62.45.208.15 - Accepts: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
2009-01-24 20:35:17.100 - Info - LogMeIn - Session - 62.45.208.15 - Client IP: 62.45.208.15 - direct access allowed.
2009-01-24 20:35:17.137 - Info - LogMeIn - Session - 62.45.208.15 - Gateway set referrer: https://secure.logmein.com/r.asp?r=backfromgw&slid=bcigwdfpbzlfkyookmfkrz8f7787n3
2009-01-24 20:35:17.529 - Info - LogMeIn - Session - 62.45.208.15 - Request for /?rawtnl=1&gwsid=_kAn6x5LXL8ysnX16UWRxnHocxoMyYaW returned 200 OK (9158 bytes).
2009-01-24 20:35:18.001 - Info - LogMeIn - Session - 62.45.208.15 - Request for /css/window.css?ui=secrem returned 200 OK (1936 bytes).
2009-01-24 20:35:18.064 - Info - LogMeIn - Session - 62.45.208.15 - Request for /css/RA.css?ui=secrem returned 200 OK (3406 bytes).
2009-01-24 20:35:18.072 - Info - LogMeIn - Session - 62.45.208.15 - Request for /js/window.js returned 200 OK (2188 bytes).
2009-01-24 20:35:20.597 - Info - LogMeIn - Session - 62.45.208.15 - Logging in as 'DESK\LogMeInRemoteUser'.
2009-01-24 20:35:20.599 - Info - LogMeIn - Session - 62.45.208.15 - Logged in successfully.
2009-01-24 20:35:20.599 - Info - LogMeIn - Session - 62.45.208.15 - User is administrator.
2009-01-24 20:35:20.695 - Info - LogMeIn - Session - 62.45.208.15 - Loading user profile...
2009-01-24 20:35:20.845 - Info - LogMeIn - Session - 62.45.208.15 - Loaded user profile.
2009-01-24 20:35:20.847 - Info - LogMeIn - Session - 62.45.208.15/015-208-045-062.dynamic.caiway.nl:Desk\LogMeInRemoteUser - Request for /default.html?3165408361 returned redirect to main.html
2009-01-24 20:35:21.083 - Info - LogMeIn - Session - 62.45.208.15/015-208-045-062.dynamic.caiway.nl:Desk\LogMeInRemoteUser - Request for /main.html returned 200 OK (1964 bytes).
2009-01-24 20:35:21.193 - Info - LogMeIn - Session - 62.45.208.15/015-208-045-062.dynamic.caiway.nl:Desk\LogMeInRemoteUser - Request for /LMI_menu.html?select=home&250576821 returned 200 OK (6593 bytes).
2009-01-24 20:35:21.194 - Info - LogMeIn - Session - 62.45.208.15/015-208-045-062.dynamic.caiway.nl:Desk\LogMeInRemoteUser - Request for /lmistart.html?250576821 returned 200 OK (7967 bytes).
2009-01-24 20:35:21.480 - Info - LogMeIn - Session - 62.45.208.15/015-208-045-062.dynamic.caiway.nl:Desk\LogMeInRemoteUser - Request for /watchdog_wrapper.html returned 200 OK (5506 bytes).
2009-01-24 20:35:21.538 - Info - LogMeIn - Session - 62.45.208.15/015-208-045-062.dynamic.caiway.nl:Desk\LogMeInRemoteUser - Request for /css/RA.css?ui=secrem returned 200 OK (3406 bytes).
2009-01-24 20:35:21.588 - Info - LogMeIn - Session - 62.45.208.15/015-208-045-062.dynamic.caiway.nl:Desk\LogMeInRemoteUser - Request for /css/window.css?ui=secrem returned 200 OK (1936 bytes).
2009-01-24 20:35:21.888 - Info - LogMeIn - Session - 62.45.208.15/015-208-045-062.dynamic.caiway.nl:Desk\LogMeInRemoteUser - Request for /watchdog_wrapper.html?type=xpi&appletwidth=&appletheight=&app=1&view=&ForceLoopback=&displaymsg= returned 200 OK (6691 bytes).
2009-01-24 20:35:23.992 - Info - LogMeIn - Session - 62.45.208.15/015-208-045-062.dynamic.caiway.nl:Desk\LogMeInRemoteUser - Request for /remctrl.html returned 200 OK (658 bytes).
2009-01-24 20:35:24.374 - Info - LogMeIn - Session - 62.45.208.15/015-208-045-062.dynamic.caiway.nl:Desk\LogMeInRemoteUser - Request for /css/RA.css?ui=secrem returned 200 OK (3406 bytes).
