Hacked account


#1

Hello!

I’m aware of Haveibeenpwned request, to see if my email was ever compromised. How can I find out more using your application, who could steal the password and how?


#2

You can hardly find an intruder using only OSINT techniques, but you have another option in your situation.

Using Lampyre, you can see if your email address is among stolen or hacked. You can perform the request as follows:
image
image

As a result, you can find out when there was a data leak:
image

Imagine a situation when hackers hacked a popular Internet shop, in which you used the same authorization data as in the mail or on Facebook.

The intruders could have log into your accounts on these resources. Such services often store information about IP-addresses from which users entered the profile. Having found some “weird IP addresses” in this list that are clearly not owned by your ISP, you can try to look for additional information on these IP addresses using some requests:
image

You can get a similar result with information about the provider, company, domain, and approximate geolocation of IP-addresses.
image

But experienced intruders do not use their own IP-addresses for attacks, therefore, it can be difficult to come to any final conclusions. In any case, we recommend not to use the same passwords on different resources and not to store passwords in a clear form.


#3

Thanks for the detailed answer!