Although hackers tend to target businesses, in order to steal data or extort them with ransomware, they sometimes go after individual people.
In 2019 Jeff Bezos, founder and CEO of Amazon, was hacked via an infected WhatsApp message to his iPhone. The malware was able to steal data from Bezos’ phone, including private messages and photos, and send them to a remote server controlled by the attackers.
Not all of us are billionaires but even if you’ve just clicked the wrong link and your machine’s infected with malware, you’re no less a victim of hacking. Here, you’ll learn what steps to take if you’ve been hacked to keep your data safe.
1 – Shut down your device
This may seem obvious but once a device is hacked, some device owners try to fix the issue themselves immediately by deleting suspect files or installing anti-malware tools after the fact.
If a hacker has broken into your device and/or malware is running on your machine, the longer you leave it on, the easier it is for them to alter or steal your data.
If you try to fix the issue yourself, you could end up removing critical system files or otherwise stop your machine from working correctly. There are also types of malware which can resist attempts at removal, even by sophisticated users (see below).
Shut your device down fully to minimize any damage that’s already been done.
2- Call in Tech Support
If the device you’re using is actually owned by an organization you work for, you’re in luck. At this stage you can report it to them and they can scan and remove the malware for you. You may even be given a replacement in the meantime, depending on your company’s policies.
If the device is your own, you should consider contacting the Manufacturer’s Tech Support number for recommendations about where to take it.
You should do this, even if you think you’ve removed the infection yourself. Malware like “rootkits” can survive being deleted, as it copies itself to other sectors of your hard drive, so your device can be reinfected. Removing malware like this requires specialist knowledge and tools.
3 – Change your Passwords
Even if your machine has been hacked or infected, your passwords won’t necessarily have been compromised. Most modern password managers use an encrypted database to store your credentials.
Still, if you’ve been infected by keylogger software like “Agent Tesla”, a hacker may not only have been recording each key press you make to type in passwords but taking screenshots and recording videos of your online activity too.
The only way to be certain your accounts are safe is to use another device to change all your passwords. Use a strong, unique password for each service. hide.me’s own password generator is perfect for this. You should also take the time to read our guide on how to create a strong password.
If you haven’t done so already, now’s a good time to set up 2FA (Two Factor Authentication). This means that even if a hacker already has your password, they’ll also need a special 6-digit code to log in to your account from their own device. This changes every 90 seconds, so makes it extremely difficult for them to steal your data.
4 – Change your bank cards
If you stored your debit/credit card information on the hacked device, you also may not have to worry if it was stored in an encrypted location like iCloud Keychain. Still, if you’re not certain about the type of malware used or how long your machine’s been infected, this data should be at risk too.
Contact your bank to explain the situation and ask them about reissuing new cards. If you use ‘virtual’ cards, ask the bank to cancel these too.
5 – Check your backups
If you’ve been keeping regular, secure backups of all your device data, in theory, you can just restore your device to a point before it was hacked or infected.
In reality, some types of malware actually target backups: for example, Petya Ransomware targets the MBR (Master Boot Record) of your machine to prevent it from loading the “System Restore” feature.
If your machine was infected whilst you were backing up, you may just be replacing one compromised system with another.
When you speak to Tech Support, make sure to discuss this with them and ask if your backups can also be scanned for malware along with your device.
6 – Restore your Device
Assuming that you kept device backups and these have been scanned for malware by qualified Support Engineers, you can simply ask them to restore your device from the latest clean backup.
If you don’t have a recent clean backup, the safest thing to do is ask your tech support people to reset the device to factory settings. This removes almost all forms of malware. It may be inconvenient to have to start your device from scratch and lose your personal information but is safer than trying to copy data over from an infected device.
7 – Prevent the next attack
If you’ve been working with your device’s tech support people, they can probably give you some idea of how your device was targeted in the first place and make recommendations.
For instance, if your device was attacked remotely by a hacker, using a VPN service is a good way to conceal your device’s IP address. As all connections are routed via a VPN server, as far as the internet’s concerned your IP is that of the server, not your device.
If your device was infected by malware, consider installing security software like Malwarebytes or Kaspersky Internet Suite. These often contain tools that not only will scan for malware but will block any apps that are behaving suspiciously. Speak to your tech support people and do your own online research to discover the right tools for you.
As over 90% of malware is designed for Microsoft Windows, now also might be a good time to consider switching to Ubuntu. This user-friendly operating system is based on Linux, so is immune to most malicious programs.
We love bringing you this content and hope it helps keep you safe and secure online. Feel free to share it with your friends, too.
Here at hide.me we are all about internet freedom, and we are happy to be in a position to bring that to everyone. That is why we give you a 30-day money-back guarantee on our Premium plan. No questions asked and no logs recorded.
If you have any questions, please feel to contact our 24/7 support team either at support@hide.me or via live chat.
Harriet Wainwright 
Avery Davis 