2009-01-24 20:35:24.374 - Info - LogMeIn - Session - 62.45.208.15/015-208-045-062.dynamic.caiway.nl:Desk\LogMeInRemoteUser - Request for /css/window.css?ui=secrem returned 200 OK (1936 bytes).
2009-01-24 20:35:24.457 - Info - LogMeIn - Session - 62.45.208.15/015-208-045-062.dynamic.caiway.nl:Desk\LogMeInRemoteUser - Request for /remctrl.html?app=1&type=&view=&appletwidth=100%25&appletheight=100%25&ForceLoopback= returned 200 OK (7020 bytes).
2009-01-24 20:35:24.565 - Info - LogMeIn - Session - 62.45.208.15/015-208-045-062.dynamic.caiway.nl:Desk\LogMeInRemoteUser - Request for /empty.html returned 200 OK (88 bytes).
2009-01-24 20:35:25.261 - Info - LogMeIn - Session - 62.45.208.15/015-208-045-062.dynamic.caiway.nl:Desk\LogMeInRemoteUser - Request for /css/RA.css?ui=secrem returned 200 OK (3406 bytes).
2009-01-24 20:35:25.268 - Info - LogMeIn - Session - 62.45.208.15/015-208-045-062.dynamic.caiway.nl:Desk\LogMeInRemoteUser - Request for /css/window.css?ui=secrem returned 200 OK (1936 bytes).
2009-01-24 20:35:25.493 - Info - LogMeIn - Session - 62.45.208.15/015-208-045-062.dynamic.caiway.nl:Desk\LogMeInRemoteUser - Request for /remctrl.html?type=xpi&appletwidth=100%&appletheight=100%&app=1&view=0&ForceLoopback=&displaymsg= returned 200 OK (8210 bytes).
2009-01-24 20:35:25.493 - Info - LogMeIn - Socket - 62.45.208.15:56983/watchdog - Watchdog applet connected.
2009-01-24 20:35:25.638 - Info - LogMeIn - Session - 62.45.208.15/015-208-045-062.dynamic.caiway.nl:Desk\LogMeInRemoteUser - Request for /css/RA.css?ui=secrem returned 200 OK (3406 bytes).
2009-01-24 20:35:25.643 - Info - LogMeIn - Session - 62.45.208.15/015-208-045-062.dynamic.caiway.nl:Desk\LogMeInRemoteUser - Request for /css/window.css?ui=secrem returned 200 OK (1936 bytes).
2009-01-24 20:35:28.227 - Info - LogMeIn - Session - 62.45.208.15/015-208-045-062.dynamic.caiway.nl:Desk\LogMeInRemoteUser - Unsupported client option: MEASUREBANDWIDTH2; RFSDRIVEMAP; QUALITYSCALE; SOUNDTRANSFER2; DRAGANDDROP; DNDCOMPRESSION; REMOTEPRINT
2009-01-24 20:35:28.470 - Info - RA_RC - Startup - - Starting up
2009-01-24 20:35:28.493 - Info - RA_RC - Startup - - Interactive user not asked for permission.
2009-01-24 20:35:28.533 - Info - RA_RC - DnD - - DnD disabled (no client support)
2009-01-24 20:35:29.042 - Notice - RA_RC - Startup - - Multiple monitors detected, forced compatibility mode.
2009-01-24 20:35:29.042 - Notice - RA_RC - Startup - - Using compatibility mode.
2009-01-24 20:35:29.047 - Info - RA_RC - Session Recording - - Rcrec recorder created.
2009-01-24 20:35:29.048 - Info - RA_RC - RC - - Init (full) on \\.\DISPLAY1
2009-01-24 20:35:29.283 - Info - RA_RC - Remote Control - - Screen data acquired via GDI
2009-01-24 20:35:29.575 - Error - LogMeIn - Socket - 62.45.208.15:14016 - SSL error: handshake failure (in write).
2009-01-24 20:35:29.575 - Error - LogMeIn - Socket - 62.45.208.15:14016 - SSL error: SSLv3 read client hello C (in accept).
2009-01-24 20:35:29.575 - Error - LogMeIn - Socket - 62.45.208.15:14016 - SSL error: SSLv3 read client hello C (in accept).
2009-01-24 20:35:39.985 - Error - LogMeIn - Socket - 62.45.208.15:14017 - SSL error: handshake failure (in write).
2009-01-24 20:35:39.985 - Error - LogMeIn - Socket - 62.45.208.15:14017 - SSL error: SSLv3 read client hello C (in accept).
2009-01-24 20:35:39.985 - Error - LogMeIn - Socket - 62.45.208.15:14017 - SSL error: SSLv3 read client hello C (in accept).
