Title: Tackling Unexplained Remote Access: A Personal Experience
Introduction
In the world of IT support, we often encounter a variety of technical challenges, but occasionally, a situation arises that truly perplexes even the most seasoned professionals. Recently, I found myself facing an unsettling instance of unknown remote access to my computer, leading to a series of actions that left me both bewildered and concerned. Here’s a breakdown of my experience, the steps I took, and the lessons learned.
The Unsettling Incident
It began while I was occupied with regular tasks when I noticed strange activity occurring in real-time. My Firefox browser, which was already open, was remotely controlled. Someone (or something) had access to my system, initiating actions that included:
- Opening a new tab in Firefox.
- Conducting a search for “Google” (with a notable misspelling).
- Following this with a search for a cryptocurrency game.
Realizing the severity of the situation, I promptly disconnected my network cable and implemented several security measures:
- Disabled remote access to my PC.
- Uninstalled AnyDesk, which I had been using for work purposes.
- Performed a comprehensive scan with Malwarebytes and its rootkit scanner, both of which returned no findings.
- Adjusted my local security policy to prevent any network connections.
- Removed other recently installed applications, including ClipClip and Winamp.
Windows was up to date, and I was using Windows Defender as my antivirus solution.
Questions That Arise
After these measures, two lingering questions remained in my mind: How did this happen, and what could possibly motivate someone to search for that particular game? While the answer to “how” may be elusive, the “why” intrigued me further.
Moving Forward
In light of these unsettling events, I decided to reinstall Windows 10 as a precaution. However, I was eager to gather insights from the community to further understand potential vulnerabilities that might have allowed this occurrence.
An Update on Progress
After some analysis, I concluded that the root cause remained undetermined. It’s possible that an extension, AnyDesk, or something more insidious could have been responsible. I took substantial precautions, including:
- Eliminating extensions from my browser stack, with the exception of essential tools like LastPass, uBlock, and Dark Reader.
- Establishing a habit of shutting down my PC when not in use and locking my screen whenever I stepped away.
While I temporarily removed
Share this content: