Hi all,
i just seen that a chinese ip logged in my system and try to delete everything ..
he connected a way trough homeseer not vnc or telnet or else..
he could give himself access again, i could stop him by turning off my internet...
i just was in time because the system told me a ip have granted access to some ip...
and he was deleting events etc and did a homeseer restart and delete logs etc...... lucky i have a backup.. and i have his ip
How can he access without a username ?
i first was thinking its a plugin what gets access... but not... i start watching then my scripts went missing and events...
also this homeseer was running 310days without restarting
using .315
the ip is a vpn so someone did hack this homeseer version somehow...
IP Address 122.152.196.18 has been blocked from further access to the system.
IP Address 122.152.196.18 has been re-enabled for access to the system. (this is done after 10 minutes but it was within 1 minute... then it happend.)
It started with the isp modem crash out of nothing and about 1 hour later i get the homeseer message on my phone that there was granted access on my system, i checked the log and it was first blocked and than directly granted access..... then it started.. and i keep watching wat this person was doing.. because i have a backup on a other pc.
i just seen that a chinese ip logged in my system and try to delete everything ..
he connected a way trough homeseer not vnc or telnet or else..
he could give himself access again, i could stop him by turning off my internet...
i just was in time because the system told me a ip have granted access to some ip...
and he was deleting events etc and did a homeseer restart and delete logs etc...... lucky i have a backup.. and i have his ip
How can he access without a username ?
i first was thinking its a plugin what gets access... but not... i start watching then my scripts went missing and events...
also this homeseer was running 310days without restarting
using .315
the ip is a vpn so someone did hack this homeseer version somehow...
IP Address 122.152.196.18 has been blocked from further access to the system.
IP Address 122.152.196.18 has been re-enabled for access to the system. (this is done after 10 minutes but it was within 1 minute... then it happend.)
It started with the isp modem crash out of nothing and about 1 hour later i get the homeseer message on my phone that there was granted access on my system, i checked the log and it was first blocked and than directly granted access..... then it started.. and i keep watching wat this person was doing.. because i have a backup on a other pc.
Comment