2009-01-24 20:35:55.299 - Error - LogMeIn - Socket - 62.45.208.15:14018 - SSL error: handshake failure (in write).
2009-01-24 20:35:55.299 - Error - LogMeIn - Socket - 62.45.208.15:14018 - SSL error: SSLv3 read client hello C (in accept).
2009-01-24 20:35:55.299 - Error - LogMeIn - Socket - 62.45.208.15:14018 - SSL error: SSLv3 read client hello C (in accept).
2009-01-24 20:36:30.637 - Error - LogMeIn - Socket - 62.45.208.15:14019 - SSL error: handshake failure (in write).
2009-01-24 20:36:30.637 - Error - LogMeIn - Socket - 62.45.208.15:14019 - SSL error: SSLv3 read client hello C (in accept).
2009-01-24 20:36:30.637 - Error - LogMeIn - Socket - 62.45.208.15:14019 - SSL error: SSLv3 read client hello C (in accept).
2009-01-24 20:37:36.035 - Error - LogMeIn - Socket - 62.45.208.15:14020 - SSL error: handshake failure (in write).
2009-01-24 20:37:36.035 - Error - LogMeIn - Socket - 62.45.208.15:14020 - SSL error: SSLv3 read client hello C (in accept).
2009-01-24 20:37:36.035 - Error - LogMeIn - Socket - 62.45.208.15:14020 - SSL error: SSLv3 read client hello C (in accept).
2009-01-24 20:42:41.577 - Error - LogMeIn - Socket - 62.45.208.15:14021 - SSL error: handshake failure (in write).
2009-01-24 20:42:41.577 - Error - LogMeIn - Socket - 62.45.208.15:14021 - SSL error: SSLv3 read client hello C (in accept).
2009-01-24 20:42:41.577 - Error - LogMeIn - Socket - 62.45.208.15:14021 - SSL error: SSLv3 read client hello C (in accept).
2009-01-24 20:48:09.530 - Info - LogMeIn - Main - - ========== STARTED ==========
2009-01-24 20:48:09.530 - Info - LogMeIn - Main - - Entered main loop.
2009-01-24 20:48:09.530 - Info - LogMeIn - Main - - Creating global mutex.
2009-01-24 20:48:09.545 - Info - LogMeIn - Main - - Working directory: C:\Program Files\LogMeIn\x86\
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Windows version: 6.1.7000 (platform: NT)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Windows uptime: 0 days 0 hours and 0 minutes
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Windows memory: 2813MB physical (1938MB available), 5928MB commit (4971MB available).
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - LogMeIn version: 4.0.784 (Oct 16 2008 20:31:34)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library loaded: C:\Windows\system32\kernel32.dll (version 6.1.7000)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library loaded: C:\Windows\system32\SHELL32.dll (version 6.1.7000)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library loaded: C:\Windows\system32\USER32.dll (version 6.1.7000)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library loaded: C:\Windows\system32\GDI32.dll (version 6.1.7000)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library loaded: C:\Windows\system32\ADVAPI32.dll (version 6.1.7000)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library loaded: C:\Windows\system32\wsock32.dll (version 6.1.7000)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library loaded: C:\Windows\SYSTEM32\ntdll.dll (version 6.1.7000)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library loaded: C:\Windows\system32\psapi.dll (version 6.1.7000)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library loaded: C:\Windows\system32\netapi32.dll (version 6.1.7000)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library not found: rassapi.dll
