How to Report hacking Attempt?

turbotaker

New Member
Joined
Nov 27, 2019
Messages
8
Good day Team,

Trust you are doing well,

I have gone through with online documentation on multiple websites and searched forums as well but there's no straight line information available about how to go after a hacker in SouthAfrica?

Step 1:
Report and abuse to ISP.

I have done this many times but the only information comes back to me from ISP is "We have contacted customer and warned them about this"

Or

Customer was not aware about this incident.

Or

Customer's Router was hacked.

These are bottle necks I have faced so far.

Yesterday, an incident happened again where one of my customer got hacked, and that's from one of the Local Service provider. I called them, and same story.

I am tired and fedup, I would like this MF to be persuded and he should have fear of not doing it again.

With my tools, I can identify masked IP as well, but the problem is, you can't reach to these MoFos.


If anyone has knowledge about how to persue these guys, I would be happy to know this.


p.s., reporting to police is useless, ISP replies the same thing to them. Reporting to ISPs is useless, there's no action from ISP to their customer.
 

pinball wizard

Honorary Master
Joined
Feb 9, 2010
Messages
27,240
I am tired and fedup, I would like this MF to be persuded and he should have fear of not doing it again.

With my tools, I can identify masked IP as well, but the problem is, you can't reach to these MoFos.
What did they do?

You have proof of criminal or civil damages? Lay charges and get a lawyer?
 

r00igev@@r

Executive Member
Joined
Dec 14, 2009
Messages
7,326
True, I agree ISPs are generally very lax on these problems. I phone them then they contact the customer. The loop is never closed.
I think we should create a South African threat intelligence feed that lists the IP and categorizes the incident.
Would be happy to join such an initiative,
 

Danieldan5152

Active Member
Joined
Jul 14, 2017
Messages
44
ISP's don't care, I mean I reported one of my own ISP's ips(102.141.158.1) for brute force attack and they just said the following.

"Thank you for the information. The brute force attempts on you routerboard does not originate from Level-7.

We do not have access to the router at all. You have the access to the router.

Please filter port 53 on your router and also disable all the service access except Winbox.

That should resolve the issue.
"


After I replied stating that according to IP registration you guys own this IP they replied with

"Thank you for your valued feedback.

The IP address indeed is owned by Level-7 , although with the routers current unsecured configuration any public IP can attempt to log in via telnet.

Taking steps to disable this would be great start.

Having us declined access to the equipment, we can not address your potential security risk
"


I know the risks involved and I don't care about them I care more about the fact the reporting abuse means nothing to @Level7 and I guess the same to other ISP's as well.
 

RonSwanson

Executive Member
Joined
May 21, 2018
Messages
6,845
Yep. We apparently have a cyber CERT in SA (with government funding and all), but last I heard their landing page was defaced. Various initiatives over the past few years, but I guess too much money was handed out from treasury and it all disappeared.
You should get your MP to raise the issue in parliament. ANC government is too busy with far more important work like renaming roads and places, erecting million rand statues, stealing from SOEs and using taxpayer money to fund court cases against imaginary racists.
 

SeaSickMama

Expert Member
Joined
Dec 26, 2013
Messages
1,971
On
Good day Team,

Trust you are doing well,

I have gone through with online documentation on multiple websites and searched forums as well but there's no straight line information available about how to go after a hacker in SouthAfrica?

Step 1:
Report and abuse to ISP.

I have done this many times but the only information comes back to me from ISP is "We have contacted customer and warned them about this"

Or

Customer was not aware about this incident.

Or

Customer's Router was hacked.

These are bottle necks I have faced so far.

Yesterday, an incident happened again where one of my customer got hacked, and that's from one of the Local Service provider. I called them, and same story.

I am tired and fedup, I would like this MF to be persuded and he should have fear of not doing it again.

With my tools, I can identify masked IP as well, but the problem is, you can't reach to these MoFos.


If anyone has knowledge about how to persue these guys, I would be happy to know this.


p.s., reporting to police is useless, ISP replies the same thing to them. Reporting to ISPs is useless, there's no action from ISP to their customer.
Only way is to get a lawyer to write a letter, one of my clients i work for has done this before.
Think the fine is R8000
IF they still go on then its taken to court.
IF you want info i can put you in contact with him

He has done this a few times, i know he told me the one time it was simply someone logging in with his clients password on his email.
 

Johnatan56

Honorary Master
Joined
Aug 23, 2013
Messages
29,470

rustypup

Expert Member
Joined
Jan 28, 2016
Messages
2,491
I have done this many times but the only information comes back to me from ISP is "We have contacted customer and warned them about this"

Or

Customer was not aware about this incident.

Or

Customer's Router was hacked.
Poor security posture will *never* be fixed via these routes.

Maybe start there.
 
Top