A few days ago, I downloaded a game from a site called Dodi-repacks and accidentally opened a suspicious .RAR file. Since then, I've lost access to my Facebook, several Gmail accounts, and other services like Discord and LinkedIn. I've run a Windows Defender scan, removed some Trojans, changed all my passwords, and set up two-factor authentication, but this morning I noticed further login attempts on my accounts. I'm wondering if a full reset of my PC would help or if there's something else I should do first.
2 Answers
First things first, shut down your PC immediately. Then, use another device that you know is secure, like a smartphone or a trusted computer, to secure your accounts and set up two-factor authentication (2FA). Go for time-based codes using apps like Authy or Google Authenticator. Start with your email accounts, and make sure to lock down your phone number too. After that, you can attempt to erase your PC without booting into Windows—I recommend checking your BIOS for that option or using bootable utilities. If you want to back up any files, do it after securing your accounts, but only connect to the internet after you've scanned everything with multiple anti-malware tools once you restore them. Even if the attackers didn’t get in this time, it’s better to be safe!
It's a tough lesson, but just remember, when something's free, there's often a catch. Many 'free' games could be hiding malware or hacks. Always be cautious about where you download things from.
Does this kind of malware only work on accounts without 2FA? Where is the malware pulling the account info from? Are keyloggers still a thing?