r/cybersecurity_help

▲ 3 r/cybersecurity_help+1 crossposts

I received a “Critical security alert” from google. Is it a phishing email?

Received an email from the account no-reply@accounts.google.com saying I had a critical security alert on my account and to check activity (i believe this is a real google account). I panic clicked the button in the email on accident and it took me through login and 2FA to look at my account activity. I also immediately went to my account directly and changed my password and recovery email in case this email was a phishing email. My question is, is my account in danger after this and or was this a legitimate email?

reddit.com
u/yellowtunaroll — 1 hour ago

Need advice - our privacy has been violated

Hello everyone,
I'm here looking for advice because my husband and I are going through something incredibly difficult.
Our private intimate videos were leaked after someone contacted us and tried to pressure us into meeting them. We immediately blocked the person and deactivated all of our social media accounts. Now I'm living with constant anxiety, terrified that our videos have been or will be posted online.
We have a newborn baby at home, and I honestly don't know how to cope with this fear and stress. I know recording private moments was a mistake, and I can't change what has already happened. Right now, I'm just trying to protect my family and move forward.
My videos were on iCloud , syncing to my phone.We never shared our passwords with anyone.
any advice on how to deal with this situation—legally, emotionally, or practically—I would truly appreciate your guidance.
Please be kind. Thank you.

reddit.com
u/FizzLizz_ — 4 hours ago
▲ 3 r/cybersecurity_help+1 crossposts

my PC got hacked and i need help

2 days ago i installed a file i shouldn’t have installed from a pirating website, the next day they accessed my discord and sent mr beast crypto currency scam to everyone on my discord. i found out this kind of hack is a session stealer. but unfortunately this happened the moment i went to bed so i discovered it 8 hours later when i woke up. i was not logged out of any of my accounts but i immediately started resetting my pc and reinstalling a fresh copy of windows, reset all my email passwords and steam, epic games etc i don’t use my pc for shopping or work data or anything of that sort i only use it to purely game. although i was logged in to my iCloud on this pc once and im scared they could have somehow accessed my iPhone or iCloud photos through it, i reset my password of course but since the email that was on my pc was also connected to my amazon account i am scared they accessed my card information as well. i removed my cards and im making a new amazon account and a new email as well. so far no money was taken from my cards, im too scared to use my pc again. is there anything else i should do?

reddit.com
u/Expert-Guidance3717 — 2 hours ago
▲ 0 r/cybersecurity_help+1 crossposts

I need help with my ip address plz

So recently I feel like I have been targeted like my phone is hacked private conversations are being recorded. Neighbors just bring up private conversations but I’m like how does he know he lives across the street he can’t hear me. I downloaded an app been verified just to get info on the people I feel targeted by. And it has a little icon that checks your ip address I want to know if someone can help me fix or secure my ip address I’m not tech savvy so I need all the help I can get. I just don’t know how to post pictures on here

postimg.cc
u/General-Theory8144 — 3 hours ago

A few questions about kernel level anti-cheat which I would appreciate some help with

Hello everyone,

I have been trying to avoid having to deal with kernel level anti-cheats (or ring-0 if I am not mistaken) but there are a few games that require it and before proceeding I am a bit curious about it.

I am not that experienced with security at all, but from my current point of view, having access to ring-0, there could be future bugs or exploits which can be taken advantage of resulting to an unnecessary risks.

My current setup consists of a dual-boot system with Arch and Win11, both installed on different SSDs. Windows are being used purely for gaming and nothing else. Obviously, with secure boot disabled, kernel level anticheats can not be installed.

In the scenario that I switch to a different distro that can have secure boot enabled, and a kernel level anti-cheat is installed on Windows, could the Linux system be in any way affected by it?

Thank you in advance!

Edit: TL;DR: Dual boot, Linux and Win on different SSDs, could any possible bug or exploit from kernel level access on windows affect the linux system?

reddit.com
u/visagedemort — 7 hours ago

My account was compromised? SOMEONE HELP!!!!

Hey, i was playing minecraft the other day and i join a server i found on google and when i signed in it made me give an email so i could verify which i saw as sketchy but my 2 other friends had done it before me and assured me it was fine. After playing the server for a bit i got an email on the account saying that my microsoft had added security info then i went to check it out and see if it was me or not it said that my account doesnt exist meaning it had been hacked and the hacker changed the gmail so i could not get in anymore what the hell do i do because im really scared and my brother will be VERY upset that he can not play minecraft anymore lol. (DO NOT JOIN NO FUCKING RISE SMP IT IS 100% A SCAM DESPITE THE 8K PEOPLE IN THE DISCORD)

reddit.com
u/Dry-Independent-322 — 8 hours ago

GAMING PC WAS HACKED

July 2nd I made a very dumb rookie mistake something I never do, but fell for. I fell for the xeno roblox hack. I followed the video step by step and ran the application as administrator. Right after doing so I noticed my files kept opening in internet explorer I then noticed discord was being hacked into I quickly ran to my phone changed up passwords and continued on (another rookie mistake) i then continued on playing roblox then noticed more stuff being hacked into view Microsoft account who I have to say their recovery process is weird. They managed to take my Microsoft account and proceeded to use the mr beast scam to everyone in discord. I unplugged the ethernet cable then proceeded to wipe the computer by restarting it. Weird things have stopped I recovered my Google account fine as well as steam and everything else. Microsoft is taken I am in contact with them and as well as discord. I am afraid right now im not gonna lie Im paranoid if I start this PC and reconnect my Google account he will have control again. His rookie mistake I saw exactly where he hacked me from it seems from Russia. I guess im asking if I do start up my pc again will he have control again?

reddit.com
u/Overall_Bug_6260 — 13 hours ago

I just got hacked and don’t know what to do

I don’t know how but someone keeps logging into my email. They have access to my steam and other game accounts, I tried changing my password but it keeps getting worse to the point where someone from hong kong randomly logged into my account.
I am completely lost and don’t know what to do.
I don’t remember downloading any shady files or putting in my information on a sketchy website so it is a surprise even to me. What steps should I take right now?

reddit.com
u/ElegantEducation2535 — 14 hours ago

How screwed am I?

The stupidest thing I’ve ever done: made an AI generated nude of myself on a nudify site (Can share the name privately for those willing to investigate). I used a fake email, gave no payment or personal info, and generated the nude. The shirt I was wearing could potentially be identifying, as it had the name of an org I’m part of (PimEyes also reveals my identity). I couldn’t access it because of the payment wall, but on my device I could still save it. I deleted it shortly after. The site’s privacy policy says they delete all uploads and creations, but in retrospect that could totally be a lie.

I’m terrified that the site could leak my nude, or even worse, get hacked and have my nude and IP leaked to the public. I know this was a major screw up, and tbh I don’t care too much if randos on the dark web see it. It’s just that Im worried it’ll surface on social medias, public websites, friends, family, or employers might find it, etc.

How common is it these sites store images? If it leaks, do images tend to stay archived with the bulk data or picked out and reposted (I’m not a celeb btw)? Are there any known cases of such a thing leading to the person being identified and leaked?

I hope I didn’t ruin my life - this will probably haunt me for years. If anyone’s done anything similar, have things become easier? What should I do now? It’s hard to quantify, but what are the realistic percent chances this screws me? Haven’t slept well in days, I’d really appreciate any help :’(

reddit.com
u/GuideGlittering6046 — 17 hours ago

Need help tracking down my stolen MacBooks... Find My is off but I have remote access and IPs

Hey guys, I'm exhausted from trying to figure this out and could really use some ideas. Both of my MacBooks got stolen recently and Find My is off, so I can't use that to track them. There’s a reward if they are found

But I do have a lot of access and information. I have Moonlight and Sunshine set up for remote access. I also run a bot that checks Headscale for a Tailscale connection, so I'll know exactly when either device goes online and connects to the internet. On top of that, I have both the private and public IP addresses of the devices.
I'm trying to figure out how to actually locate these devices with what I have. Since I have the IP addresses, I could technically ping where they are, but I'm not sure what the best method is to get an actual physical location to give to the cops.

The police have all the serial numbers and the basic info, but I really want to hand them a concrete location. If you guys have any ideas on how I can locate them using Tailscale, the remote access, or the IPs without having Find My active, I'd really appreciate it!

reddit.com
u/tomeklel — 14 hours ago

I saw my iPad was active yesterday on my Gmail device list, but I haven't used it in a while.

I only have two sessions on my Gmail account: my iPhone and my iPad. I haven't used my iPad in any Google apps in a long time, but somehow, it says on my device list that it was used yesterday. I looked at my Gmail recent security activity, and there's nothing. I don't download cracked games, I don't click on links, my passwords are complicated, and I have 2FA on everything.

reddit.com
u/Working-Flight-5514 — 14 hours ago

My girlfriend (f32) swiped my (m34) phone and her sister admitted to hacking it . What are my next steps for this evasion of privacy?

Ya so pretty much what the title says. I think it’s bullshit how she swiped my phone and her sister blatantly admitted she has hacked it. Also my girlfriend Samsung cloud is hooked up to a different number then the one I call her at and when I try to log into her Samsung account she can’t verify with text message because it doesn’t got her number but she says it is her brothers cell number. I also found out she is using a secondary digital SIM card that’s connected to her phone .

reddit.com
u/Delicious-Bridge-824 — 17 hours ago

My girlfriend (f32) swiped my (m34) phone and her sister admitted to hacking it . What are my next steps for this evasion of privacy?

Ya so pretty much what the title says. I think it’s bullshit how she swiped my phone and her sister blatantly admitted she has hacked it. Also my girlfriend Samsung cloud is hooked up to a different number then the one I call her at and when I try to log into her Samsung account she can’t verify with text message because it doesn’t got her number but she says it is her brothers cell number. I also found out she is using a secondary digital SIM card that’s connected to her phone .

reddit.com
u/Delicious-Bridge-824 — 17 hours ago

Question re hackers selling infostealer logs

Really sorry if this isn’t quite the right subreddit to ask, or if it's a question without an answer. Suspect the real answer is it depends on what was taken? I’m recovering from a possible recent infostealer attack, but still really anxious about my data being out there (though it’s been a few weeks and am slowly starting to feel better. This subreddit and r/techsupport have been a HUGE help).

