Got hacked by a rambler.ru account

Question

My microsoft account got hacked by a rambler.ru account and replaced my original email with theirs. that email address is [PII Removed] i requested a security info change from that email address back to my own but now my account is locked for two days and i'm not sure if requesting a security info change alone would be enough to keep the hacker from my account.

from my understanding too, I believe that they originally got to my microsoft account by hacking my email credentials.

Answer 1

Hi Keiran,

I am Dave, I will help you with this.

Usually when a hacker changes the Email on a Microsoft Account, then that account cannot be recovered, it is lost and there is no method to recover the account.

If you have been luck enough to be able to recover your account, when the 2 day time period has lapsed, it would be best to ensure you have a very strong password on your account and enable 2 factor authentication on your account to ensure the hacker no longer can access your account.

Answer 2

Jo Leal wrote:

i got hacked and i need your help

1. If the hacker/hijacker has changed the email address by creating an alias then deleting your address, now a non-primary alias, you will not be able to recover this account.

Check for that by trying to sign-in with the original address https://outlook.live.com If you are told that the account doesn't exist, you're out of luck.

2. Relevant article #1

https://support.microsoft.com/en-us/account-billing/how-to-recover-a-hacked-or-compromised-microsoft-account-24ca907d-bcdf-a44b-4656-47f0cd89c245 

3. Article #2

https://support.microsoft.com/en-us/account-billing/help-with-the-microsoft-account-recovery-form-b19c02d1-a782-dee6-93c3-dc8113b20c42 

4. And... since people ask...

Microsoft Support contacted via phone or chat won't be able to help you with this.

In this article https://support.microsoft.com/en-us/account-billing/contacting-support-for-a-microsoft-account-bb65aa6a-9135-31df-0b36-d6318d6f4e0f 

is the warning that

"Important:****To protect your account and its contents, our support agents and advocates are not allowed to send password reset links or access and change account details."

Don

Answer 3

Hi cyber analysts the Trojan you downloaded is known as bloody stealer, it does not matter how much information you have Microsoft won’t lift a finger on this considering you your account was lost due to malware, the Trojan bypasses any 2fa did you try downloading mods a game?

The account is lost but you recovered it hopefully, in the mean time reinstall windows check any and all bank accounts to make sure they were not part of the Trojan.

Rambler.ru is not the hacker it’s malware programmed to bypass 2fa from saved information in browsers and change it to a rambler.ru it wouldn’t matter anyway because it can steal without it. then all the information is transferred to the attacker via telegram your account is getting SOLD not hacked.

What is bloody stealer? Bloody stealer is a russian made malware that targets gamers who have poor cyber hygiene and would click anything they think is real then your gaming accounts are sold on an underground market

Targets: Minecraft,Roblox,genshin impact,Fortnite and other high demand games.

Solution: download from legit games and software from legit sources only

Minecraft mods: to dangerous to download due to the evasiveness of the trojan

Ignore malicious attachments messages

Use a strong antivirus that blocks this trojan not many anti viruses can so look to invest in these bitwarden,

Kaspersky, etc I will link a pc risk for more information.

https://www.pcrisk.com/removal-guides/20561-bloodystealer-malware

Answer 4

The exact same thing happened to me, I can't find a solution.