trojan?

Hi,

a friend of mine has booked a ticket for a concert and a few minutes later
it was booked again. When he complained to the ticket-company and said that
he only ordered one ticket and asked why they charged him two, they said
that it was booked twice. When they checked their log-file, they found that
one was ordered from my computer. But to do so, I would have had needed my
friends log-in, his PIN and his bank account. Now he is really ****ed off at
me and thinks I spyed in his stuff, which I definitely didn't.

However, there is no question that the order was sent from my computer. Now
my question: Since I know I definitely didn't do this and noone else has
access to my computer - is there any kind of virus that can do things like
that? Like a trojan virus or anything that scans computers which I have a
connection to (via FTP), spys out passwords and then completes actions like
booking something the other person did just a second ago?

If there is a Virus like that, please tell me. My anti-virus hasn't found
anything, but I know I didn't betray my friend and I don't want our
friendship to be ruined. So I am looking for an explanation...

Thanx,
Steph

PS: Please excuse my english.

reply to

Stephanie Pesch

In article <btou0c$9o1fj$>,
says...
> Hi,
>
> a friend of mine has booked a ticket for a concert and a few minutes later
> it was booked again. When he complained to the ticket-company and said that
> he only ordered one ticket and asked why they charged him two, they said
> that it was booked twice. When they checked their log-file, they found that
> one was ordered from my computer. But to do so, I would have had needed my
> friends log-in, his PIN and his bank account. Now he is really ****ed off at
> me and thinks I spyed in his stuff, which I definitely didn't.
>
> However, there is no question that the order was sent from my computer. Now
> my question: Since I know I definitely didn't do this and noone else has
> access to my computer - is there any kind of virus that can do things like
> that? Like a trojan virus or anything that scans computers which I have a
> connection to (via FTP), spys out passwords and then completes actions like
> booking something the other person did just a second ago?
>
> If there is a Virus like that, please tell me. My anti-virus hasn't found
> anything, but I know I didn't betray my friend and I don't want our
> friendship to be ruined. So I am looking for an explanation...
>
> Thanx,
> Steph
>
> PS: Please excuse my english.
>
> reply to
>
>
>


Yes. It's *possible*, but here's something to consider:

*If* someone grabbed his credit card information from *his* computer,
then they went to the trouble to hack into yet another machine and
bounce off it to order the _same_ concert ticket as your friend....
what's the chances? Seems rather suspicious to me.

I'd say there's more to this than just a bit of computer security.

*If* both of your machines are infected with the same trojan and *if*
you're either on the same subnet (which would make for easy scanning by
the attacker) or *if* the _same_ hacker placed the same trojans on both
of your machines, then yes, I would find it believable.

However, if you're using a totally different ISP's and neither of you
acquired this *trojan* the same way, say for instance, both of you
opened the same email/attachment (are you on any mailing lists
together?), I'd find it highly unlikely that a random hacker on the
Internet, hacked into your friend's computer, stole his credit card
info, then hacked into your computer in order to bounce to the ticket
sales website and then buy a ticket to the same concert that your friend
did.... seems, well, off the wall.

Like I said, there's more to this. I'd be more inclined to dig into this
a tad bit deeper... from either parties stand-point.

I've love to hear the outcome of this.




--
Colonel Flagg
http://www.internetwarzone.org/

Privacy at a click:
http://www.cotse.net

Q: How many Bill Gates does it take to change a lightbulb?
A: None, he just defines Darkness? as the new industry standard..."

"...I see stupid people."

Colonel Flagg

Colonel Flagg wrote:

> Seems rather suspicious to me.

Yes, that's true. It seems rather suspicious to my friend also and I
can'teven blame him.

> Like I said, there's more to this. I'd be more inclined to dig into
> this
> a tad bit deeper... from either parties stand-point.

Like what? I mean, do you have any idea?


> I've love to hear the outcome of this.

I'll post it

Thanx,
Steph

Stephanie Pesch

On Sat, 10 Jan 2004 14:16:09 +0100, Stephanie Pesch wrote:

> Hi,
>
> a friend of mine has booked a ticket for a concert and a few minutes later
> it was booked again. When he complained to the ticket-company and said that
> he only ordered one ticket and asked why they charged him two, they said
> that it was booked twice. When they checked their log-file, they found that
> one was ordered from my computer. But to do so, I would have had needed my
> friends log-in, his PIN and his bank account. Now he is really ****ed off at
> me and thinks I spyed in his stuff, which I definitely didn't.
>
> However, there is no question that the order was sent from my computer. Now
> my question: Since I know I definitely didn't do this and noone else has
> access to my computer - is there any kind of virus that can do things like
> that? Like a trojan virus or anything that scans computers which I have a
> connection to (via FTP), spys out passwords and then completes actions like
> booking something the other person did just a second ago?
>
> If there is a Virus like that, please tell me. My anti-virus hasn't found
> anything, but I know I didn't betray my friend and I don't want our
> friendship to be ruined. So I am looking for an explanation...
>
> Thanx,
> Steph
>
> PS: Please excuse my english.
>
> reply to

Theoretically it would be possible, but extremely unlikely. Given the job
I would assume more probable alternatives:

- the most likely is that you (or someone using your computer) did indeed
make the booking.
- failing that I would look at the ticket-company's application - double
bookings/charges are not uncommon, and their claim of "checking the log
files" does not mean much.
- I would start looking for a trojan/hack/virus only if I could eliminate
the first two possibilities - it's the least likely.
--
Mailman



-----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
-----== Over 100,000 Newsgroups - 19 Different Servers! =-----

Mailman

On Sat, 10 Jan 2004 14:16:09 +0100, "Stephanie Pesch" <>
wrote:

>Hi,
>
>a friend of mine has booked a ticket for a concert and a few minutes later
>it was booked again. When he complained to the ticket-company and said that
>he only ordered one ticket and asked why they charged him two, they said
>that it was booked twice. When they checked their log-file, they found that
>one was ordered from my computer. But to do so, I would have had needed my
>friends log-in, his PIN and his bank account. Now he is really ****ed off at
>me and thinks I spyed in his stuff, which I definitely didn't.
>
>However, there is no question that the order was sent from my computer. Now
>my question: Since I know I definitely didn't do this and noone else has
>access to my computer - is there any kind of virus that can do things like
>that? Like a trojan virus or anything that scans computers which I have a
>connection to (via FTP), spys out passwords and then completes actions like
>booking something the other person did just a second ago?
>
>If there is a Virus like that, please tell me. My anti-virus hasn't found
>anything, but I know I didn't betray my friend and I don't want our
>friendship to be ruined. So I am looking for an explanation...
>
>Thanx,
>Steph
>
>PS: Please excuse my english.
>
>reply to

What evidence do that asset they have that identified YOUR computer ?

If its been charged to his credit card, he should ask for a refund and
report it to the credit card company.

Sounds like a **** up with their online ordering system
followed by rubbish to cover it up.

I assume that he used your machine to order the tickets?

Probably he double clicked on the 'submit order' button

--
Jim Watt http://www.gibnet.com

Jim Watt

"Stephanie Pesch" <> wrote in message
news:btou0c$9o1fj$...
> Hi,
>
> a friend of mine has booked a ticket for a concert and a few minutes later
> it was booked again. When he complained to the ticket-company and said
that
> he only ordered one ticket and asked why they charged him two, they said
> that it was booked twice. When they checked their log-file, they found
that
> one was ordered from my computer. But to do so, I would have had needed my

Who said the extra ticket was ordered from your computer? If the
ticket-comany said that, how did it know the IP address corresponded to your
computer at that time? Sometimes, companies avoid the blame by blaming
whoever asks the question. Be prepared. Ask for the details - which two IP
addresses, what time, what timezone.

> However, there is no question that the order was sent from my computer.
Now
> my question: Since I know I definitely didn't do this and noone else has

Run netstat or tcpview to spot any suspecious processes or connections.

> access to my computer - is there any kind of virus that can do things like
> that? Like a trojan virus or anything that scans computers which I have a
> connection to (via FTP), spys out passwords and then completes actions
like
> booking something the other person did just a second ago?

If there is one, it is very unlikely that the intruder would want to simply
book a ticket when he could use the bank account information for more stuff.

PT Wang

"Stephanie Pesch" <> wrote in message
news:btou0c$9o1fj$...
> Hi,
>
> a friend of mine has booked a ticket for a concert and a few minutes later
> it was booked again. When he complained to the ticket-company and said
that
> he only ordered one ticket and asked why they charged him two, they said
> that it was booked twice. When they checked their log-file, they found
that
> one was ordered from my computer. But to do so, I would have had needed my
> friends log-in, his PIN and his bank account. Now he is really ****ed off
at
> me and thinks I spyed in his stuff, which I definitely didn't.
>
> However, there is no question that the order was sent from my computer.
Now
> my question: Since I know I definitely didn't do this and noone else has
> access to my computer - is there any kind of virus that can do things like
> that? Like a trojan virus or anything that scans computers which I have a
> connection to (via FTP), spys out passwords and then completes actions
like
> booking something the other person did just a second ago?
>
> If there is a Virus like that, please tell me. My anti-virus hasn't found
> anything, but I know I didn't betray my friend and I don't want our
> friendship to be ruined. So I am looking for an explanation...
>
> Thanx,
> Steph
>
> PS: Please excuse my english.
>
> reply to
>
>

If you ask me, he clicked the sumbit twice, maybe it didnt load quick
enough, and due to poor scripting there was
no checking. The source who claims it was two different machines is prolly
lying.


