Account being recurrently hacked

StoutePlex · July 3, 2018, 5:44pm

My account is being hacked, and as far as I can see only the PIN is being changed every time, and some Friends are added to my list.

I’m would like to know:

How could they have gained access and how to stop this from happening in the future
What kind of dangers am I opened to now? Could they have gained access to my home network or the computer I’m using as a server and opened private files?
Is there any way to trace their IPs? I see in my own information the emailadresses used by them, and that the computer systems (Linux and Windows) were using Firefox, which I personally don’t.

Some more info about the hack.
There was a unwanted user registered under the name deano-the-irlam-boi-2008@hotmail.co.uk
Also there were two friends added:
deanyweany1988 (deano-the-irlam-boi-2008@hotmail.co.uk) and
kittyloulou82 (kittyloulou82@gmail.com)

The following devices were used:

Plex Auth App (Firefox)
2 days ago
Unknown
Plex Auth App
Linux

Plex Auth App (Firefox)
2 days ago
Unknown
Plex Auth App
Windows

AmazingRando24 · July 3, 2018, 6:32pm

Change your Plex account password. It is possible, that your email address and password match some other website you’ve used in the past that has been hacked. Because people tend to use the same email/password combinations, the bad guys take that login information and sweep other popular sites on the internet looking for logins that work.

Changing it to something unique for Plex will put the power back in your hands. Delete the new users and rest comfortably knowing they likely didn’t have access to anything else other than your media to watch.

Also, review which websites you use that use the same login email and passwords, and consider making changes there as well as a precaution.

plex_gb · July 3, 2018, 8:52pm

Dean probably got invited by someone else, rather than hacking you I’d guess, you could contact him using these details https://domainbigdata.com/donkfm.info and see where he got access. Hellkitty1982 seems to be active in /r/plexshares, cadging invites too.

MeatBall · July 3, 2018, 11:02pm

In addition to @AmazingRando24 suggestion, I’d consider changing your remote port (something other than 32400). People routinely scan this port looking for Plex openings. I’ve come across apps that are connected to Plex servers when searching google for plex utilities.

But yea definitely change you password etc first and formost.

BigWheel · July 3, 2018, 11:04pm

what do you mean by “invited by someone else”? someone else cannot invite someone to my server.

i would definitely follow AmazonRando’s advice.

MeatBall · July 3, 2018, 11:05pm

Ha quick google search and you found the guy.
This is pretty common, it happened to a friend of mine. Guys acquire login info and sell access like a low rent Netflix.

StoutePlex · July 4, 2018, 9:02am

Thanks all for the advice.

My guess is that the person using the alias Dean Gilbert was behind the ‘hack’ (can’t really call it this). I also found him before on Google, which shows his emailadress is used on 71 sites, probably for sending out spam: https://domainbigdata.com/nj/rV6YdNj_OfNwGOMZKEgZ_g.
kittyloulou82 probably was added as a joke, as this alias was put on a forum once with the request to add it to a Plex database.

I changed the password and will assume they can’t do much more. Perhaps I’ll change the port too when I get home.

system · October 2, 2018, 9:02am

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Account hacked, how? General Discussions	14	1237	July 13, 2019
Hacked plex account General Discussions	5	540	October 8, 2020
Looks like I was hacked General Discussions	10	49	January 7, 2020
Strange user suddenly on my account General Discussions	22	672	October 9, 2019
Plex stolen General Discussions	3	62	January 7, 2020

Account being recurrently hacked

Related topics