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library loaded: C:\Windows\system32\VERSION.dll (version 6.1.7000)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library loaded: C:\Windows\system32\userenv.dll (version 6.1.7000)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library loaded: C:\Windows\system32\snmpapi.dll (version 6.1.7000)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library loaded: C:\Windows\system32\inetmib1.dll (version 6.1.7000)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library loaded: C:\Windows\system32\WININET.dll (version 8.0.7000)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library loaded: C:\Windows\system32\wtsapi32.dll (version 6.1.7000)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library loaded: C:\Windows\system32\WINSPOOL.DRV (version 6.1.7000)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library loaded: C:\Windows\system32\RPCRT4.dll (version 6.1.7000)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library loaded: C:\Windows\system32\CRYPT32.dll (version 6.1.7000)
2009-01-24 20:48:09.561 - Info - LogMeIn - Main - - Library loaded: C:\Windows\system32\uxtheme.dll (version 6.1.7000)
2009-01-24 20:48:09.857 - Info - LogMeIn - Main - - Checking system event log for errors.
2009-01-24 20:48:09.857 - Info - LogMeIn - Main - - Starting...
2009-01-24 20:48:09.857 - Info - LogMeIn - Main - - Workgroup: WORKGROUP
2009-01-24 20:48:09.857 - Info - LogMeIn - Main - - privileges
2009-01-24 20:48:09.857 - Info - LogMeIn - Main - - local security authority
2009-01-24 20:48:09.873 - Info - LogMeIn - Main - - nat traversal over udp
2009-01-24 20:48:09.873 - Info - LogMeIn - Main - - NATUDP protocol
2009-01-24 20:48:09.888 - Info - LogMeIn - Main - - XTCP protocol
2009-01-24 20:48:09.888 - Info - LogMeIn - Main - - rng
2009-01-24 20:48:09.888 - Info - LogMeIn - Main - - ssl engine
2009-01-24 20:48:09.888 - Info - LogMeIn - Socket - - loading strings
2009-01-24 20:48:09.888 - Info - LogMeIn - Socket - - initializing
2009-01-24 20:48:09.888 - Info - LogMeIn - Socket - - loading ciphers
2009-01-24 20:48:09.888 - Info - LogMeIn - Socket - - retrieving certificate 2874454ad6fae43acf6e2ab2112f8685
2009-01-24 20:48:09.888 - Error - LogMeIn - Socket - - failed to get certificate: The specified certificate does not exist. - Error: The system cannot find the file specified. (2)
2009-01-24 20:48:09.888 - Error - LogMeIn - Socket - - private key does not match public key in certificate
2009-01-24 20:48:10.169 - Info - LogMeIn - Main - - security
2009-01-24 20:48:10.185 - Info - LogMeIn - Main - - variables
2009-01-24 20:48:10.185 - Info - LogMeIn - Main - - sessions
2009-01-24 20:48:10.185 - Info - LogMeIn - Main - - caches
2009-01-24 20:48:10.185 - Info - LogMeIn - Main - - license
2009-01-24 20:48:10.185 - Info - LogMeIn - Main - - performance monitor (skipped)
2009-01-24 20:48:10.216 - Info - LogMeIn - Main - - templates
2009-01-24 20:48:10.216 - Info - LogMeIn - Main - - filters
2009-01-24 20:48:10.216 - Info - LogMeIn - Main - - system monitoring
2009-01-24 20:48:10.216 - Info - LogMeIn - Main - - COM server
2009-01-24 20:48:10.216 - Info - LogMeIn - System Monitoring - - Compiling, disabling sample scripts.
2009-01-24 20:48:10.232 - Info - LogMeIn - Main - - threads
2009-01-24 20:48:10.232 - Info - LogMeIn - Main - - http listener (addr: *, port: 2002)
2009-01-24 20:48:10.232 - Info - LogMeIn - Main - - telnet server