--
Mimic

"Without knowledge you have fear. With fear you create your own nightmares."
"There are 10 types of people in the world. Those that understand Binary,
and those that dont."
"On a long enough timeline, the survival rate for everyone drops to zero".

Mimic

In article <AqGdnePMteN5q53dRVn->,
says...
> "Stephanie Pesch" <> wrote in message
> news:btou0c$9o1fj$...
> > Hi,
> >
> > a friend of mine has booked a ticket for a concert and a few minutes later
> > it was booked again. When he complained to the ticket-company and said
> that
> > he only ordered one ticket and asked why they charged him two, they said
> > that it was booked twice. When they checked their log-file, they found
> that
> > one was ordered from my computer. But to do so, I would have had needed my
> > friends log-in, his PIN and his bank account. Now he is really ****ed off
> at
> > me and thinks I spyed in his stuff, which I definitely didn't.
> >
> > However, there is no question that the order was sent from my computer.
> Now
> > my question: Since I know I definitely didn't do this and noone else has
> > access to my computer - is there any kind of virus that can do things like
> > that? Like a trojan virus or anything that scans computers which I have a
> > connection to (via FTP), spys out passwords and then completes actions
> like
> > booking something the other person did just a second ago?
> >
> > If there is a Virus like that, please tell me. My anti-virus hasn't found
> > anything, but I know I didn't betray my friend and I don't want our
> > friendship to be ruined. So I am looking for an explanation...
> >
> > Thanx,
> > Steph
> >
> > PS: Please excuse my english.
> >
> > reply to
> >
> >
>
> If you ask me, he clicked the sumbit twice, maybe it didnt load quick
> enough, and due to poor scripting there was
> no checking. The source who claims it was two different machines is prolly
> lying.
>
>
> --
> Mimic
>
> "Without knowledge you have fear. With fear you create your own nightmares."
> "There are 10 types of people in the world. Those that understand Binary,
> and those that dont."
> "On a long enough timeline, the survival rate for everyone drops to zero".
>
>
>
>


that was my first thought as well.... then I considered her statement
about "her computer", which I assumed matched an IP address. Now
consider they're both on the same ISP and it's dynamically assigned...
if they matched IP addresses or rather _he_ matched IP addresses from a
previous email of hers, she *could have* had the same IP address as him
at some point in time. then I considered the sheer coincidence of the
whole thing and fall back to my original gut-feeling that *someone* is
feeding some bullshit.




--
Colonel Flagg
http://www.internetwarzone.org/

Privacy at a click:
http://www.cotse.net

Q: How many Bill Gates does it take to change a lightbulb?
A: None, he just defines Darkness? as the new industry standard..."

"...I see stupid people."

Colonel Flagg

Colonel Flagg wrote:
> that was my first thought as well.... then I considered her statement
> about "her computer", which I assumed matched an IP address.

IP adress plus name of my computer...

> whole thing and fall back to my original gut-feeling that *someone* is
> feeding some bullshit.

Not me Must be the ticket-company then. But then on the other hand, how
do they know that my IP-adress matches the name of my computer...

Greetz,
Steph

Stephanie Pesch

"Stephanie Pesch" <> wrote in message
news:btpni8$9m70o$...
> Colonel Flagg wrote:
> > that was my first thought as well.... then I considered her statement
> > about "her computer", which I assumed matched an IP address.
>
> IP adress plus name of my computer...
>
> > whole thing and fall back to my original gut-feeling that *someone* is
> > feeding some bullshit.
>
> Not me Must be the ticket-company then. But then on the other hand,
how
> do they know that my IP-adress matches the name of my computer...

Would this be the same *dial-up* account that you're using to post with now?

Also, have you ever sent that particular company an email in the past? OE
sends mail using the name of your PC..

--

Hairy One Kenobi

Disclaimer: the opinions expressed in this opinion do not necessarily
reflect the opinions of the highly-opinionated person expressing the opinion
in the first place. So there!

Hairy One Kenobi