Hacking into my Mac

Discussion in 'Buying Tips and Advice' started by Patth9, Nov 19, 2007.

  1. Patth9 macrumors regular

    Joined:
    Jun 28, 2007
    #1
    I am having a terrible time knowing what to do. I've had a fraud attack on my bank account and savings account. Someone with the same bank transferred funds from my savings and checking account into their own. We have had to change all the account information. Okay, now the bank people are telling us we MUST get spyware, virus protection, and hacking software. Okay, not in that order, but this list came from from 2 different bank people. We are being told that for someone to get our password/ID they had to hack into our Mac while we were on line at the bank website. A different bank person told us it was done by spyware via an email which when we opened the email it put a spyware thing in our computer, or we fill out information which WE DID NOT.

    How in the world to I know who is right if anyone is? My Mac friend, well into Macs, told me no way can spyware be used on a Mac. Anyway, I'm at my wits end, can someone please offer some options.

    Patt
     
  2. emw macrumors G4

    emw

    Joined:
    Aug 2, 2004
    #2
    Hmm. Either you're suffering from what is perhaps the first real-life documented case of Mac spyware, or:

    1. You logged into the bank at a public or work PC and didn't realize it saved your information, leaving your personal information available to others. In which case, you don't need spyware detection software on your Mac you need to stay off of public computers.

    2. Someone had access to your Mac to get the information or install the software. In which case you may need to rethink who you invite into your home.

    3. Someone was able to guess your login information. In which case you need to come up with a better password.

    This is not to say that Macs are completely invulnerable to attack - this isn't the case - but as far as I know, there isn't an officially documented case of an e-mail-based "virus" that could have installed keylogging or other spyware on a Mac.

    I also would find it difficult to believe someone was able to log into your Mac remotely, unless you're running VNC software or Apple Remote Desktop and don't have adequate password protection set up.

    On the positive side, the funds were transferred within the bank, so I assume the they've caught the person who did it.
     
  3. speakerwizard macrumors 68000

    speakerwizard

    Joined:
    Aug 8, 2006
    Location:
    London
    #3
    while its 99.9% certain you dont have spyware, if someone is on your same local network and has a very good knowledge of unix and you have no firewall on then its posible, but that combination of things plus a person that could earning big bucks with there unix knowledge or easily hacking public windows machines seems all very unlikley. Id say you probably got a dodgy email and followed the link from it and put your password in some kind of proxy site.
     
  4. saltyzoo macrumors 65816

    saltyzoo

    Joined:
    Oct 4, 2007
    #4
    Were you physically at your bank when they told you these things? Those are some incredibly odd things for bank personnel to be telling you. Are you absolutely certain the people you were talking to are from your bank?
     
  5. Moof1904 macrumors 65816

    Joined:
    May 20, 2004
    #5
    The same exact thing happened to my brother and the bank swore up and down that the attack was upon his computer system. He's a really savvy guy and refused to believe them and kept pushing the issue. After a couple of months, the bank finally admitted that they had had a security breach on their end.

    Don't trust the bank when they blame you for your account getting hacked. As anyone technically inclined knows, no business or individual is entirely hack proof, but the last thing a bank wants to admit to a technically unsophisticated public is that the bank's systems have been hacked, even to the slightest degree.
     
  6. Umbongo macrumors 601

    Umbongo

    Joined:
    Sep 14, 2006
    Location:
    England
    #6
    I've seen it claimed on these sort of topics before that banks have successful hacking attempts against them all the time, but they won't talk about it and will always shove the blame on to the customer if possible.
     
  7. Patth9 thread starter macrumors regular

    Joined:
    Jun 28, 2007
    #7
    Funds will be returned, were still in "pending"mode. Very diligent husband who checks on line bank everyday.:D


    Speakerwizard: "I'd say you probably got a dodgy email and followed the link from it and put your password in some kind of proxy site." Wouldn't even know how and would never pass on our bank password,in fact, I'd have to look it up to use it.";)
    __________________

    saltyzoo:"Were you physically at your bank when they told you these things? Those are some incredibly odd things for bank personnel to be telling you. Are you absolutely certain the people you were talking to are from your bank?"
    My husband was physically in the bank when he was told our Mac had been hacked, if I had been there I might have glared him down with my "mother" look.:mad: But, the first guy we talked to was by phone, first thing today, Monday morning, and he's the one that talked spyware. I was pretty sure this wasn't true.

