I’ve been browsing this site and its forums for several months, never contributing to any discussions or even creating an account until now.
Last week, my friend, noticed a window appear when he booted his computer; this window only appeared for a brief second and had “matrix” style numbers on it. Being concerned with what he had seen, he ran an anti-virus scan on the computer which returned no threats; but he knew that was incorrect. He was able to isolate an unknown process in task manager, locate the source files which I will mention later, and remove them himself. It appears that he was successful in removing the threats because they have not resurfaced, but here where the story takes a serious turn. Later that day, he discovered he was unable to log onto his steam account, he went to recover his password but when he attempted to recover it he did not receive the proper email from steam to allow him to reset it; instead he received no email. After attempting a few more times, he became confused, and he looked on the steam community site at the activity of his account. What he found was: someone had assumed control of his account, changed his password, changed the email attached to the account, removed all his friends, replaced them with others, and played his games for a short time. My friend, quickly realized that the files on his computer could be, and probably were related, to his steam account being hacked. Worried about his other online accounts he changed, without incident and from another device, all of his other passwords; however he did receive an email regarding an attempt to change one of his email passwords but every else is secure. After confirming all his other accounts were safe his attention then turned to recovering his Steam account, cleaning his computer, and stopping the person that did this from doing it again. He has started the proper Steam ticket to have his account recovered but they have yet to reply to his request.
As for the reason why I am posting here we are looking for advise on how to proceed on a few fronts. These fronts are: ensuring the recovery of his steam account, finding the person that did this too him, and stopping that person from doing it to others.
We aren’t completely up the river with respect to finding the person. My friend noticed something weird about one of the steam users who had been added as a friend to his account: one of the people had the same name as one of the files he found on his computer. That doesn’t automatically make him guilty but is certainly is a strong indicator. Also we are in the process of recovering the malicious files that he deleted in an attempt to trace their connections. He has backed up his important files and after he tries to recover the files he is going to format his computer.
That is pretty much all that has happened so far. We would like some people’s advice on how to deal with this situation. How would be go about tracing what has happened to an individual, or group? Should we contact any authorities, and which ones? What would you do? Any input on the situation would be much appreciated. We are competent with technology so we would be open to all pathways available.
Thank you for taking the time to read this post.
[UPDATE]
So with regards to find the person or persons who orchestrated this hacking we have given up; it would take too much time. Fortunately, my friend was able to get his steam account back from valve, he now has full control back and is enjoying playing his games. As for the three friends on his account that were added by the person who took it, one of whom had the same name as a file found on my friends computer, my friend decided to send two of them a message while they were online. One of the two didn't respond, but the other doubled down and talked with my friend. This conversation was short and consisted of this unknown guy calling my friend a, "nice jew boy" and sending a picture of my friend taken from his webcam.
Even after that happened we are still going try to move on and prevent it from happening again. My friend doesn't think they have any other photos because he remember when the webcam light came on; but it is creepy nonetheless.
Anyway, thanks to all those who proved their opinion and best wishes on this situation. if anyone has anything else they would like to contribute, please do, I am always open to listening to another possible resolution to the situation.