My accounts keep getting hacked

Check YOUR computer that you use to login to those accounts.

It likely has an infection like a keystroke logger that is capturing those user/passwords as you log in.

There are a multitude of products out there.

Start here:
Malwarebytes


And here's a free antivirus:
AVG Free - Antivirus Download | Free Virus Protection

This one will.

change the password for your email address ,,sometimes hacker might using your email account to get new passwords for hosting etc..

Also, if you're using WP, check your .php files for a long, nonsensical string of numbers and letters. This is a hack that migrates to several files and it serves as a hack (not sure how it works, but I've seen it in action).

It'll look something like, "<?php eval(base64_decode(.... string of numbers/letters etc)"

How exactly hacked? Is that your sites keeping getting infected with spam? if that is yes, then that doesn't mean hackers are breaking your passwords.
The most common on this situation it is the spam injection which adds/infects lots of files on your server and if you don't clean them all, the spams will spread all over again.

He did mention that several of his affil accounts keep getting hacked as well, so unlikely just simple malicious code or php-injection on one of his websites, but very possible has keylogger or some form of trojan. I haven't been involved in PC/MAC malware removal in quite some time, but this is the most likely culprit given the spread of "hacking" in his case. Once keylogged, ANY of your accounts can be vulnerable.

Run Scanner(s) (Yes, Plural) and unfortunately I cannot think of any recommendations off-hand for MAC, but link provided by GameVoid (clamxav.com) seems a good place to start (Thank you GV).
After scans clean and then re-scan to ensure clean (scan till it's DONE), then start changing passwords again. Use good high-strength passwords (as you are already) and keep them safe (I just simply put mine under my keyboard at home; I figure, if someone breaks in then I've got bigger problems lol).
Clear Cookies/Cache : Seems minor, but good to do. I've used crap-cleaner for such (ccleaner.com) but unsure if there is a MAC version or alternative.
I would start w/ email passwords first (as these can often be used for "account retrieval" systems for your other accounts) and then move on to your "money" accounts (Banks/Affils).
Finally, lock down FTP/Hosting accounts, Domain Accounts/Etc, as well as admin users/pass for your various sites that have admin login interfaces.

Final Note: Yes, Windows is typically thought to be more vulnerable than a MAC, but a MAC can STILL get malware/virus. There is no such thing as 100% secure, do not be delusional and remember "an ounce of prevention is worth a pound of cure". You don't have to scan to the point of paranoia, but scanning and basic computer maintenance should be a regular part of your computing experience overall.

and a PS: You don't need screensaver.exe software, smileys, or other such crap. Just be careful what you download friends Hope this helps somebody somewhere, I might be an IM noob but comp security used to be my 100% game back in the day (couple years ago, but I guess still relevant). Good luck all!
-Kevin
*edit below*
the presence of base64_decode somewhere in your .php does not necessarily indicate presence of website script injection. base64_decode does that: decodes a string as it is instructed to DO (the encoding process is handled by the script developer). The problem is that since the script is (obviously) ENCODED inside of that; SO, if you are still planning on using that .php file on your server/website, you NEED to know what it does:
opinionatedgeek.com/dotnet/tools/base64decode/
This will decode the string as the php-interpreter would, and show you the literal output. It is still up to you to determine if there is anything malicious in nature. (but usually is just HTML output via echo statements and the like)
I have seen simple footers be encoded (to prevent changing of attribution links in the free theme I downloaded).
I have also seen script encoded in an attempt to hide it's malicious intents.
My advice on these guys: If you are not already trusting of the source, then analyze the .php to the best of your ability. PHP is open-source and largely visible/readable at the code-level as plain text (minor exceptions in some cases, but that's another topic). If you are uncertain, ask for advice (look for support forums that would be unbiased) or just simply don't use it.
Thanks for reading

Hi rayhigdon sorry to hear that. I got hit awhile back and ever since then I religiously check my hosting folders.

There are some things you can do:

- Contact your hosting tech support and ask them to run their virus script on you hosting space

- Next explain your dilemma to them and ask if there is a way you can deny all ip addresses except yours.

- Another thing is if possible use a site tracking to your sites that track ip addresses with time date stamps. You may can look at the date of the hacked folder(s)/file(s) for time and date stamps and get a time when the evil deed was done. Not casting any dispersions but I noticed that an ip address or two was from the Russian Federation and they had some skills, I 'll tell you that.

- Lastly, check all your sites folders and files permissions.

755 should be maximum setting you set your permissions.
If you see a 777 - "That Is Screaming Hack Me"

Take care mate.

rayhigdon,

If you are still getting hacked you really need to get your computer scanned. If nothing else then check out the free online scans available, I think TrendMicro has one of the better ones. It sounds like you may have a keylogger and if all else fails then you can always simply reformat your computer.

Best of luck.

Kind Regards,
Sid Poudyal

I use a program called keypass as this was happening a bit. Usually if changing the password does not help there is something in part of your software or on your computer harvesting them.

Keypass keeps them secure so no one can see them.

Quentin