2009-01-24 20:48:10.232 - Info - LogMeIn - Main - - web service
2009-01-24 20:48:10.232 - Info - LogMeIn - Main - - maintenance
2009-01-24 20:48:10.232 - Info - LogMeIn - WebSvc - - Requesting gateway data.
2009-01-24 20:48:10.232 - Info - LogMeIn - LoadUrl - - Loading: http://homesite/myrahost/list.aspx?weighed=1&os=windows
2009-01-24 20:48:10.232 - Info - LogMeIn - Main - - journal
2009-01-24 20:48:10.232 - Error - LogMeIn - Telnet/SSH server - - SSH1 host key is not found and could not be generated, SSH1 is unavailable
2009-01-24 20:48:10.232 - Warning - LogMeIn - Telnet/SSH server - - SSH2 RSA host key is not found and could not be generated
2009-01-24 20:48:10.232 - Error - LogMeIn - Telnet/SSH server - - SSH2 DSA host key is not found and could not be generated, SSH2 is unavailable
2009-01-24 20:48:10.247 - Error - LogMeIn - WebSvc - - Could not connect to LogMeIn.com. Please make sure LogMeIn is enabled on any firewalls and your Internet connection is active.
2009-01-24 20:48:10.247 - Info - LogMeIn - WebSvc - - Requesting gateway data.
2009-01-24 20:48:10.247 - Info - LogMeIn - LoadUrl - - Loading: https://homesite/myrahost/list.aspx?weighed=1&os=windows
2009-01-24 20:48:10.247 - Error - LogMeIn - WebSvc - - Could not connect to LogMeIn.com. Please make sure LogMeIn is enabled on any firewalls and your Internet connection is active.
2009-01-24 20:48:12.494 - Info - LogMeIn - Main - - gui
2009-01-24 20:48:15.614 - Info - LogMeIn - Main - - remctrl check
2009-01-24 20:48:15.614 - Info - LogMeIn - Main - - Started.
2009-01-24 20:48:53.982 - Info - LogMeIn - WebSvc - - Requesting gateway data.
2009-01-24 20:48:53.982 - Info - LogMeIn - LoadUrl - - Loading: http://homesite/myrahost/list.aspx?weighed=1&os=windows
2009-01-24 20:48:57.289 - Warning - LogMeIn - LoadUrl - - Got response status: 302 (HTTP/1.0 302 Moved Temporarily)
2009-01-24 20:48:57.289 - Info - LogMeIn - LoadUrl - - Loading: http://BThomehub.home/connchk.lp?nm=1&client=192.168.2.3&server=198.18.1.3&event=DNSSpoofed&url=/myr...
2009-01-24 20:49:06.166 - Warning - LogMeIn - LoadUrl - - Got response status: 302 (HTTP/1.0 302 Moved Temporarily)
2009-01-24 20:49:06.166 - Info - LogMeIn - LoadUrl - - Loading: http://*/hijack_ppp.lp
2009-01-24 20:49:06.166 - Error - LogMeIn - WebSvc - - Could not connect to LogMeIn.com. Please make sure LogMeIn is enabled on any firewalls and your Internet connection is active.
2009-01-24 20:49:06.166 - Info - LogMeIn - WebSvc - - Requesting gateway data.
2009-01-24 20:49:06.166 - Info - LogMeIn - LoadUrl - - Loading: https://homesite/myrahost/list.aspx?weighed=1&os=windows
2009-01-24 20:49:27.210 - Error - LogMeIn - WebSvc - - Could not connect to LogMeIn.com. Please make sure LogMeIn is enabled on any firewalls and your Internet connection is active.
2009-01-24 20:54:02.725 - Info - LogMeIn - WebSvc - - Requesting gateway data.
2009-01-24 20:54:02.725 - Info - LogMeIn - LoadUrl - - Loading: http://homesite/myrahost/list.aspx?weighed=1&os=windows
2009-01-24 20:54:03.085 - Info - LogMeIn - WebSvc - - Connecting to web gateway control.app101.logmein.com:443...
2009-01-24 20:54:03.260 - Info - LogMeIn - WebSvc - - Verifying server certificate...
2009-01-24 20:54:03.260 - Info - LogMeIn - WebSvc - - Server certificate accepted: *.app101.logmein.com
2009-01-24 20:54:03.454 - Info - LogMeIn - WebSvc - - Logged in to web gateway.

