As an IT support professional, I’m baffled by unfamiliar remote access to my system

BCAdmin

Unwanted Remote Access: A Disturbing Encounter with My Computer

As an IT support professional, I pride myself on my ability to troubleshoot a wide range of technical issues. However, I recently encountered a situation that left me both perplexed and concerned: I experienced unauthorized remote access to my system, specifically through Firefox. Here’s a detailed account of what unfolded and the steps I took in response.

The Incident

During an ordinary session on my computer, I suddenly noticed unusual activity in Firefox. A remote entity gained control of my computer and executed a series of actions that raised immediate alarm:

  • An existing Firefox window was manipulated.
  • A new tab was opened, and an attempt was made to search for “Google”—though it was misspelled.
  • The perpetrator then searched for a cryptocurrency game and hit enter.

Recognizing the severity of the situation, I quickly took action by disconnecting the network cable and implemented several security measures:

  • Disabled remote access to my PC.
  • Uninstalled AnyDesk (my work-related remote access tool) to prevent further access.
  • Conducted thorough scans using Malwarebytes and its rootkit scanner, yielding no results.
  • Adjusted local security policies to restrict any network connections.
  • Removed recently installed applications, including ClipClip and Winamp.

Despite ensuring that my Windows operating system was fully updated and utilizing Windows Defender as my antivirus, I was left baffled.

Questions That Linger

Naturally, two pressing questions emerged from this unsettling experience: How did this happen? and Why would anyone search for that game? While determining the technical method of unauthorized access feels almost impossible, the motivation behind the search for that specific game left me pondering.

I’ve resolved to proceed with a complete reinstallation of Windows 10 to safeguard my system, but I remain curious about the potential vulnerabilities that allowed this incident to occur.

Update on the Situation

After posting my experience and receiving invaluable feedback, I conducted a thorough review of my computer’s security. Unfortunately, I still could not pinpoint a clear cause. The likelihood of it being due to a browser extension, AnyDesk, or an even more nefarious infection seemed plausible. As a precaution, I removed all extensions from Firefox except for LastPass, uBlock Origin, and Dark Reader.

To bolster my security further, I’ve also adopted some new habits:

  • Shutting down my PC when not in use.
  • Locking the screen every time I leave the room

Share this content:

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *