this post was submitted on 04 Dec 2023
6 points (80.0% liked)

Cybersecurity

5689 readers
165 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago
MODERATORS
 

Hi, I’m not a coder etc but I’m not a complete noob with computers.

My FIL has apparently been scammed / hacked by some shithead (according to wife) who has apparently managed to get control whenever he turns his laptop on. I don’t know much more than that right now. The situation is pretty shityy because the poor old man lost EVERYTHING in recent flooding; all possessions, personal documents etc. He was given this laptop to help him get his life back together, personal admin etc.

He’s actually an OG coder and mathematician but is old enough to be vulnerable to the crap that these scum pull on the unsuspecting.

I’m wondering if there’s a way (rubberduck?) to quickly delete teamware etc as soon as the pc boots. Not sure how much admin control he has anymore.

Is there a safe mode (?) way of getting back control / kicking external admins?

Many thanks for any advice.

you are viewing a single comment's thread
view the rest of the comments
[–] skizzles@lemmy.world 3 points 11 months ago

Hopping on a live USB to recover files is your safest option.

It will also give you an opportunity to scan files (with something like clam av) while running from a system other than Windows, so you're less likely to encounter any further infections. Not that Linux can't be infected, it's just much less likely and you'd be running from a flash drive and off network anyway so it's about as safe as you can get.

You would need to connect the live USB to the Internet to install clam av on the USB stick or something similar, but that can be done while using a separate machine before actually plugging into the affected machine.

I can't really offer any advice on using any software for scanning as I keep personal things on separate drives segregated from the network so if something ever did happen I'd just wipe and start over.

May be a good idea to take though. Get him a USB drive that he can store files on and disconnect when he doesn't need it.

Just some thoughts from someone that works in desktop support and has been tinkering for a little over 20 years.

Good luck!