But when a hacker/criminal sells an infostealer log, does that tend to be a onetime deal, and then the log is discarded once any useful data is extracted? Or is it more the case that, once the log exists, it gets resold over and over, either by the original hacker or by whoever bought the log?

Again, sorry if there’s not a true answer to this (Google gave me kinda mixed results). Like I said though, it’s been a few weeks, yet I can’t shake the anxiety about what’s potentially happening to my data. So I'm interested in people’s thoughts on this -- I'm trying to educate myself as much as possible, and never wanna fall victim to something like this ever again!

reddit.com
u/Fantastic_Duck2026 — 23 hours ago

How to identify which one of my device has a session stealer.

This morning my discord sent pings with images for a crypto currency to multiple dms. From what I understand this is caused by a session stealer. But I have 3 computers linked to this discord. I have not downloaded anything suspicious on any of the computers but I did go on some sketchy links trying to crack SnapGene (didnt end up doing it or dowloading anything) on my old Macbook. This mackbook has however been out of battery in the past 3 days so im wondering why I the pings would be sent out now. I am prepared to wipe completely and shut off from the internet the old mackbook but I just don't know if its the actual culprit or not. I can reinstall windows on my desktop (will be annoying but oh well), but how do I make sure the windows I put on a USB stick from my laptop (new) wouldnt be infected since I dont really know if the laptop is infected?

Let me know if I should provide more information. Your help is very much appreciated.

reddit.com
u/Effective_Ice203 — 21 hours ago

Can you help me by explaining this situation?

Hello, this question is for the ones who are very smart with cybersecurity. In the past I had an event of hacker who kept breaking into my account no matter what I did. The hacker broke into my Gmail and broke into my game platform account, using it for themselves. No matter what I did they kept getting into accounts- I had 2FA on both gmail and platform, I had strong passwords and changed them when they were breaking in, everytime I checked for devices logged in there was nothing, only my computer I used for these accounts. What was it? Anyone knows? I ran scans for suspicous files or viruses with multipe antiviruses like malwarebytes, hitman, windows one and etc and it showed nothing. Last thing I remember was going into websites using my Gmail account but not logging into them directly. Could comeone stole cookies of one website?

reddit.com
u/Riceeee123 — 23 hours ago

Social media getting hacked

Please i need help!

So a few days ago my instagram got hacked and they posted some bullshit mr beast crypto pictures to my story, then the next day my facebook got hacked and they sent the same photos to my contact list on messenger. I have now discovered my LinkedIn has now been hacked and my account has either been deleted or disabled as i cant login and it doesn't come up for other people.

The only thing i can think of is i tired to download an episode of a show via terminal but gave up because it seemingly didn't work- it was from a legit sourced though so i doubt thats it, especially since I ran a malware scanner on my computer and it came up clean.

Ive never in my life been hacked before so all of this happening so suddenly is very alarming. Im scared about my other info being out there so any help is greatly appreciated! Thank you in advance.

reddit.com
u/Positive_Working3041 — 22 hours ago
▲ 3 r/cybersecurity_help+1 crossposts

Cloudflare Verification terminal scam

Hi guys,

I fell for that stupid cloudfare verification thing and I actually pasted the code above into my terminal and it just opened up a small popup from my chrome and then asked me to input my password my presume but just kept inserting the wrong password. Also Terminal asked me if should allow access to my Desktop or Downloads I didn’t allow it.

Do you guys think I’m safe or should I wipe everything?

Any help would be appreciated thanks.

postimg.cc
u/IAmAllPowerful — 1 day ago

Can't recover dad's hacked WhatsApp, hacker's email on file, his number not receiving codes

Hey everyone, hoping someone here has dealt with this before.

My dad's WhatsApp was hacked a few months ago. The hacker changed the email on file to their own. At the time we were able to recover access using his phone number.

He just got a new Samsung phone and is trying to log in. WhatsApp is now asking him to verify via email or SMS. The problem is:

  • The email verification goes to the hacker's email which we obviously can't access
  • The SMS codes are not coming through, his WhatsApp is registered to an international number and he is currently in the US, and none of the codes are coming through

We tried several times and now when we try to uninstall and reinstall WhatsApp it says we can't install it anymore, likely from too many reinstall attempts today.

Please help!

reddit.com
u/IncognitoGyal7 — 22 hours ago

So I went onto a legitimate looking discord server that required a microsoft verification code, and stupid me decided to put my info onto it, and as you can probably tell, my account got hacked, email was changed, and I am completely locked out.

The account got sold, but I wanted to know if any of my passwords or hardware are seriously at risk. Since then I have changed all of my other passwords, but since then, my mouse has stopped working, and i am wondering if plugging it into anything will put a virus or something on my computer. If information is needed about what the verification looks like, it is a box with a textline above that asks for your email, and then a textline that pops up afterwards asking for the verification code that comes up. If you need the discord server link, ask me in the comments, but DO NOT VERIFY YOUR ACCOUNT

reddit.com
u/ClockSharp5826 — 1 day ago