Someone Remotely Control my Mac and my PC

betatest · May 17, 2012

Hi

Ever since I got a Macbook, I noticed that someone keeps changing my Mac settings via a root account.

Even I have set the Firmware Password, he still can get in to my Mac.

When someone physically access to mac.

He used a root account and set all settings.

1. Enable Active Directory and Bind via a root account.
2. Enable File Sharing via root account.
3. Enable Screen Sharing via root account.
4. Enable Parental Control via root account.
5. Enable Remote Desktop via root account.
6. Enable Internet Sharing via root account.
7. Airport was somehow enable via root account.
8. SSH and Kerberos have been set.
9. Keep Noticing that someone is syncing to his iPhone/ iPad.
10. Once he access to the root account, he changed my password.
11. There are times that Bluetooth was enable, and DNS settings was set.
12. Most of the System Preferences plist files have been altered without my knowledge. He inserted a SSH and Kerberos to the plist files.

Every month I keep formatting my hard disk(All Zero out) and reinstall the OS.

And the problem keep coming back.

Even though I have used up a lot of my system hardening someone still keep changing settings and gain root access to my mac.

When he starts to do all these things, I did not have a functional computer.
I cannot seems to get anything to work on.

He would spy on my computer and my internet activities.

Even if I am not using a Mac. And used a PC. I still got the same problem.

He remotely control my PC (whether in Windows or Linux) and my Mac to do all these things!

He also read my emails! And changed my email password.

Everytime when I wanted to used my computer, I saw a mouse cursor moving around my Desktop Screen.

This person I believe keep remotely control my MAC via ARD.

I really need some form of help.

blueroom · May 17, 2012

Either stop using the internet, change your user ID & password or wear a tinfoil hat.

Fabricman112 · May 17, 2012

betatest said:
Hi
Every month I keep formatting my hard disk(All Zero out) and reinstall the OS.
I really need some form of help.

you kidding? if you format the drive and install a fresh OSX... setup a different admin-account, disable ALL under sharing, how could someone get remote access??

do NOT restore from timemachine, and create a different account, post here again

or stop using a computer

(that is if you are the legal owner)

betatest · May 17, 2012

Fabricman112 said:
you kidding? if you format the drive and install a fresh OSX... setup a different admin-account, disable ALL under sharing, how could someone get remote access??

do NOT restore from timemachine, and create a different account, post here again

or stop using a computer (that is if you are the legal owner)

I did that, even that didn't work. My password changed!

Whenever I'm around at home, someone (that idiot) keep changing my things!

He control my Mac, Windows and Linux! (You name it)

----------

blueroom said:
Either stop using the internet, change your user ID & password or wear a tinfoil hat.

I'm dead serious. I didn't have time to joke around. Sorry.

RKO · May 17, 2012

blueroom said:
Either stop using the internet, change your user ID & password or wear a tinfoil hat.

I think you have it in a nutshell.

betatest · May 17, 2012

Fabricman112 said:
you kidding? if you format the drive and install a fresh OSX... setup a different admin-account, disable ALL under sharing, how could someone get remote access??

do NOT restore from timemachine, and create a different account, post here again

or stop using a computer (that is if you are the legal owner)

No I didn't use the timemachine. I usually formatted the harddisk and zero out everything.

Nothing seems to work.

While doing the installation of OS X. (fresh)

The moment I rebooted my computer.

I cannot log in to my Mac at all.

This person (the idiot) have a habit to remotely control my computer.

And for that matter I become one of his survillence fallen victim.

And I did informed the matter to the police.

chown33 · May 17, 2012

betatest said:
...

This person I believe keep remotely control my MAC via ARD.

Given the rest of your description, there is no way ARD is being used to do this.

It's conceivable you've left something out of your description, but in that case no one here can help you, because we can't possibly know what you did. You'd have to take the computer and all the disks to a trustworthy qualified technician, who would install everything without ARD enabled.

I really need some form of help.

I don't think any technical help will solve the apparent problem.

Mal · May 17, 2012

No one is remotely accessing your computer. Invest in a better lock if this is real, or meds if not.

jW

betatest · May 17, 2012

chown33 said:
Given the rest of your description, there is no way ARD is being used to do this.

It's conceivable you've left something out of your description, but in that case no one here can help you, because we can't possibly know what you did. You'd have to take the computer and all the disks to a trustworthy qualified technician, who would install everything without ARD enabled.

I don't think any technical help will solve the apparent problem.

How are you going to explain these, when things starts to happen...

Even my Wireless Router password have been changed without my knowledge.. One of my brother Router password too have been changed.

The System Preferences plists files have been altered for him to gain access to my computer.

He edited the System Preferences plist files with SSH & Kerberos.
Only a technical know how knows this.

I am sure he read this forum.

I the kind of guy who don't like to mess around with other people belongings.

And for no utter reason, he remotely control all of my things! (For the sake of his survillence addictions!)

I did not even touch his personal belongs! Never!

----------

Mal said:
No one is remotely accessing your computer. Invest in a better lock if this is real, or meds if not.

jW

If someone Remotely Control your computer and mess around with your things.(Whether you are around or not around at home)

Will you get angry for that???

I'm sure you will.

So how the heck am I supposed to use my computer?

blueroom said:
Either stop using the internet, change your user ID & password or wear a tinfoil hat.

Well he can use the internet 24/7 at his own will.

Others cannot.

----------

chown33 said:
Given the rest of your description, there is no way ARD is being used to do this.

It's conceivable you've left something out of your description, but in that case no one here can help you, because we can't possibly know what you did. You'd have to take the computer and all the disks to a trustworthy qualified technician, who would install everything without ARD enabled.

I don't think any technical help will solve the apparent problem.

Many times, I cannot logged in to my computer. And I know that my password have been changed.

He did install something to my computer to do his dirty work.

betatest · May 17, 2012

chown33 said:
Given the rest of your description, there is no way ARD is being used to do this.

It's conceivable you've left something out of your description, but in that case no one here can help you, because we can't possibly know what you did. You'd have to take the computer and all the disks to a trustworthy qualified technician, who would install everything without ARD enabled.

I don't think any technical help will solve the apparent problem.

By the way, Remote Desktop password was set under the root account.

That's explains everything.

He know my IP address and starts world war 3!

----------

Fabricman112 said:
you kidding? if you format the drive and install a fresh OSX... setup a different admin-account, disable ALL under sharing, how could someone get remote access??

do NOT restore from timemachine, and create a different account, post here again

or stop using a computer (that is if you are the legal owner)

If he keep on doing these things. I will NOT BUY A MAC anymore!

I fork all the money to buy a computer to do his dirty nasty work.

Do you want that to happen???!

And if my $4000 over worth of Mac get spoilt, who is going to pay for the damages???

You think he is going to replace me a new MAC?

Hell no!

blueroom · May 17, 2012

So whatcha going to buy? A PC? Oh wait, you said he hacked that too. Linux same thing. Get an iPad, don't jailbreak it, problem solved.

FYI: OSX is far more secure than Windows.

Your friend isn't a 6.3" bunny named Harvey by any chance?

betatest · May 17, 2012

blueroom said:
So whatcha going to buy? A PC? You said he hacked that too. Get an iPad problem solved.

FYI: OSX is far more secure that Windows.

OSX is far secure than windows! (I don't think so, What Kaspersky said is true!)

I think OpenBSD is the securest OS and it's Free!

He did the unthinkable, when I look at my system logs, I noticed someone is doing File Sharing at his own will to my computer!

Even with my Linux Live Distro he wanted to copy.

He can get the same exact copy of Software from the Internet.

Everyone uses the same software.

What I really don't understand is that he wanted to COPY everything from my computer.

The stupidity of him is that why can't he download the same copy from the Internet.

----------

blueroom said:
So whatcha going to buy? A PC? Oh wait, you said he hacked that too. Linux same thing. Get an iPad, don't jailbreak it, problem solved.

FYI: OSX is far more secure than Windows.

Your friend isn't a 6.3" bunny named Harvey by any chance?

Look he gained access via my Root Account to do what?

To copy my files and to remotely control my computer.

How would explain to me when my internet connection got disconnected for no reason?

He wanted my password and to SPY on me!

So what is his intention to do all these things!

Can I ask you a question.

Do you like someone SPYING with his Survillence Equipment and threat you like one of his victim!

And you know you did nothing wrong!

That's is the reason why I went down to the Police.

blueroom · May 17, 2012

Has it occurred to you that this problem appears to be unique to you? Have you seen the movie Fight Club?

throAU · May 17, 2012

betatest said:
He control my Mac, Windows and Linux! (You name it)

OS X isn't your problem.

Stop installing warez, turn on your firewall and keep your machine(s) physically secure

----------

blueroom said:
has it occurred to you that this problem appears to be unique to you? Have you seen the movie fight club?

blueroom · May 17, 2012

betatest said:
That's is the reason why I went down to the Police.

