cell phone site hacking

[mid3vildan]

hey everybody! i havent been around for almost a year, had pesonal issues with a very vengeful X GF. I am still having these issues, and have a general security question that is driving me absolutely bananas.

my cell phone is through t-mobile. Someone( i know it is an X gf, i just cant prove it) found a way to get into my account about once a day.i contacted my phone carrier about my issue with my custemers, friends and family recieving emails, texts and anonymous phone calls oncerning me and my business practices and just mayhem in general.... the ******** service people say that yes, someone has logged into my account more than i ever have, and they will not trace them without a court order. i tried to get a court order, but need to prove that they were in my account first, and that it wasnt me. so i am stuck major loop, since i cannot show that it wasnt me logging in and out. after researching like crazy, i simply cannot find any backdoor or way that they could have gotten into my account, does anyone have any s***estions?

[Moonbat]

I believe you, I remember this little problem from ExoTeric. For starters, let's assume your X is the greatest thing since Kevin Mitnick.

1. Did you scan your box for malware? If you haven't, do so now.
2. Are you on a network? Could she be running a packet sniffer? If so, get off the network.
3. Are you using a pass easy to guess? If so, change the pass.
4. Did she steal your cookies/hijack your login session? If so, delete any and all cookies related to T-Mobile
5. Could she have gotten your pass off your phone? I'm not too sure if that's possible, but you gotta consider everything.
6. Could she have used a known password to the email/whatever you use when you want to reset your T-Mobile account password? If so, change that pass. And preferably use a new email/whatever to reset your T-Mobile account pass.

That's all I can think of. Hope you get it sorted out.

[gordo]

In addition to Moonbats advice there are cell phone programs like this. [url]http://www.phone-spying.com/[/url] Depending on how vindictive she is.

[mid3vildan]

there are no viruses on my system, i run 2 different AVs, and a super firewall that does not let anything get sent to or from my system without my permission, it is tedious, and very annoying, but a necessary precaution.

i am thinking she has access to the website somehow, and no matter how many times i change my password, they always get in. i am well aware of brute force programs, but the website has authentications to prevent constant log-in trys.

i am very aware of security hacks, i just do not know how they are are doing this.

i do not use window mobile, or any smartphones, (anymore) or anyphones that have gps. i had learned that my old sidekick had a feature on it that let people learn approximatly where you are by pinging your phone to the closest cell tower/relay. so i went to a slightly older phone with no bells and whistles, and barely recieves or sends signals.

[Moonbat]

First, delete any cookies related to any email service and your T-Mobile account. This'll make sure when you login again you get a new session (that is, if the email services and T-Mobile use session_regenerate_id() in their PHP scripts, which they should be doing).

Then, I'd s***est changing all the passwords on your emails, just in case a passowrd-reset feature is being used to get your pass.

After that, change your account password (if you can).

If she still gets in, let us know. Please follow all these steps, so we can be sure what is going on.

[mid3vildan]

i deleted all my cookies, reset all passwords associated with the account, i also had a friend set up a contract for a business deal, and had her email it to my tmobile account, if it gets intercepted, they are still getting into my account.

[gordo]

For your website do you have any kind of web*****ing software? Can she get close enough to crack the security on your router? (if you have one) Have you scanned for rootkits?

[Moonbat]

Can she get close enough to crack the security on your router? (if you have one)

Going along with the router theme, make sure you aren't using the default user/pass. If you had a custom user/pass, it could've gotten reset if you reset your router.

Also, make sure to turn off SSID broadcasting for your router. Use some WPA encryption.

[nybaby]

....if T-mobile is anything like Sprint/Nextel this could be your answer....

With Sprint/Nextel you can have more than one user name associated with a cell phone number. Your X may not even be getting into your phone records with YOUR user name and password. She could have created an account of her own with your phone number (all she'd need is your account # and more recently your SIM card number...up until about * year ago you didn't even need the SIM card number to set up an online account...just the account #). So, there could be another user name associated with your phone number and you wouldn't even know it. So, changing your password on the user name that YOU know isn't going to do anything to prevent her from logging into the other account that she could have started.

In my case, when I called Sprint/Nextel they were useless. Complete idiots. They couldn't find out how to search for another account associated with my phone number. Same thing with the "court order" crap....and unless a "crime" is committed the police are also useless. Just recently I found out the other USER name and got it deleted. I also changed my phone carrier and phone number.

Have you thought about a keylogger to see how she is getting in and what else she is up to? Of course that's not legal...

My s***estion is to get a new phone company and new phone number and make sure she never gets her little paws on it!!

Good luck!

[mid3vildan]

i think you hit the root of the problem.
for now, until i can think of a better solution, i will be using prepaid phones for my serious business, and keep my tmobile phone for non important use until the contract runs out in march.

there is no way they can find me physically,,so they cannot get close enough to me to use man in the middle attacks, and i definatly do not have any kind of keylogger, i ran through all my processes individually on my system...


hopefully the prepaid phones will improve my situation.

[gordo]

i ran through all my processes individually on my system...

I know spytector doesn't show up in a hijack this log, or task manager. You can go through windows/system*2 and look for an exe about **/**.5 kb in size.
Thanks NY, I have t-mobile. I will check it out.

[mid3vildan]

all show up on mcaffee as PUPs, potentially unwanted programs. even the newest version of Abel shows up as a pup on mcaffee...

[nozf3r4tu]

change the password of the phone page from a cyber cafe. Leave it alove for a little bit of time. If the problem stops,that tells you she has access to your keystrokes without any doubt. If she still can access that phone page,even tho you didnt provided to her from your pc,i need to hire her for my firm...lol.
shes logging you from somewhere,avoind using the same email,there are softwares that will forward everythin coming in or going out to a speciffic adress.

[mid3vildan]

i have already done pw changes @ a cyber cafe, friends 'puters, even UofA computers, she still gets in. she was also able to get into a cricket phone, which i had for a minimal amount of time, so i believe she is logging in as NYtools s***ested.

She definatly isnt a hacker, and didnt even know her way around a computer until i showed her *the dark side*.

i do know she attempted to play with my cain and abel program i had on a home PC about * years ago, but she got absolutely nowhere, and tripped my security keylogger to show me what people are doing on my puter at that time.

i would never use C&A on a laptop, and mcaffee now picks it up Abel as a PUP, so it can no longer be hidden and running in the background, so i know she hasnt figured out how to remote install.

[Moonbat]

i have already done pw changes @ a cyber cafe, friends 'puters, even UofA computers, she still gets in. she was also able to get into a cricket phone, which i had for a minimal amount of time, so i believe she is logging in as nybaby s***ested.

Well, username typos aside, what are your choices now?