SitePoint Sponsor

User Tag List

Results 1 to 8 of 8

Thread: How can I hack a stolen computer to wipe it or gather info?

  1. #1
    SitePoint Enthusiast
    Join Date
    Aug 2004
    Location
    Central Illinois
    Posts
    66
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    How can I hack a stolen computer to wipe it or gather info?

    My brother-in-law just had his laptop stolen. While little of the data would be useful to the thieves, it's of value to him and he'd like to get it back. I was wondering if there would be any way to initiate a social engineering / phishing attempt that has any chance of succeeding at allowing me to install remote access software, or otherwise wipe or transfer data? I'm not a hacker and don't know what tools I'm even looking for, but it would need to be something that would install fast, with minimal action required by the thieves.

    We have reason to believe they've accessed his Gmail account, and he has Skype installed, so there are conceivably ways to get messages through to the computer. The trick is to get some kind of payload through that we can then use to our advantage.

    Any ideas?

  2. #2
    It's all Geek to me silver trophybronze trophy
    SitePoint Award Recipient ralph.m's Avatar
    Join Date
    Mar 2009
    Location
    Melbourne, Australia
    Posts
    19,895
    Mentioned
    216 Post(s)
    Tagged
    2 Thread(s)
    It's a good idea to password protect your computer (I always log in when I fire up the computer).

    I don't know about PCs, but Macs have a "find my mac" feature (that works for iPhone, iPads etc. too). You can go online and see where your device is, and wipe it, too. (Not sure if you can wipe the Mac, actually, but you can wipe the phone. But you can take a photo of the person sitting in front of the Mac and send it to the police, along with the thief's location.)

  3. #3
    SitePoint Enthusiast
    Join Date
    Aug 2004
    Location
    Central Illinois
    Posts
    66
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Password protection would have been a good idea. I always use one too. But this wasn't my computer.

    Interesting info about Apple products though. He had an iPod Touch that might have been taken as well. So that might be an angle to look at.

    Other suggestions will continue to be welcome!

  4. #4
    It's all Geek to me silver trophybronze trophy
    SitePoint Award Recipient ralph.m's Avatar
    Join Date
    Mar 2009
    Location
    Melbourne, Australia
    Posts
    19,895
    Mentioned
    216 Post(s)
    Tagged
    2 Thread(s)
    Quote Originally Posted by MatthewHSE View Post
    He had an iPod Touch that might have been taken as well. So that might be an angle to look at.
    Initially, you need to set up an account with iCloud and enable "find my <device>". Not sure if iPods have that facility, but I would assume they do. But if it wasn't set up before being lost, he might be out of luck. If it was set up, though, he might be able to locate the robber. The iPod would have to be on an connected to the web, though.

  5. #5
    SitePoint Enthusiast Siick26's Avatar
    Join Date
    May 2013
    Location
    England
    Posts
    49
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    I don't think there is a massive load of options you have available. If you had some remote software which wiped the computer then that would be good but you haven't. I'd advise him to make sure he changes all his passwords (i'm sure he's already done this) and just report it to the police. Not a lot you can do really.

  6. #6
    SitePoint Wizard
    Join Date
    Oct 2007
    Location
    Boston, MA
    Posts
    1,353
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    You can just change all the passwords used on that computer Skype, mail, etc, and hope no personal information will be used by the thieves. And next time he better be careful with his stuff I don`t think you can find that computer, it`s pretty much lost for good.

  7. #7
    SitePoint Wizard bronze trophy
    Join Date
    Jul 2006
    Location
    Augusta, Georgia, United States
    Posts
    3,842
    Mentioned
    11 Post(s)
    Tagged
    3 Thread(s)
    If they are monitoring emails and nosey you could try sending some type of email with software attached that would wipe the disk. However, they would have to be dumb enough/intrigued to even run the program. Beyond that the software would also have to have permissions to wipe the disk. It would be highly unlikely someone would run some random software sent in an email but stranger things have happened.
    The only code I hate more than my own is everyone else's.

  8. #8
    #titanic {float:none} silver trophy
    molona's Avatar
    Join Date
    Feb 2005
    Location
    from Madrid to Heaven
    Posts
    7,312
    Mentioned
    116 Post(s)
    Tagged
    1 Thread(s)
    The thing is that you normally don't you know who stole the computer... or their intentions. Normally, it would be someone that just want to sell it to someone else (second hard store) to get some cash. If that's the case, any social engineering tool that you may have to use will fail

    Social engineering is based in that you know which computer you want to attack, where it is (at least at a particular point) and who is using it... because to get the passwords and stuff you need to befriend this user, or get to know their friends, or get as much information about him as you can.

    You don't know the thieves, nor how to contact them (not even FB) so that's out the place.

    If you don't know him but want to install a remote control software, the only thing that you can do is to send something to that computer (as an example, an e-mail that's configured in it) that the thief can't resist to click on. If the laptop is modern though, or there's some kind of authorization process in place (like Linux has, you can't install or update anything new without writing the password) that will also fail.

    And, if the thief simply wants to sell the computer, he may not even bother to see what's installed or will not really use the computer (just to check that it works and that it can be sold).

    So for the goods that were stolen, you can't do much.

    In the case of the iPhone, if you have the IMEI of the mobile card, you can contact your phone provider and they can try to trace where the phone is (if the phone is on, of course)

    I think that iPhone also has a feature that Samsung phones have: a little option that can tell you where you mobile is. By using an account that you configure when you bought the phone, and through a special web page, you can active the remote location services and even manage certain options (such as taking pictures while the thief is using your phone but he will not know that you are doing so)

    These phones can also be encrypted (in the same way the laptop should have been encrypted and with password protection)
    Before asking, do a search... if you don't find the answer, then ask
    The purpose of this forum is to help others in the community, that's why it's called Sitepoint and not Linkpoint.
    SP Guidelines - No fluff.

    Thinking Web: Voices of the Community - The Community Book

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •