u/Sea-Lawyer-7180

▲ 5 r/malwares+1 crossposts

Got hit by a virus (infostealer/session hijacker?)

Hey everyone,
I recently got hit by a virus on my PC, and I’m trying to figure out exactly what happened and if I’m fully secure now.

The Attack:
Shortly after the infection, my Facebook Messenger account was hijacked. It sent spam images of a "MrBeast Crypto Scam" to my contacts.
Here is the weird part: I only ever use Messenger on my PC via a web browser, and I always make it a habit to manually log out when I’m done. Does logging out not actually clear everything? Can a session hijacker or infostealer still bypass a logout using lingering browser cookies, cache, or session tokens?

My Cleanup Process:
As soon as I realized what happened, I went into full lockdown mode and did the following:

  1. Immediately disconnected my PC's Wi-Fi.
  2. Did a local reset from settings, followed by a completely clean OS install using a bootable USB drive.
  3. Used a completely different, clean device to change my Facebook password.
  4. Manually checked active sessions on FB and logged out all unknown devices.
  5. Turned on 2FA (App Authenticator + Phone Number) on FB.
  6. Changed my Google account password and enabled 2FA there too.

My Question:
Am I safe now, or is there any way they can still retain access? Also, if anyone can clarify how they managed to hijack my session even though I regularly log out, I’d love to understand the mechanics behind it. Thanks!

reddit.com
u/Sea-Lawyer-7180 — 5 days ago