Hacked!!

I use teamviewer on a personal basis to access my home network when I am away and to access different computers on my home network when I am at home (saves the walk across the house).  I have different purposes for each computer and prefer to access the individual computer rather than try to duplicate or distribute tasks/apps/programs.  I generally leave a couple of computers running with teamviewer at all times such that I can access the data they contain.

This past August (2018), when I attempted to log into one of my remote computers I noticed the Teamviewer ID had changed which I found kind of strange.  Nevertheless I logged into the machine and continued.

About a week later I received and email addressed to me telling me my computer had been hacked via teamviewer and that the hacker had gained access to my email.  He informed me he had loaded a key logger on that computer as well as mirroring software and camera access such that he had a record of everything I had done as well as as video of me actually doing it.   I only use this computer to collect stock trading data so I was not too concerned however, he would have access to my whole network through this computer.  HIs message was somewhat credible as he knew my email address (not the one registered with Teamviewer), my teamviewer password and my facebook ID and password.  He then demanded ransome or he would distribute my personal information.

I immediately removed Teamviewer from the affected machine, re-installed the OS (Windows 7) installed new firewall and anti-virus software and have monitored the machine since.

I did not install teamviewer on the affected machine.  I installed two factor identfication on my other machines (sadly, I did not have it on any of my computers previously).

I still want to access the affected computer remotely but am extremely apprehensive about loading teamviewer again.  I am not sure how the hacker accessed my account in the first place (beyond randomly trying ID's).   I am guessing he is still monitoring the ID he was previously able to re-assign.

Could someone please explain how the previous hack occurred (If they are familiar with it) and how I can change the teamviewer ID on that computer such that the hacker will not have an easy place to restart his efforts?

Comments

  • Same here. I have a business license. I noticed the license was disappearing from time to time, so I was logging back in. But it felt strange.

    Then, one day this week, I noticed someone had exported all my passwords from a keepass file into a csv file.

    I have removed TeamViewer, reset all my PC's and all my passwords.