IBM Z60T Hacked July 14th or 15th? Downloaded BackTrack3, FreeBSD 8.2, both bad has daily? ping to 201.191.202.18, 201.191.202.25 at aprox. 11:45am, discovered monday, july 25th Discovered skype contacts deleted, july 25th. Changed all account passwords at internet cafe. Macbook Pro 8.1 Hacked July 23rd or 24th discovered local hack Sunday, July 24th after mounting my 8gb USB drive. There was heavy disk I/O for a couple of minutes and the process load on the 2nd to 5th level processes (ranked by percent of processor load) increased significantly. After that I tried to install Toast Titanium 8. Installer came back with an error saying that there was a pending install. Upon reboot system attempts samba connection to local IP address: 192.168.200.30. I then installed Toast 8 however upon trying to run that some of the related processes (sub-routines) would fail if Toast was the only running application. Did system re-install. Upon configuring the system to connect to the internet using the 'family' Huwaie USB modem (ICE 3G) noticed other questionable activity: 1)system ui server connection to 192.168.33.1 port 192 udp 2)after 20 minutes of skype noticed nmblookup connection to public IP 100.0.0.100 – tied to usr/libexec/configd 3)heavy spurious UDP traffic (category 'other') HP 4100 workstation Configured July 26th. Worked July 27th. Installed Skype at 2:30pm. Upon triggering the install another package came in (labeled only as 'update') and installed without requesting authentication. After that installed the skype package appeared in the software manager and requested authentication. I worked the afternoon on one IP. At 5:30pm I created a public SSH key after disconnecting from the internet and releasing my IP. I reconnected at 6pm. I contacted Ignacio on skype (ignacio-nin) and then sent him my public key via my email – siliconj@gmail.com. I noticed at that time that some of my re-added skype contacts were missing and that there was another new contact – 'ndlawrence'. I downloaded Ignacio's instructions for connecting to IRC, company email, ssh, etc. and ate dinner. I started a download of Centos6 and continued monitoring the traffic. At 7pm I noticed a connection to 201.191.202.25 – same IP as the IBM and became (more) suspicious. I immediately checked my siliconj@gmail.com account and noticed that all of my messages had been read – one hour before there were 10 to 12 unread messages in my inbox. I disconnected from the internet and immediately went to an internet cafe and changed my passwords. When I returned I rebooted the machine to install a clean version of debian6. Machine failed upon reboot – apparently a bad motherboard or corrupted bios. AMD sempron purchased motherboard, processor and memory to build system July 30th. Built system on July 31st. Performed clean install of debian6 and then tried to boot from CD - BackTrack3. Boot failed. Upon restart noticed that system had been modified. Purchased Dell workstation August 1st, Configured August 2nd Dell Optiplex 745 worked August 7th on Seelye farm, started this document. August 9th worked in office. Left to get movies. Upon return noticed computer turned on (specifically left off). At reboot on August 10th noticed Intel microcode update being installed - machine has not been connected to the internet and no software other than the centos 5.5 install disk has been installed by me. Also noticed that the system time has been modified in the bios. Pirelli Router Hacked July 12? Discovered July 28th 192.168.1.1 200.91.104.195 200.91.110.58 201.193.98.249 200.91.110.49 200.91.105.25 201.193.86.154 201.193.89.97 100.0.0.100 ::ffff:6400:64 location: Peabody, Kansas traceroute: 192.168.1.1 200.91.104.195 200.91.110.58 201.193.98.249 200.91.110.49 200.91.105.25 201.193.86.154 201.193.89.97 144.223.245.133 144.232.2.200 204.255.168.233 152.63.85.81 152.63.85.73 152.63.4.10 Intel CPU microcode update