I can guarantee the Police don't care.

Retailers such as Chapters use iMacs as retail kiosks, all Apple stores and many retailers have Macs on display that customers use daily. None of these exhibit the sort of problem you describe.

PS The only reason Kaspersky is in business is because of Windows.

Tell your "friend" that Google pays $20,000 plus a CR-48 Chrome notebook if you can hack Chrome.
http://www.digitaltrends.com/computing/google-gambles-20000-that-chrome-cant-be-hacked/

betatest · May 17, 2012

blueroom said:
I can guarantee the Police don't care.

Retailers such as Chapters use iMacs as retail kiosks, all Apple stores and many retailers have Macs on display that customers use daily. None of these exhibit the sort of problem you describe.

PS The only reason Kaspersky is in business is because of Windows.

Tell your "friend" that Google pays $20,000 plus a CR-48 Chrome notebook if you can hack Chrome.
http://www.digitaltrends.com/computing/google-gambles-20000-that-chrome-cant-be-hacked/

On Kaspersky read the link.

https://www.pcworld.com/article/255580/apple_is_asking_kaspersky_for_security_advice.html

simsaladimbamba · May 17, 2012

betatest said:
On Kaspersky read the link.

https://www.pcworld.com/article/255580/apple_is_asking_kaspersky_for_security_advice.html

And? Did YOU read it? Apple has NOT asked Kaspersky, but then again, you don't seem to actually read the **** you link to or seem to understand it.

betatest · May 18, 2012

blueroom said:
I can guarantee the Police don't care.

Retailers such as Chapters use iMacs as retail kiosks, all Apple stores and many retailers have Macs on display that customers use daily. None of these exhibit the sort of problem you describe.

PS The only reason Kaspersky is in business is because of Windows.

Tell your "friend" that Google pays $20,000 plus a CR-48 Chrome notebook if you can hack Chrome.
http://www.digitaltrends.com/computing/google-gambles-20000-that-chrome-cant-be-hacked/

He changed everything to one of my brother Wireless router.

My brother found out that the ip address does not belongs to his ISP.

Someone swap his internet access connections. He knows the ip address have been changed.

He was angry at it.

His computer also have been tamper with.

He did told me that someone is controlling his computer.

His Internet connection got disconnected. He cannot even log in to his Wifi Router.

I went down to do a check, and found out that the Admin password have been changed (by the idiot).

He swaps the ip address to the (idiot) ip address.

He do a check on the terminal and he notice that the ip address have been changed.

He almost lost his job for it. And that is a serious matter.

He can't get things done on his computer.

The (idiot) did a unthinkable and starts messing around with other people personal belongings.

For that matter I know, my brother and I did not do anything to his computer except his nephews.

You think the culprit want to deny his wrong doings?

He will never denied this.

The 2 of us witness this occurance.

----------

throAU said:
OS X isn't your problem.

Stop installing warez, turn on your firewall and keep your machine(s) physically secure

----------

No warez what so ever. Mostly are downloadable from the internet or the Apple Apps Store.

betatest · May 18, 2012

betatest said:
He changed everything to one of my brother Wireless router.

My brother found out that the ip address does not belongs to his ISP.

Someone swap his internet access connections. He knows the ip address have been changed.

He was angry at it.

His computer also have been tamper with.

He did told me that someone is controlling his computer.

His Internet connection got disconnected. He cannot even log in to his Wifi Router.

I went down to do a check, and found out that the Admin password have been changed (by the idiot).

He swaps the ip address to the (idiot) ip address.

He do a check on the terminal and he notice that the ip address have been changed.

He almost lost his job for it. And that is a serious matter.

He can't get things done on his computer.

The (idiot) did a unthinkable and starts messing around with other people personal belongings.

For that matter I know, my brother and I did not do anything to his computer except his nephews.

You think the culprit want to deny his wrong doings?

He will never denied this.

The 2 of us witness this occurance.

----------

No warez what so ever. Mostly are downloadable from the internet or the Apple Apps Store.

I don't know what to say to put into words.

They asked me to buy a new Macbook.

Before I even own one, these people starts doing all kind of things to me.

They even have the time to do survillence on innocent people.

Yeah, can talk to people with his SPY CAM at home. As if like talking to people at the ******** wall.

They even control my Modem.

For no reasons my Modem got disconnected all by itself.

All this things are from their dirty work.

Failing to buy a new Notebook and this jokers starts punishing people who are not in the wrong.

You asked me, if you want to buy a computer it is your decision to make.

He is not the one who give me the money to buy a computer.

So he do not have the right to give other people decision to buy a computer.

msandersen · May 18, 2012

Something this complex cannot be answered here as it requires more information than you can supply by personal inspection by a security-savvy geek. On the surface what you describe, in that it doesn't matter which operating system is being used, OSX, Windows or Linux, and the routers etc being logged onto, it seems more like something done by someone with physical access. And it seems like they want you to know, hence it is bullying. So you'd have to consider who might have access and have it in for you and your brother. Secondly, although you reinstall your computer, your brother's computer is apparently infected too, so are they both reinitialised at the same time? Ie, reinstalling your system while leaving another system on the network infected still gives them a way in. Each computer must be reinstalled while unplugged both from the internet and the network, then test if anything happens while offline, ie no internet. It is not conceivable that a freshly-installed and fully-patched Windows, Linux or OSX can be so easily hacked into without some other means. You haven't said if you have a fixed IP, as the likelihood of a hacker obtaining your Dynamic IP if the systems were all reinstalled as described. I've seen the havoc network viruses can cause in a Windows environment and the systematic way in which they each have to be cleaned disconnected from everything. While it is possible to infect a BIOS, hence being able to reinfect a conventional PC after a reinstall, I've never heard of an EFI exploit.
First and foremost you'd have to give some thought to who might target you, ie from an insecure forum or chatserver; I've been on a chatroom where the complaints page could be used to obtain any user's IP by examining the page source as the IP of the person being reported was put in as a hidden field. And I've known of people from there being harassed in this way and hacked into. So it is very possible. Hence I investigated anonymous proxies, and came up with a free anonymiser service from Germany I used for whenever I went in the chatroom (Tor was too slow for me). Even so, an up-to-date and properly-patched system should not be vulnerable. All 3 systems mentioned have very good security these days. But any system is only as good as the weakest link, eg a compromised system on the network which has admin access to your system. If your brother's system had a keylogger installed, then whenever you or he logged onto your computer or the router, you'd give your password away. No amount of security on your computer short of restricting network access could do anything about that. That means never logging on from another computer to any account with admin privileges and having separate secure passwords for admin and guest accounts, and only share things in the Shared folder, and preferably not allowing write access to it. But you seem tech-savvy with knowledge of what system files are changed, so I expect you already know these things.

robo456 · May 18, 2012

Ok, here's the once and for all test... and yes, I'm serious. Do not tell ANYONE you're going to do this, this is important, it's a test.

Unplug your mac from your router. Just plug in the power cord, keyboard and mouse. Do a fresh install of OSX from the CDs that came with your computer or if you don't have the software, go to your local Apple store and buy Lion on a USB thumbdrive for $29.

Do not install any other software from CDs, do not restore anything. Just leave it "fresh". Do NOT plug it into your router, no internet, turn off Wi-Fi and Bluetooth, no nothing, altho make it "look" as normal as possible.

Leave it running for a day or two. Now, if ANYTHING changes, there's three simple answers, and yes, being serious again:

1) you are actually making the changes, and forgetting that you have done so
2) your brother is playing tricks on you
3) GET OUT, someone is breaking into your place and changing things

There's no other answers that can fit this equation. If you do this, please reply; I'm sure we're all curious as to the results!!!

--rob

betatest · May 18, 2012

msandersen said:
Something this complex cannot be answered here as it requires more information than you can supply by personal inspection by a security-savvy geek. On the surface what you describe, in that it doesn't matter which operating system is being used, OSX, Windows or Linux, and the routers etc being logged onto, it seems more like something done by someone with physical access. And it seems like they want you to know, hence it is bullying. So you'd have to consider who might have access and have it in for you and your brother. Secondly, although you reinstall your computer, your brother's computer is apparently infected too, so are they both reinitialised at the same time? Ie, reinstalling your system while leaving another system on the network infected still gives them a way in. Each computer must be reinstalled while unplugged both from the internet and the network, then test if anything happens while offline, ie no internet. It is not conceivable that a freshly-installed and fully-patched Windows, Linux or OSX can be so easily hacked into without some other means. You haven't said if you have a fixed IP, as the likelihood of a hacker obtaining your Dynamic IP if the systems were all reinstalled as described. I've seen the havoc network viruses can cause in a Windows environment and the systematic way in which they each have to be cleaned disconnected from everything. While it is possible to infect a BIOS, hence being able to reinfect a conventional PC after a reinstall, I've never heard of an EFI exploit.
First and foremost you'd have to give some thought to who might target you, ie from an insecure forum or chatserver; I've been on a chatroom where the complaints page could be used to obtain any user's IP by examining the page source as the IP of the person being reported was put in as a hidden field. And I've known of people from there being harassed in this way and hacked into. So it is very possible. Hence I investigated anonymous proxies, and came up with a free anonymiser service from Germany I used for whenever I went in the chatroom (Tor was too slow for me). Even so, an up-to-date and properly-patched system should not be vulnerable. All 3 systems mentioned have very good security these days. But any system is only as good as the weakest link, eg a compromised system on the network which has admin access to your system. If your brother's system had a keylogger installed, then whenever you or he logged onto your computer or the router, you'd give your password away. No amount of security on your computer short of restricting network access could do anything about that. That means never logging on from another computer to any account with admin privileges and having separate secure passwords for admin and guest accounts, and only share things in the Shared folder, and preferably not allowing write access to it. But you seem tech-savvy with knowledge of what system files are changed, so I expect you already know these things.

msandersen,

Very very much appreciated with your kind help. Once again thank you.

betatest · May 18, 2012

robo456 said:
Ok, here's the once and for all test... and yes, I'm serious. Do not tell ANYONE you're going to do this, this is important, it's a test.

Unplug your mac from your router. Just plug in the power cord, keyboard and mouse. Do a fresh install of OSX from the CDs that came with your computer or if you don't have the software, go to your local Apple store and buy Lion on a USB thumbdrive for $29.

Do not install any other software from CDs, do not restore anything. Just leave it "fresh". Do NOT plug it into your router, no internet, turn off Wi-Fi and Bluetooth, no nothing, altho make it "look" as normal as possible.

Leave it running for a day or two. Now, if ANYTHING changes, there's three simple answers, and yes, being serious again:

1) you are actually making the changes, and forgetting that you have done so
2) your brother is playing tricks on you
3) GET OUT, someone is breaking into your place and changing things

There's no other answers that can fit this equation. If you do this, please reply; I'm sure we're all curious as to the results!!!

--rob

robo456,

Precisely!

I am using an Original Retail version of Apple Mac OS X.

What they did to me is out of insanity.

And I did not want to waste more money for their dirty work!

They think that I have money or savings to buy many things!

They take advantage of me to gain something.

I cannot tolerate with this kind of people.

They expected me to fork out more money to buy a new notebook.

And at the end of the day they try to damage my personal belongings.

I've got too many things to think out of my head everyday.

I get so fustrated at many things everyday. That let my anger to get way out of hand. Not knowing that I get heart problem every now and then.

msandersen said is true. This is called "Harrassment".

I have a nephew who thinks that he comes from a very rich and grand family.

Not knowing the facts that his parent work his ass off to paid all of the monthly payments.

My nephew have wrong thinking. He did not know how to differentiate the facts.

Not knowing that things are getting tougher due to economic down turn.

I've got a sick mother to look after.

----------

robo456 said:
Ok, here's the once and for all test... and yes, I'm serious. Do not tell ANYONE you're going to do this, this is important, it's a test.

Unplug your mac from your router. Just plug in the power cord, keyboard and mouse. Do a fresh install of OSX from the CDs that came with your computer or if you don't have the software, go to your local Apple store and buy Lion on a USB thumbdrive for $29.

Do not install any other software from CDs, do not restore anything. Just leave it "fresh". Do NOT plug it into your router, no internet, turn off Wi-Fi and Bluetooth, no nothing, altho make it "look" as normal as possible.

Leave it running for a day or two. Now, if ANYTHING changes, there's three simple answers, and yes, being serious again:

1) you are actually making the changes, and forgetting that you have done so
2) your brother is playing tricks on you
3) GET OUT, someone is breaking into your place and changing things

There's no other answers that can fit this equation. If you do this, please reply; I'm sure we're all curious as to the results!!!

--rob

robo456,

I am very appreciate with your help. Once again thank you.

Someone in the forum do talk like "Gary Rosenzweig" from MacMost.

Someone Remotely Control my Mac and my PC

macrumors member

macrumors 603

macrumors regular

macrumors member

macrumors 6502

macrumors member

Moderator

macrumors 603

macrumors member

macrumors member

macrumors 603

macrumors member

macrumors 603

macrumors G3

macrumors 603

macrumors member

Guest

macrumors member

macrumors member

macrumors regular

macrumors 6502

macrumors member

macrumors member

Our Staff