安装 Steam
登录
|
语言
繁體中文(繁体中文)
日本語(日语)
한국어(韩语)
ไทย(泰语)
български(保加利亚语)
Čeština(捷克语)
Dansk(丹麦语)
Deutsch(德语)
English(英语)
Español-España(西班牙语 - 西班牙)
Español - Latinoamérica(西班牙语 - 拉丁美洲)
Ελληνικά(希腊语)
Français(法语)
Italiano(意大利语)
Bahasa Indonesia(印度尼西亚语)
Magyar(匈牙利语)
Nederlands(荷兰语)
Norsk(挪威语)
Polski(波兰语)
Português(葡萄牙语 - 葡萄牙)
Português-Brasil(葡萄牙语 - 巴西)
Română(罗马尼亚语)
Русский(俄语)
Suomi(芬兰语)
Svenska(瑞典语)
Türkçe(土耳其语)
Tiếng Việt(越南语)
Українська(乌克兰语)
报告翻译问题
此主题已被锁定 
讨论规则及指引
举报此帖
Given yours, I'd take anything you said with a huge grain of salt.
Agreed... and if it were anyone but me talking, I'd agree with you.
Oftentimes a lot of my problems with computers can be chalked up to just plain bad luck.
...such as not running applications received via chat from NatashaPudding99,
...or maybe you downloaded some "MP4s" from a Youtube description, that were actually exes whose file name ended in ".mp4.exe" and had an MP4 icon, and you still had the setting "Hide extensions of known file types" checked on your Windows PC (which Microsoft stupidly sets to on by default - thus leaving their users vulnerable to this kind of phishing attack) thus causing them to appear as just a regular video file when they were, in fact, actually malware,
...or maybe you just let your nephew use your computer and he installed "GTA 5M" on his own,
or maybe it was your gamer grandma or grandpa - whoever you've been letting use your machine, and you didn't monitor their activity to make sure that they didn't get your machine infected - or here's an idea... just don't let them use your laptop and tell them to get their own,
...then again, maybe you did tell them to get their own and they used it anyways, without your permission, while you were asleep, or at the store, or at school, or at work or something,
...or maybe you took a free USB from the bucket of unpackaged USBs, labeled "FREE USBs", at a tech convention, and thus installed malware into your computer by plugging it in and getting hit by a BadUSB attack,
...or maybe someone didn't even need to make a BadUSB, maybe while you were turned away from your PC, someone at high-school, college, or the library, inserted a USB switchblade like the Rubber Ducky into your USB port for... oh... about 3 to 5 seconds should be long enough to do the trick if they wrote their scripts correctly... and infected you with something that way,
...or maybe you used a Bluetooth device with your PC but the device was infected with a worm,
...or maybe you downloaded an illegal copy of something that had been modified to include extra software that got injected into the executable,
...or maybe you were just feeling tired while reading a Discord chat and started to doze off and accidentally clicked to download something in your drowsiness or as your head began to fall for a bit in your drowsiness ...then later you see it in your downloads folder and think that it's a legitimate program that you forgot about,
...or maybe you had all scripts turned on in your browser (not using NoScript) or "don't ask me before downloading" set in the permissions (Mozilla did a bad recently by automatically switching people's permissions from "Ask every time" to "don't ask before downloading" automatically during an update) and through one of these delivery methods got hit by a drive-by-download, which placed the malware in your downloads folder, looking like a legitimate program (basically don't ever trust any programs in the downloads folder unless you're 100% sure that you downloaded them yourself because it's a folder that is vulnerable to drive-by-downloads)
...just to name a few mistakes that someone could have easily made, which would get malware onto their system that either is already there or allows propagation of further malware downloads via installing auto-clicker malware.
...or maybe when you were browsing to some site to download something like Audacity or Spotify, or maybe some drawing program, some ads might have come up on the download page that made themselves look like the download button but what clicking the ad actually caused you to download was a keylogger or remote access trojan instead of what you were after - and if the malware author was clever enough, they would have made sure their malware also installed the software that you were actually trying to download (legitimately) so that you wouldn't suspect anything after the installation of both the legitimate program that you were after AND the malware was complete,
...or maybe a third-party installed it while you were using a TeamViewer login or some other remote-desktop session, depending on the software that you use, you don't even need to necessarily give them authorization or consent if the software is already running with administrative privileges and automatically accepts remote access sessions (TeamViewer used to have an issue where people could break into sessions that they hadn't even been told about due to vulnerabilities in the parent company's service),
Based off of what they've written, I'm not even sure that the attack vector that they got hit by was, in fact, actually Discord. Someone can compromise a system in a variety of other ways and then begin compromising accounts which are accessed by that system. All it really takes is a remote access trojan and they can start logging everything you do that they might consider worth hijacking.
Hey, which book did you follow, btw?
I don't know if you're using a browser that jumps to text like that, but mine doesn't.
That's true, however, people shouldn't kid themselves... they ain't making even close to flawless systems.
Even the software & OSes with the best protections are just filled with zero-days that are yet to be discovered; some of which are extremely complex and will probably only be discovered by A.I.s and others are surprisingly simple.
Now, I can't know for sure about undiscovered zero-day vulnerabilities but past events do, to some extent, predict future events, and there's still quirks to computers that aren't very well known, such as the interference that can be caused by cosmic rays (not exactly hacker-stuff but still - and in theory it could be if someone could control those rays & have an awareness of what they were hitting in the hardware)
Considering that we're not going to know for sure, this is probably as good of an explanation as any :
https://www.youtube.com/watch?v=AaZ_RSt0KP8
...obviously, that's not how an account gets stolen but this video is also making guesses about several anomalous events that have happened in computing.
1. I don't run strange applications.
2. I don't download random internet stuff
3. I Don't have a nephew or anyone else who does games in my family
4. See 3
5. I Don't go to conventions
6. School computers were in the lab, secured under lock and key, I never used my own computer equipment at school or anywhere else
6. I Don't use untrusted hardware
7. See 6
8. I Don't use Bluetooth
9. I Don't use pirated programs
10. I could have gotten tired, or emotionally compromised, though it's unlikely.
11. Windows Defender SmartScreen is enabled
That eliminates all of your mistakes, at least the ones you listed.
I don't download random programs or use third-party remote access software.
Thank you for trying to help me out here.
Dude, you also thought you were under a hacker attack by your ISP.
No, I thought someone AT my ISP was attempting to hack me. Big difference.
I notified them, and they took care of it.
Pretty sure that nowhere on Steam does Valve endorse or encourage the use of Discord
(aside from their lack of maintenance on Steam chat, giving people incentive to find something that functions better)
and even if they implemented a policy that no Discord links were allowed on the platform, any developers or companies who prefer to use third-party services ...would still just use third-party serviced; they just wouldn't link them here but users would still find their way to them.
They don't have to do games. They just have to use your computer.
Malware comes from places other than games.
So, unless you're telling me that you don't have family, or friends, or anyone in the physical world who knows about your computer, then the option / possibility is still present.
BadUSB doesn't have to come from a convention.
Literally any USB that has been formatted to be one will still work in the same manner.
Well, you still could have been betrayed by hardware or software that you DID trust but didn't realize was compromised.
That's what everyone says.
And you ACTUALLY think that's a complete and foolproof, all encompassing, solution to drive-by-downloads and cross-site-scripting (XSS) attacks? *lol*
Well, that's probably the vector where you're most vulnerable then if you actually think that Defender & SmartScreen are going to protect you from everything.
By the way, earlier you claimed that Discord only filters things based on reports - well guess what...?
So does SmartScreen :
https://www.google.com/search?q=SmartScreen
My points are:
1. Nobody uses my computer terminal but me.
2. See 1.
3. I don't use strange USBs. I use my own - and they all come from a trusted vendor
4. I don't use strange hardware, all my hardware comes from a trusted vendor
5. I don't use pirated programs
6. I don't believe it's complete and foolproof. I do have other antimalware - Avast.
Unauthorized remote access could have happened, but as it was unauthorized, I neither knew about it, nor did I give permission - hence the term unauthorized.
So you don't have to use remote access, you just have to be running a program which can facilitate it or have a setting in the OS turned on which allows it to occur.
If you're not using such software (as far as you're aware) then you're probably fine on that front but it's still something that might be worth looking into, in part because Microsoft / Windows has several settings configured by default in ways that are not conducive to user security.
...that you know of.
...which could still have vulnerabilities of its own or get compromised at some point between retail & your usage of it with your computer, especially if it has wireless & internet capabilities & you've been using either of them. Sadly that's just how the world works. It's a low-probability that this is an attack vector that would result in your gaming accounts getting stolen but it's still a possibility.
Just as a scanner or as real-time anti-virus? If it's just a scanner then you need to tell it to manually scan everything that you download or it's not getting scanned & also if it's just the scanner then it still will do zero to protect you against drive-by-downloads & XSS.
Consider using NoScript in order to block most scripts by default (mainstream ones such as Google, & Youtube are turned on by default) and get a menu that lets you selectively enable & disable scripts from specific domains & vendors as you choose.
Presuming that you're correct & never misclick, & also aren't sharing your PC with others (as you claim you aren't), & you got your own laptop / desktop, you might want to make sure your room is getting locked properly and maybe get a video security system for your room, just to be sure that people aren't installing malware on your computer then because SOMEONE had to accept those downloads and run the executable files or scripts in order for that to happen.
...or you could just start by trying to up your software security first by making sure that settings are properly locked down, you're blocking potentially malicious scripts with AdBlock & NoScript, etc. and being careful what you download / run.
1. I've locked out remote access by any and all personnel. They'd have to be on site to do anything malicious.
2. I KNOW nobody uses my computer but me. My house is locked down and secured by recording cameras, inside and out. There's only two people in the house other than me, and that's my mother (who doesn't know the first thing about computers) and my landlord (who fixes 'em.)
3. All my hardware comes directly from the manufacturer through a vendor. None of it is "used". It's then assembled into a PC on-site.
4. I use Avast as a real-time anti-malware protection agent.
5. My mother doesn't touch my PC. My landlord does repairs on it when things need to be replaced and maintenance (compressed air blowouts, etcetera) when things get dusty or dirty.
6. I trust my family and my landlord. My settings are locked down and I'm extremely careful what I download and run. I'm very thorough in these matters.
As in they made a note because nothing was actually happening.
Can't be sure of that.
Oh... oh no. As someone who used to use Avast as my primary antivirus, I beg you to stop using it, it sucks. Use Malwarebytes, please. I had far better luck with that than Avast.
Do you know what Malwarebytes found on my computer that Avast failed to find? A ♥♥♥♥♥♥♥ trojan.