Hi All,
I've just run Rkhunter, and found 1 suspect file:
http://0bin.net/paste/QuPJczOoHpzuDrFF#LNmP-oM/zaV4rZPZhvqrVxpml22HwQjsbhEglzBveSt
Can I safely delete this file? I've been reading that you must be very carefully reacting to any Rkhunter issues. BTW, I am running BB 4.0, and have run ClamTk, and deleted all issues, that I found.
Thanks in advance for any responses.
Hi All,
This has now become very weird.
Normally, when I open terminal I get this:
XXXXX@XXXXX-HP-Spectre-XT-Ultrabook-PC:~$
I am in the last 1/2 hour getting this:
XXXXX@sachem:~$
Help! Have I been seriously hacked?
Man, what you are talking about? If your hostname was replaced it's because you used anonymous mode. If that is not the case check your auth logs. If you get some warrnings from rootkit and av scanners, open that files with any editor and see if they have some strange code inside etc.
Anyway this is BackBox community forum and not "save my pc". And use some paste services when you post terminal logs.
Quote from: Adler on March 05, 2015, 12:51:43 PM
Help! Have I been seriously hacked?
Yes!! You are under attack!! Disconnect all your machines ASAP!!