Jump to content

Malwarebytes had been hacked, a unknown link was added in Allow List


Go to solution Solved by AdvancedSetup,

Recommended Posts

1.) Last week, I spent some time to check my older sister's laptop (with Malwarebytes software installed long time ago.) 

2.) Many default settings were changed, most of all, this link, linkby.tw, was added on the Allow List in her laptop.

3.) She absolutely has no ability to change those settings and add this unknown link to Allow List on her own laptop. 

4.) I had put those setting back to default, remove linkby.tw from Allow List, and then TURN ON Tamper Protection.

5.) This is a BIG SHOCK to me, that Malwarebytes itself was hacked. What's happening?

6.) Malwarebytes is always a great and trusted partner to me, my family members, colleagues, and friends.

7) Should you need any info from her laptop, i.e. some log files, please let me know, and show me, step by step, then I could deliver them to your team!

8.) I am more than happy to solve this hack problem with your professional team, let's stop this hack from happening ever again!

 

Link to post
Share on other sites

Hello and Welcome @vinnielu

I highly doubt that Malwarebytes has been hacked in anyway.  However if you do want to see if someone from the team can figure out what may have happened please provide the requested logs below.

  1. Download Malwarebytes Support Tool
  2. Double-click mb-support-X.X.X.XXXX.exe to run the program
    • You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
  3. Place a checkmark next to Accept License Agreement and click Next
  4. Navigate to the Advanced tab
  5. The Advanced menu page contains four categories:
    • Gather Logs: Collects troubleshooting information from the computer. As part of this process, Farbar Recovery Scan Tool (FRST) is run to perform a complete diagnosis. The information is saved to a file on the Desktop named mbst-grab-results.zip and can be added as an email attachment or uploaded to a forum post to assist with troubleshooting the issue at hand.
    • Clean: Performs an automated uninstallation of all Malwarebytes products installed to the computer and prompts to install the latest version of Malwarebytes for Windows afterwards. The Premium license key is backed up and reinstated. All user configurations and other data are removed. This process requires a reboot.
    •  Repair System: Includes various system-related repairs in case a Windows service is not functioning correctly that Malwarebytes for Windows is dependent on. It is not recommended to use any Repair System options unless instructed by a Malwarebytes Support agent.
    • Anonymously help the community by providing usage and threat statistics: Unchecking this option will prevent Malwarebytes Support Tool from sending anonymous telemetry data on usage of the program.
  6. To provide logs for review click the Gather Logs button
  7. Upon completion, click OK
  8. A file named mbst-grab-results.zip will be saved to your Desktop
  9. Please attach the file in your next reply.
  10. To uninstall all Malwarebytes Products, click the Clean button.
  11. Click the Yes button to proceed. 
  12. Save all your work and click OK when you are ready to reboot.
  13. After the reboot, you will have the option to re-install the latest version of Malwarebytes for Windows.
  14. Select Yes to install Malwarebytes.
  15. Malwarebytes for Windows will open once the installation completes successfully.
  • Like 2
Link to post
Share on other sites

  • Root Admin
  • Solution

Hello @vinnielu

 

Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process

Then follow each step in the order provided. Unless otherwise asked, please attach all logs

 

Please make the following system changes:

  • If you have not done so already - Enable System Protection and create a NEW System Restore Point
  • Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads.. Make sure to turn it back on once the scans are completed
  • Temporarily disable Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed
  • Disable-Fast-Startup
  • Show-Hidden-Folders-Files-Extensions

Please run the following scans:

  1. Click the following link and run a  Scan with AdwCleaner
  2. Click the following link and run a  Scan with Malwarebytes 
       RESTART the computer
  3. Click the following link and run a  Scan with Farbar Recovery Scan Tool 
     

Example image of where to click to attach files when posting your reply

image.thumb.png.e208c182ff570799c53bcf57

 

Thank you

 

Link to post
Share on other sites

  • Root Admin

This computer is running a hack to pirate and steal Windows.

It's also a very old computer.

My suggestion would be to do a clean install of Windows and not use tools to attempt to pirate

Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X64) Language: Chinese (Traditional, Taiwan)

BIOS: LENOVO 40CN26WW(V2.12) 09/13/2011
Motherboard: LENOVO Base Board Product Name

 

The system can probably run Windows 10 (even if you don't license and activate it the vast majority of Windows will still run just fine)

Clean Install Windows 10 & 11 (2023)
https://answers.microsoft.com/en-us/windows/forum/all/clean-install-windows-10-11-2023/1c426bdf-79b1-4d42-be93-17378d93e587

Also, please review the following topic

Bypass Microsoft Online Account Creation during installation of Windows 11
https://forums.malwarebytes.com/topic/296613-bypass-microsoft-online-account-creation-during-installation-of-windows-11/

 

  • Like 1
Link to post
Share on other sites

Hi AdvancedSetup,

 

WOW! If a pirated version OS was installed, this explains everything...

 

And yes, it's old laptop, she is old, she will hold. I bought it in 2011, brand new with Windows 7 preinstalled, as a gift to my older sister.

 

I just had a little chat with my older sister, she said, years ago, she brought this laptop to buy external audio speakers, the salespersons in that shop suggested her to upgrade her HDD in order to get a better performance. With consent of my sister, they kept the laptop for a few days. They even did not return the original HDD. This is the whole story...

 

Your suggestion:

1.) to do a clean install of Windows

Ans: For a laptop this old, not worthy of anyone's time. A brand new laptop with Windows 12 preinstalled might be an option for us.

2.) not use tools to attempt to pirate

Ans: I don't know how, we don't know how.

 

I should have asked her before I post this thread.

 

Many thanks to Firefox & AdvancedSetup and your valuable time spent on this answer!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.