    Moof1904:"Don't trust the bank when they blame you for your account getting hacked. As anyone technically inclined knows, no business or individual is entirely hack proof, but the last thing a bank wants to admit to a technically unsophisticated public is that the bank's systems have been hacked, even to the slightest degree."
    This was my gut feeling when I first learned we had our funds transferred. In fact, who ever it was first transferred funds from the savings account into the checking so they could get the max amount from the checking, then transferred the max amount from the savings to someone who, I'm pretty sure, had to also be in the same banking system. In fact, in order for my mother, husband and I to be able to transfer funds within our same bank accounts, we had to jump though paper hoops.

    Umbong: "I've seen it claimed on these sort of topics before that banks have successful hacking attempts against them all the time, but they won't talk about it and will always shove the blame on to the customer if possible."
    Just like the ISP's it's always the other guys fault. I am more inclinded to believe an inside job, than a hacking job.
    :rolleyes:

    When talking to a friend who work in a different bank, and without telling her my thoughts, she also came up with the same idea as you did, Moof1904, either a mistake or an inside job. Of course the bank man said who ever did it would be caught, but that we'd never know who. If that doesn't sound like a person covering his bank's backside, nothing does. I really don't care who did it, I just want to know how it was done so I can save myself from purchasing a load of software that isn't needed on my Mac.

    Thanks everyone, sorry it took me so long to answer, there was more than one emergency at our home today. And, before you ask, my mother is 90 and barely knows her name, so no funny bank business from her.:) I hope my reply wasn't too long or confusing.

    Thank you all so much!

    Patt
     
  8. Patth9 thread starter macrumors regular

    Joined:
    Jun 28, 2007
    #8
    Hackin into my Mac

    I'm thinking you all might get a "head shake" out of this latest development.

    We had to freeze our old bank account and open a new one. No problem. When the bank returned the money that had been transferred illegally from our old account by someone named Marcus Gray, they put the funds into the old account instead of the new account which means we still have no money in our new checking account. When this was brought to their attention, they asked if we had run a spyware program yet. My husband said, "No, Macs aren't obliged to use spyware software." After checking with her supervisor, the lady from Well Fargo told him they would not return the funds until we ran a spyware program. This is beginning to sound like an ignoramus conspiracy.

    First of all, how in the world would they know if we were telling the truth about running a spyware program? If they can check our computer from within the bank, then I KNOW the illegal transfer was an inside job. Face to face I was told it couldn't possible be in inside job because it was an on line transfer. Later I wondered, "Well, couldn't an on line transfer be done from in side the bank by a hacker who works for the bank?

    Anyway, since you all were so kind as to offer me ideas and support, I thought I'd give you a "tongue in cheek" laugh.

    Patt:rolleyes:
     
  9. dukeblue91 macrumors 65816

    dukeblue91

    Joined:
    Oct 7, 2004
    Location:
    Raleigh, NC
    #9
    If I were you I would change banks in a hurry.
    They have no right to hold your money because of what or not software you use.
    You should go back tell them you bought 3 different spyware and anti virus programs and they all came back with nothing found and you would like for the bank to pay for it since they made it a condition so you can retrieve your funds.
    Naturally they wont but it be nice to but some heat under their buts and let them know that they have no clue about computers.

    Good luck to you.
     
  10. Killyp macrumors 68040

    Killyp

    Joined:
    Jun 14, 2006
    #10
    I'd do what darkblue91 says, just tell them you've tried some different Spyware scanners (run Norton Internet Security for Mac past them), and say they didn't pick up anything.

    It can't have been something in an email you opened. There is no Mac spyware around, or if there is, there have been NO reports or blogs about it, which there would have been if such a thing existed.
     
  11. cohibadad macrumors 6502a

    cohibadad

    Joined:
    Jul 21, 2007
    #11
    I have gotten fraudulent emails claiming to be from my bank, credit card and paypal linking to proxies that you put in your username and password. They actually look exactly like the real thing but the url is bogus. It's not spyware and no spyware program will detect it. I would recommend changing banks. Take your money elsewhere.
     
  12. fromcha06 macrumors member

    Joined:
    Jul 20, 2008
    #12
    please hELP!


    is this still accurate? i have a "shared folder" on my mac... no idea what it is currently named .... "the-b52087144a5" and a folder on my desktop randomly changed with yanks pics in it... to "but i suck lol"

    can some one remotly hack into my mac? no one else uses this computer... (unless someone broke into my apt and did it.... no friends or anything)

    please help!? how can i check if someone has hacked in? or has access?
     
