Hacked during Download?

Question

Hacked during Download?

I was asked to download Adobe Flashplayer while opening a website so I could see the website. I hould have known better but Adobe is a legit business. The download site was "xlbts.forgetsummer.pw”. Next thing I know, a lot of my files were opened, and my safari extensions were gone. One of the files had personal information on it. It was password protected but was open at the time because I was working on it. I suspect I have to change my sign in credentials for the 70 sites listed in that file--a chore. Any suggestions on what to do or info on " xlbts.forgetsummer.pw” .

Mac mini, macOS 10.13

Posted on Jan 18, 2020 10:46 AM

Reply

Answer 1

Best reply

Eric Root

Level 10

684,105 points

Jan 18, 2020 10:55 AM in response to Barry Glasgal

That isn't a legitimate Adobe web site. Below is the link to download a legitimate copy of Flash Player.

Adobe Flash Player

You may have adware/malware installed. Try downloading this program which was written by Thomas R, a long time poster. The program will search for malware/adware. The program will do the work for you which makes it easy. It may be necessary to run more than one scan. After running the scans, restart the computer.

Malwarebytes Anti-Malware for Mac 10.10 and later

Web site for download https://www.malwarebytes.com

Malwarebytes uninstall

Reply

Answer 2

dominic23

Level 10

83,916 points

Jan 18, 2020 10:57 AM in response to Barry Glasgal

Download EtreCheck, run it to see if there is any adware installed or not.

https://etrecheck.com

Click “Free download” button,

Open Downloads folder, click on it to open, and then select ”Open”.

“Choose a problem” from the popup menu box, and then “Start EtreCheck” in the dialog.

Click “Share Report” button in the toolbar, select “Copy report” .

Paste the report when you reply.

Reply

Answer 3

Jan 18, 2020 11:20 AM in response to dominic23

My main concern at the moment is whether my files have been stolen. Is there any way to find out, or should I just assume they were and act accordingly. Hate the thought of changing 70 sign in creds.

Reply

Answer 4

dominic23

Level 10

83,916 points

Jan 18, 2020 11:34 AM in response to Barry Glasgal

Software installs (last 30 days): â“˜
    Adobe Flash Player:  (installed 2020-01-14)
    Epson Photo+:  (installed 2020-01-18)
    EPSON Printer Driver:  (installed 2020-01-18)
    Microsoft AutoUpdate:  (installed 2020-01-18)
    Dashlane: 6.1948.0 (installed 2020-01-18)
    AdBlock: 1.22.0 (installed 2020-01-18)

    Install information may not be complete.

It doesn't show anything out of ordinary.

I would uninstall Uninstall Flash Player for Mac OS - Adobe Support and reinstall Flash Player by clicking the link

Eric Root posted.

Reply

Answer 5

Jan 19, 2020 8:48 AM in response to dominic23

Thanx. I did uninstalll the version that was downloaded from from the bogus website. Should I need to upgrade in the future I will do from Adobe.

To my other issue. Is it possible that my excel spreadsheets that were open were stolen?

Reply

Answer 6

Eric Root

Level 10

684,105 points

Jan 19, 2020 10:25 AM in response to Barry Glasgal

As dominic posted, that is highly unlikely. Malwarebytes came up clean. The Etrecheck report doesn't show the installation of any abnormal programs. To get access to your computer, they would have to get through the firewall on your router.

Reply