I accidentally clicked on a suspicious email that claimed I had copyright infringement issues. It prompted me to download a 130MB zip file to check for copyrighted content, and I unzipped it. Soon after, my passwords for all my Google accounts were compromised, two of my Instagram accounts were hacked (with posts made by someone else), and even my LinkedIn profile was hacked, having my name and region changed. I've deleted the zip file from my PC, but how can I ensure it's completely gone and not affecting my other files?
5 Answers
Did you change all the passwords on the affected accounts and activate two-factor authentication? Also, did you scan for rootkits with Malwarebytes? That’s important to catch anything that might be hiding on your system.
Honestly, at this point, you should consider wiping your drive and doing a fresh install of Windows. After that, change all your passwords. Just be more careful in the future and avoid running files from suspicious emails!
Wouldn't running Malwarebytes and deleting the trojans work? Plus, I've switched my browser to Brave after uninstalling Chrome since that’s where I got the email and had stored my passwords.
Lesson learned! Just steer clear of random emails like that. I'd recommend you do a full clean install of Windows 11. It’s hard to tell what the malware possibly did, and there could still be backdoors on your machine.
Just unzipping a file shouldn't directly cause those issues; you probably ran something from it. It’s good you deleted the zip file and scanned your computer with Malwarebytes, though. Make sure to keep an eye out for any other strange behavior on your devices.
I unzipped it, but once I noticed my accounts were compromised, I deleted it and ran Malwarebytes, which found and removed two trojans. Wouldn't that help me, though?
It seems like the zip contained a script that could capture your system info, including session IDs for your Google accounts. Since you had your passwords saved in Chrome, they became accessible to the hackers. I went through something similar a couple of years ago, and all my YouTube content was deleted by the time I tried to recover it. Just a heads up, there’s not much support from Google for account recovery, so be cautious moving forward.
That’s really unsettling! But I haven’t had issues like losing my YouTube account. How did you fix everything? I’ve already changed all my passwords and enabled 2FA.
Yes, I’ve changed all my passwords and enabled 2FA. I also scanned for rootkits with Malwarebytes.