# Can an intruder connect to a network via a computer after LogMeIn123



## Bromontana69 (Jun 5, 2014)

Although I consider myself a tech savvy guy, I made an idiotic mistake and fell for the LogMeIn123 scam here's a brief description of the events
I was looking for help with a linksys router, found a phone number I believed to be its support (first and biggest mistake), called it spoke with a man with a heavy Indian accent, which really made me believe it was a real tech website, he prompted me to connect my computer to his over logmein123.com which I did. Luckily I took the precaution to do it on my laptop because I was a little offput by the idea of this. he then went through some system files and tells me "there's 22 people connected to my network, _clearly_ there must be some malicious activity going on from somewhere else" We go through some BS and he eventually says he needs someone else to help, asks for my information, I realized I had goofed at this point and gave him all fake information, and got off the call.

Since I realized what had happened I took the precautionary measures of unplugging the Ethernet and disconnecting WiFi from laptop, system restoring my laptop, and resetting my router. My router has a static address so I believe my IP has been since changed. 
So after all that here's my question
Is there anything else I should do (wipe laptop and re install windows?) to prevent any backfire from this? And most importantly since he was connected to my network could he or anyone else at this point connect to any other computers on this network. My computers at home are connected to my work computer at home, which is connected to my entire office building. I could replace every computer in my office building and it would be minuscule to the cost of the information I could lose. Any help or advice would be greatly appreciated.


----------



## Bromontana69 (Jun 5, 2014)

Bump, my laptops literally just sitting here because I don't know if plugging it into ethernet will screw me over


----------



## Panther063 (Jul 13, 2009)

As a precaution run your antivirus and a rootkit scan, as he had access to your system he may have installed Malware.
Hopefully someone with more experience can offer more help.
Best of luck


----------



## Bromontana69 (Jun 5, 2014)

I'm mostly concerned for the safety of my network as a whole.
Is there any possibility of them getting into my network and corrupting or retrieving any information from it?


----------



## Bromontana69 (Jun 5, 2014)

any advice? anyone? Bueller?


----------



## VividProfessional (Apr 29, 2009)

How many devices do you have on your network? if you feel someoneone has gotten into your network the first thing to do is ensure that the devices are virus scanned and malware scanned as suggested above.
secondly you need to ensure that the network is isolated from the internet until you are sure nothing malrware wise has been installed and your systems are free from viruses.
if you think your network has been compromised then treat it as if it has:

I'll start by pointing out that there's no real definition of "hacked" to work from. We tend to think of it as someone gaining unauthorized access to your information, which is a fine, albeit a general definition. Unfortunately, it's not nearly enough to go on for the more rigorous definition that we would need to answer questions like, "What does it look like?" and "what do we look for?"

"The sad fact is that a sufficiently talented hacker might not leave any clues that you can easily find."

Heck, someone walking up to your computer and logging in as you because they know your password is a "hack", but there would be no malware or software trace left - other than perhaps something in the browser history.

Contrast that with external network attacks where someone remotely tries to penetrate the software or hardware that's protecting your computer from external access. While it's more likely to leave clues, it's not always guaranteed to be obvious, especially if you often access your computer yourself remotely.

Right away, you can see that things get complex.

Hackers Don't Always Leave Clues

The sad fact is that a sufficiently talented hacker might not leave any clues that you can easily find. This is one of the concepts that makes "rootkits" different than more traditional malware, like spyware or viruses; rootkits actually affect your system so that the normal ways of looking for files, for example, will not find them.

It takes special tools.

The same is true for just about any aspect of hacking - event logs can be emptied, file date and time stamps can be arbitrarily set or modified, files can be renamed or hidden, even malicious processes can be architected to run as part of some legitimate process, or simply look like a legitimate process themselves.

So, what can you do?

First, Protect Yourself

This is where I repeat the standard litany of "stay safe" advice:
•
Use a firewall.

•
Use anti-malware tools - both anti-virus and anti-spyware.

•
Keep your software as up-to-date as possible.

•
If a mobile machine, secure its internet connection.

•
Get educated about things like phishing scams, the dangers of email attachments, and just generally safe internet behavior.


I expand on these in what I often refer to as my most important article: Internet Safety: How do I keep my computer safe on the internet?, and I have recommendations for the tools to consider in this article: What Security Software do you recommend?

Prevention is much more effective by far than any attempts to detect a malicious intrusion, either during or after the event.





Clues To Look For

If you suspect that you have been hacked, the first thing to do is to run scans with your anti-malware tools. Make sure that they're up-to-date and that their databases are up-to-date as well, and then run full scans of your entire hard disk.

After that, things get fairly techie - which is why I said earlier that it's difficult (if not impossible) for the average computer user to determine what's happening.

I'll throw out some ideas, but don't feel bad if they're beyond you - this is tough stuff.

Because most malware these days is all about either communicating back over the internet or sending spam, the first thing that I would look at would be the internet activity happening on the machine. Look for processes that you don't recognize sending data to internet end points which you also don't recognize. Don't assume that they're evil without then researching them, but that's a place to start.

I'd use the same strategy for excessive disk activity as well.

It's worth looking at what's running on your machine as well - once again, looking for processes that you don't expect and then researching them.

If you're feeling particularly adventuresome (and you aren't the type to panic easily), then have a peek at the event viewer. The reason that I admonish the easily panicked not to look here is that there will be errors ... lots of them, in fact. That's normal, and that's because, to put it bluntly, the event log is a mess; occasionally, however, there can be clues in that mess. Exactly which clues are there is impossible to predict (remember, I said this was hard), but sometimes, they're helpful.

If You Suspect You Have Been Or Are Being Hacked

If you don't feel that you can trust your computer, then stop using it.

At least, stop using it until you can get to some reasonable level of confidence that all is as it should be, and that your next foray out to your online banking site won't result in, shall we say, "unexpected results".

Taking the time to secure your machine is important. Again, this is why I'm so adamant that prevention is so important.

It's significantly easier to prevent disaster than it is to recover from it.

Source:
How can I tell if my computer is being hacked?


----------



## Euro (Jun 12, 2014)

Logmein123 is a legitimate business tool, they are only able to get into the PC they got into in the first place.
Unless they downloaded another piece of software on your PC while in the system (which you would see on screen).
They may have opened a file transfer and put something on your PC though so run a scan over it.

I use logmein123 as a technician application, then use a program called 'VNC' to jump between PC's on a network, but that requires me to load it on the other PC and the one I'm dialed into the person (in this case you) would see me load the program.


If you have any more questions about this program let me know.


----------