  13. GimmeSlack12 macrumors 603

    GimmeSlack12

    Joined:
    Apr 29, 2005
    Location:
    San Francisco
    #13
    Sounds like you could have been Phished. Those sites have gotten pretty authentic looking, I mean even I had a Phishing attack that I fell for on MySpace. I know thats not a fair comparison, but still.

    As for spyware, it just doesn't exist on Mac.
     
  14. fromcha06 macrumors member

    Joined:
    Jul 20, 2008
    #14
    ???


    what is "phished" how do fix that? could they have stole all my accounts etc? i have never heard of that before... please help...
     
  15. GimmeSlack12 macrumors 603

    GimmeSlack12

    Joined:
    Apr 29, 2005
    Location:
    San Francisco
    #15
    Phishing is done by tricking you into giving your account info. This can be a number of ways but sometimes you can click a link in an email (an email sent to trick you into thinking its from your bank) and this will send you to a web page that looks exactly like your online banking page. You enter your info to login and it gives you some "Thanks for registering" or something like that.
    That is one way they could get your info. Hope that is a good example.
     
  16. chrono1081 macrumors 604

    chrono1081

    Joined:
    Jan 26, 2008
    Location:
    Isla Nublar
    #16
    This may have been mentioned but I didnt read through all the posts.

    Its literally as easy as finding an unsecured internet connection and using a packet sniffer. I tested this on my home network once and was horrified that on my laptop I saw everything that my desktop was doing and every email sent, etc.
     
  17. adom macrumors 6502

    Joined:
    May 27, 2006
    Location:
    UK
    #17
    Its undoubtedly a case of "Phishing" in this day and age of banking. And to be fair to them, the bank employees will be following standard protocol asking you to run a spy ware/anti virus program...which are probably set by their security team. They won't be experts themselves.

    Why? Because they don't want to release the funds back to you and then the same thing happen to you. They are trying to be pro-actively helpful in their instructions.

    No everything in the corporate world is a conspiracy or an "inside job".
     
  18. indefatigable macrumors member

    Joined:
    Sep 25, 2008
    #18
    What do you mean by "unsecured internet connection?" Wireless?
     
  19. fedup flyer macrumors regular

    Joined:
    Jan 18, 2008
    #19
    More like a public internet connection. One that does not require a password or key to login and does not create an encrypted connection . Wi-Fi can be made secure.
     
  20. iMouse macrumors regular

    Joined:
    Jul 23, 2002
    Location:
    Boardman, Ohio
    #20
    Useless Antispyware Apps

    Antivirus/antispyware apps are useless whether they be for Mac OS or Windows. The spyware/malware at this point is so complex, that the whole model for detection is broken. The model has been broken for years, but it seems that very few companies are willing to invest into a new method for detection. Right now, the best method of removal is through a specialist that knows where common malware-based Trojans hide and how they run in the operating system environment.

    As a malware specialist, I can tell you that this was more of a security breach from inside the company rather than from your Mac. If your Mac is patched and you do not have any services such as FTP or SSH enabled (also port forwarded if you use a router), then the chances of them "hacking" the Mac are slim to none. I see a LOT of Macs each year and none of which were ever infected with spyware.

    Banks like to push the blame on their customers because they think that their customers are naive and don't understand computer security. Personally, I find that many end users know more about computer security than the accusing institution's IT staff.

    It seems anymore that the common solution to everything is to tell people to run their antivirus/antispyware package. Kinda sounds like the "run check disk and defrag" common statement of the 90's, simply upgraded for today's new computing issues.
     
  21. iMouse macrumors regular

    Joined:
    Jul 23, 2002
    Location:
    Boardman, Ohio
    #21

    Open System Preferences ----> Sharing. Disable all services on the left to ensure that nobody has set up remote access to your Mac.

    Also, the Mac has access to serve Telnet, but the service is not listed as being available in the GUI. Open a Terminal window and type in the following...

    su <enter>
    Type in your administrator password <enter>
    service telnet stop <enter>

    This will disable the Telnet service on the Mac if anyone would have gained access to invoke 'service telnet start'. :D

    You may also want to see if the root user was enabled on the workstation. This can be done by opening the Directory Utility in Leopard and going to the Edit menu. 'Enable root user' should be visible. If 'Disable root user' is visible (and you did not enable root prior to this), then the root account is currently enabled and it is likely that your Mac was accessible to someone at the root level. In Tiger, you can check for root account access using the NetInfo Database app.

    Change the passwords to each user account on your Mac as well just in case the password has been compromised. Disabling all remote access services should eliminate the possibility of a compromised password allowing people in, but do it as a precaution anyway.
     

Share This Page