Author Topic: Need help to catch a hacker  (Read 1615 times)

0 Members and 1 Guest are viewing this topic.

Offline daniel.luchinets

  • Newbie
  • *
  • Posts: 3
Need help to catch a hacker
« on: July 08, 2019, 04:03:53 PM »
Hi Avast SecureLine VPN team.

I represent an IT department of one company. One of our servers had been attacked by the hacker. We have his sessions logged (time in UTC):

5.62.63.14       Sun Jul  7 07:19 - 07:20  (00:01)
5.62.61.22       Sat Jul  6 06:35 - 07:16  (00:41)
5.62.61.73       Fri Jul  5 18:45 - 18:51  (00:05)
5.62.61.73       Fri Jul  5 07:46 - 07:53  (00:07)
5.62.61.73       Fri Jul  5 07:39 - 07:54  (00:15)
5.62.61.74       Thu Jul  4 12:37 - 12:43  (00:05)
5.62.63.15       Thu Jul  4 06:52 - 06:54  (00:01)
5.62.18.86       Sun Jun 30 07:01 - 07:15  (00:13)
5.62.18.54       Wed Jun 26 15:44 - 15:48  (00:03)
5.62.18.95       Sat Jun 22 17:06 - 17:13  (00:07)
5.62.18.57       Sat Jun 22 13:45 - 13:46  (00:01)
5.62.18.57       Sat Jun 22 13:19 - 13:42  (00:23)
5.62.18.85       Sat Jun 22 13:07 - 13:08  (00:00)
5.62.34.14       Sat Jun 22 09:50 - 10:00  (00:10)
5.62.34.14       Sat Jun 22 09:43 - 09:59  (00:15)
5.62.34.13       Sat Jun 15 05:24 - 05:25  (00:00)
5.62.34.13       Sat Jun 15 05:10 - 05:10  (00:00)
5.62.34.13       Sat Jun 15 05:10 - 05:10  (00:00)
5.62.34.14       Fri Jun 14 19:58 - 19:58  (00:00)
5.62.34.15       Fri Jun 14 18:08 - 18:20  (00:11)
5.62.49.106      Fri Jun 14 16:17 - 16:20  (00:03)

As we can find, that addresses points to your VPN service and are the output point in Chisinau, Moldova.
We need to find this hacker's source IP addresses. Which documents do we need and how can we contact with the related team to resolve this question?
« Last Edit: July 08, 2019, 04:51:12 PM by daniel.luchinets »

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61177
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Need help to catch a hacker
« Reply #1 on: July 08, 2019, 08:13:51 PM »
Hi Daniel, contact abuse[at]avast[dot]com.
Win 8.1 [x64] - Avast PremSec 19.9.2394.B1 - CC 5.63 - EEK - Firefox ESR 60.9 [NS/AOS/uBO] - TB 68.1.1 [EM] - ABS/ACP/ASB/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline daniel.luchinets

  • Newbie
  • *
  • Posts: 3
Re: Need help to catch a hacker
« Reply #2 on: July 09, 2019, 01:24:37 PM »
Thank you, Asyn.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61177
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Need help to catch a hacker
« Reply #3 on: July 10, 2019, 05:43:05 AM »
You're welcome.
Win 8.1 [x64] - Avast PremSec 19.9.2394.B1 - CC 5.63 - EEK - Firefox ESR 60.9 [NS/AOS/uBO] - TB 68.1.1 [EM] - ABS/ACP/ASB/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline daniel.luchinets

  • Newbie
  • *
  • Posts: 3
Re: Need help to catch a hacker
« Reply #4 on: July 25, 2019, 07:50:01 PM »
They are still do not replied.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61177
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Need help to catch a hacker
« Reply #5 on: July 26, 2019, 12:15:44 AM »
Well, it's holiday season. ;) I reported it, let's see...
Win 8.1 [x64] - Avast PremSec 19.9.2394.B1 - CC 5.63 - EEK - Firefox ESR 60.9 [NS/AOS/uBO] - TB 68.1.1 [EM] - ABS/ACP/ASB/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Thomas843

  • Newbie
  • *
  • Posts: 2
Re: Need help to catch a hacker
« Reply #6 on: August 01, 2019, 05:09:41 AM »
That is the same IP range we are dealing with.

Offline schmidthouse

  • VIRUS FREE A Long Time
  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6174
  • When you think you know, Think Again
Re: Need help to catch a hacker
« Reply #7 on: August 01, 2019, 05:14:34 PM »
That is the same IP range we are dealing with.

Have you reported it as directed by Asyn?

>>>  contact abuse[at]avast[dot]com.
***HP ENVY 15K LT W10 Pro 1903 64Bit/750GB HD/16GB Ram/Avast Premier 19.8.2393 /VS 5.02(WC)/ASB/Mbam 4/Secureline b. 5.5/SANDBOXIE/Prey Project
**HP Compaq 8510p LT W10 Pro 1903 64Bit/1TB HD/8GB Ram/Avast Premier BETA 19.9.2394 /VS 5.02(WC)/ASB beta/Secureline b 5.5/SANDBOXIE/Prey Project 
     
*Dell Inspiron XPsp4 PRO 32Bit/Avast(since 2002)18.8.2356/OSA/WP/Comodo FW 3.14/Secureline/Comodo IceDragon v.40
<LAYERED SECURITY SOFTWARE PROTECTION ALL>