Author Topic: Need help to catch a hacker  (Read 2274 times)

0 Members and 1 Guest are viewing this topic.

Offline daniel.luchinets

  • Newbie
  • *
  • Posts: 3
Need help to catch a hacker
« on: July 08, 2019, 04:03:53 PM »
Hi Avast SecureLine VPN team.

I represent an IT department of one company. One of our servers had been attacked by the hacker. We have his sessions logged (time in UTC):

5.62.63.14       Sun Jul  7 07:19 - 07:20  (00:01)
5.62.61.22       Sat Jul  6 06:35 - 07:16  (00:41)
5.62.61.73       Fri Jul  5 18:45 - 18:51  (00:05)
5.62.61.73       Fri Jul  5 07:46 - 07:53  (00:07)
5.62.61.73       Fri Jul  5 07:39 - 07:54  (00:15)
5.62.61.74       Thu Jul  4 12:37 - 12:43  (00:05)
5.62.63.15       Thu Jul  4 06:52 - 06:54  (00:01)
5.62.18.86       Sun Jun 30 07:01 - 07:15  (00:13)
5.62.18.54       Wed Jun 26 15:44 - 15:48  (00:03)
5.62.18.95       Sat Jun 22 17:06 - 17:13  (00:07)
5.62.18.57       Sat Jun 22 13:45 - 13:46  (00:01)
5.62.18.57       Sat Jun 22 13:19 - 13:42  (00:23)
5.62.18.85       Sat Jun 22 13:07 - 13:08  (00:00)
5.62.34.14       Sat Jun 22 09:50 - 10:00  (00:10)
5.62.34.14       Sat Jun 22 09:43 - 09:59  (00:15)
5.62.34.13       Sat Jun 15 05:24 - 05:25  (00:00)
5.62.34.13       Sat Jun 15 05:10 - 05:10  (00:00)
5.62.34.13       Sat Jun 15 05:10 - 05:10  (00:00)
5.62.34.14       Fri Jun 14 19:58 - 19:58  (00:00)
5.62.34.15       Fri Jun 14 18:08 - 18:20  (00:11)
5.62.49.106      Fri Jun 14 16:17 - 16:20  (00:03)

As we can find, that addresses points to your VPN service and are the output point in Chisinau, Moldova.
We need to find this hacker's source IP addresses. Which documents do we need and how can we contact with the related team to resolve this question?
« Last Edit: July 08, 2019, 04:51:12 PM by daniel.luchinets »

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 66924
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Need help to catch a hacker
« Reply #1 on: July 08, 2019, 08:13:51 PM »
Hi Daniel, contact abuse[at]avast[dot]com.
Win 8.1 [x64] - Avast PremSec 20.8.2429.BUC [UI.562] - CC 5.72 - EEK - FF ESR 78.3 [NS/AOS/uBO/PB] - TB 68.12 - SB/CP/SL/DU.BUC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline daniel.luchinets

  • Newbie
  • *
  • Posts: 3
Re: Need help to catch a hacker
« Reply #2 on: July 09, 2019, 01:24:37 PM »
Thank you, Asyn.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 66924
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Need help to catch a hacker
« Reply #3 on: July 10, 2019, 05:43:05 AM »
You're welcome.
Win 8.1 [x64] - Avast PremSec 20.8.2429.BUC [UI.562] - CC 5.72 - EEK - FF ESR 78.3 [NS/AOS/uBO/PB] - TB 68.12 - SB/CP/SL/DU.BUC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline daniel.luchinets

  • Newbie
  • *
  • Posts: 3
Re: Need help to catch a hacker
« Reply #4 on: July 25, 2019, 07:50:01 PM »
They are still do not replied.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 66924
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Need help to catch a hacker
« Reply #5 on: July 26, 2019, 12:15:44 AM »
Well, it's holiday season. ;) I reported it, let's see...
Win 8.1 [x64] - Avast PremSec 20.8.2429.BUC [UI.562] - CC 5.72 - EEK - FF ESR 78.3 [NS/AOS/uBO/PB] - TB 68.12 - SB/CP/SL/DU.BUC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Thomas843

  • Newbie
  • *
  • Posts: 2
Re: Need help to catch a hacker
« Reply #6 on: August 01, 2019, 05:09:41 AM »
That is the same IP range we are dealing with.

Offline schmidthouse

  • VIRUS FREE A Long Time
  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6503
  • When you think you know, Think Again
Re: Need help to catch a hacker
« Reply #7 on: August 01, 2019, 05:14:34 PM »
That is the same IP range we are dealing with.

Have you reported it as directed by Asyn?

>>>  contact abuse[at]avast[dot]com.
***HP ENVY 15K LT W10 Pro 2004 64Bit/750GB HD/16GB Ram/Avast Premium 20.8.2429b/Secureline VPN v.5.7.5118b/ADU v.20.1b/ASB v.85.1b/SANDBOXIE/Prey Project
**HP Compaq 8510p LT W10 Pro 2004 64Bit/1TB HD/8GB Ram/Avast Premium 20.8.2429b/ADU v.20.1b/SANDBOXIE/Prey Project/HotSpot Shield VPN
     
*Dell Inspiron XPsp4 PRO 32Bit/Avast(since 2002)18.8.2356/WP/Comodo FW 3.14/Secureline/Comodo IceDragon v.40
LAYERED SECURITY SOFTWARE PROTECTION