 

 

 

New Contributor
geebee
Posts: 2
0

Re: Just been hacked - LogMeIn Free

I have now increased the security - ip filters etc.

 

Anyone notice 

Loading: http://*/hijack_ppp.lp
VIP Contributor
KGHalbe
Posts: 3,264
0

Re: Just been hacked - LogMeIn Free

Did you change your password to your LMI account, AND the computer that they supposedly hacked into ?

 

At ANYTIME, did you give your passwords to ANYONE ?  Even if you think you trusted them, did you give it to anyone ?

 

I have never heard of an instance where someone hacked into an LMI account before, and was able to access computers in the account as they would have had to hack TWO passwords.  And, getting into the LMI account, if you try a few times at guessing passwords, you get locked out for a bit. 

 

I think there is more information that we have to find out.

 

 

--

KGHalbe



(DISCLAIMER: I am NOT an employee of LMI, nor do I have any financial concern in LMI. I am strictly a HAPPY USER of LMI products. I am using PC version and XP SP2. Other systems or versions may act different than described above.)
LogMeIn Administrator
Sean
Posts: 376
0

Re: Just been hacked - LogMeIn Free

Where did you get your Windows 7 Beta?
Sean Keough
Product Specialist, LogMeIn Customer Support
LogMeIn Administrator
Sean
Posts: 376
0

Re: Just been hacked - LogMeIn Free

These following entries

 

2009-01-24 20:48:57.289 - Info      - LogMeIn - LoadUrl -  - Loading: http://BThomehub.home/connchk.lp?nm=1&client=192.168.2.3&server=198.18.1.3&event=DNSSpoofed&url=/myr...

2009-01-24 20:49:06.166 - Warning   - LogMeIn - LoadUrl -  - Got response status: 302 (HTTP/1.0 302 Moved Temporarily)

2009-01-24 20:49:06.166 - Info      - LogMeIn - LoadUrl -  - Loading: http://*/hijack_ppp.lp

 

indicate that the BTHome Wireless router you are accessing through is redirecting Us to somewhere else.  Right after that, we disconnected, then tried again, this time connecting properly.

 

As far as the login from the Netherlands; if you got your Windows 7 Beta from where I think you did, it probably has a keylogger, among other malware, already loaded on it.  I suggest removing that one, and getting a different version.

 

Sean Keough
Product Specialist, LogMeIn Customer Support
Frequent Contributor
JeffP
Posts: 18
0

Re: Just been hacked - LogMeIn Free

Sorry if this is a naive comment, but is this issue resolved as the result of a keylogger?
JeffP...
New Contributor
naturaluser
Posts: 1
0

Re: Just been hacked - LogMeIn Free

I was in my office today and my pc was logged into remotely - nothing happened apart from a few screens opened and the log said that 'watchdog' had logged in - what's this?
New Contributor
quantumlight
Posts: 1
0

Re: Just been hacked - LogMeIn Free

I was just hacked also. I am on Win XP. I went to work on my  and the LMI   LMI access bar was up on my screen.The address ended in

veloxzone.com.br . I had2 other computers at work also tied in and a laptop

here tied into LMI. I tried from my laptop to log into my work computers to

shut them down but wasn't able to so I drove to my office and disabled LMI.

 

Very scary. I didn't think LMI could be breached.

VIP Contributor
KGHalbe
Posts: 3,264
0

Re: Just been hacked - LogMeIn Free

Hello NATURALUSER,

 

Are you using AVG virus programs ?  They have a program called WATCHDOG and I am wondering if there were any chance that this could be involved.

 

Just a shot in the dark, but LMI security is very good, and I am sure a lot of people would like to find an explanation to this situation.

 

Also, are you using a copy of Vista that you got through a dark alley so to speak ?  There was an earlier refrence stating that some copies of Vista floating around have a keylogger in, and that would allow someone to invade your system.

 

 

--

KGHalbe



(DISCLAIMER: I am NOT an employee of LMI, nor do I have any financial concern in LMI. I am strictly a HAPPY USER of LMI products. I am using PC version and XP SP2. Other systems or versions may act different than described above.)
VIP Contributor
KGHalbe
Posts: 3,264
0

Re: Just been hacked - LogMeIn Free

I don't think there is anything that CAN'T be breached - and LMI does take their security very seriously.  I am sure that they are looking into this problem to see if anything needs to be done.  First thing that they must do, is to make sure that there is a problem !

 

If you have ANY software that you downloaded from the Internet on your machine, that may put your machine at risk, without being the fault of LMI or its programming.

 

I am not saying that LMI is perfect and no one can breach their system, but I haven't heard of that happening yet.  Hopefully, an answer will surface that will explain what happened one way or another.

 

 

--

KGHalbe



(DISCLAIMER: I am NOT an employee of LMI, nor do I have any financial concern in LMI. I am strictly a HAPPY USER of LMI products. I am using PC version and XP SP2. Other systems or versions may act different than described above.)