As an IT support professional, I’m baffled by mysterious remote access to my system

BCAdmin

Navigating the Unexpected: My Encounter with Remote Computer Access

In the realm of IT support, we often face a myriad of challenges; however, a recent experience left me both puzzled and concerned. Someone managed to remotely control my computer, particularly hijacking my Firefox browser. Here’s a detailed account of what transpired and the steps I’ve taken in response.

The Intrusion: What Happened?

While using my computer, I noticed some unusual activity. The following actions occurred without my consent:

  • Firefox was already open, when suddenly a new tab was opened.
  • An incorrect search for “Google” was entered in the address bar.
  • Subsequently, a search was initiated for a cryptocurrency game.

At that moment, I was taken aback and promptly disconnected my network cable. Recognizing the severity of the situation, I enacted several security measures:

  • Disabled all remote access features on my computer.
  • Uninstalled AnyDesk, which I typically use for work purposes.
  • Conducted thorough scans using Malwarebytes, including their rootkit scanner; fortunately, no threats were detected.
  • Adjusted my local security policies to restrict network connections entirely.
  • Removed recently installed applications, including ClipClip and WinAmp.

Despite running Windows with the latest updates and having Windows Defender as my antivirus, I realized I was still at risk.

Questions Without Answers

This incident left me with two pressing questions: How did this happen? and Why would anyone search for this game? While tracing the method of access may remain a mystery, the intent behind the search seems perplexing.

I plan to reinstall Windows 10 to ensure a fresh start but am eager to understand more about this alarming breach.

Update on the Situation

After my initial response, I anticipated that I would find no definitive cause for the intrusion, as expected. It seems probable that the culprit was an extension I had, a remnant of AnyDesk, or perhaps an overlooked vulnerability.

Thanks to the insightful suggestions from the community, I’ve taken further precautions:

  • I’ve removed all extensions except for LastPass, uBlock Origin, and Dark Reader for security reasons.
  • It has become a routine to shut down my computer when it’s not in use and to lock the screen whenever I step away.

Although I have removed AnyDesk for now, I might consider reintroducing it for outbound connections while ensuring inbound access is blocked. Should I encounter this issue again, you can guarantee I’ll be back to

Share this content:

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *