Announcement

Collapse
No announcement yet.

Did my Homeseer just get hacked?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Did my Homeseer just get hacked?

    I was just strolling around the interface and discovered that I have two users that was not inputted by me.

    drirwin72785@gmail.com

    tron.homeseer@computron-usa.com

    Are they supposed to be there?

  • #2
    Someone had to make the users. If you did not create the users I would recommend you consider them suspect.

    Comment


    • #3
      I would recommend removing these users and ensuring that you do not have a default user with a default password. You will also want to ensure that you are running the latest HS3 release as there was a fix put in for this several versions back.
      -Rupp
      sigpic

      Comment


      • #4
        If you're using MyHS for access, there's a setting which allows HomeSeer to create accounts when they log in through that method...

        Comment


        • #5
          Originally posted by dannieboiz View Post
          I was just strolling around the interface and discovered that I have two users that was not inputted by me.

          drirwin72785@gmail.com

          tron.homeseer@computron-usa.com

          Are they supposed to be there?
          If you're using MyHS for access, there's a setting which allows HomeSeer to create accounts when they log in through that method...

          Comment


          • #6
            i googled drirwin72785 @gmail and only 2 results came up. This post and a post about alexa skills.

            Computron is located around the Tampa bay area.

            Maybe this info can help.

            Comment


            • #7
              I deleted the names yesterday. I only have two users in there, one is me as the loca+admin and the other is my email address which I assume the one you guys refer to when I use myhs for access.

              BTW: is there a log that shows all the access to HS whether is a failed or successful login?

              On my FTP server, I can watch hackers trying to get on my server all day long.

              Comment


              • #8
                Originally posted by dannieboiz View Post
                is there a log that shows all the access to HS whether is a failed or successful login?
                There's a place in Setup/Network to enable logging.

                Click image for larger version

Name:	Hack.PNG
Views:	14
Size:	51.3 KB
ID:	1238413
                Mike____________________________________________________________ __________________
                HS3 Pro Edition 3.0.0.548

                HW: Stargate | NX8e | CAV6.6 | Squeezebox | PCS | WGL 800RF, Rain8Net+ | RFXCOM | QSE100D | Vantage Pro | Green-Eye | X10: XTB-232, -IIR | Edgeport/8 | Way2Call | Ecobee3

                Comment


                • #9
                  Originally posted by Uncle Michael View Post
                  There's a place in Setup/Network to enable logging.

                  Click image for larger version

Name:	Hack.PNG
Views:	14
Size:	51.3 KB
ID:	1238413
                  Thanks Michael, appearantly I already have all those enabled.... I supposed to view those, they are not on the same "logs" as the ones that log all the devices and event activities? I've never seen login logs there.

                  Comment


                  • #10
                    The main HS log is where they would be. Unless there are repeated attempts, the log entry is easy to miss, though.
                    Mike____________________________________________________________ __________________
                    HS3 Pro Edition 3.0.0.548

                    HW: Stargate | NX8e | CAV6.6 | Squeezebox | PCS | WGL 800RF, Rain8Net+ | RFXCOM | QSE100D | Vantage Pro | Green-Eye | X10: XTB-232, -IIR | Edgeport/8 | Way2Call | Ecobee3

                    Comment


                    • #11
                      I had this exact same problem back in January this year. Rich and the support team looked into it but couldn't determine how it happened. There was a similar issue fixed a few months before I had this I was told. I had 6 rogue accounts added to my server including the tron.homeseer one you have, and bizarrely Matt @ homeseer which got a few heads scratching. The suggestion from HS was go into setup in HS and disable the "auto create HSTouch users" option on the network tab in the MyHS section.

                      Comment

                      Working...
                      X