Mac might be compromised. How to proceed.

Discussion in 'MacBook Pro' started by scjfly, Jul 10, 2013.

  1. scjfly macrumors newbie

    Joined:
    Oct 20, 2010
    #1
    To make a long story short, I had a significant online financial account hacked and the funds stolen. In my estimation there are three areas in which the hacker could have stolen my info. My mac, iphone, or through the online site itself.

    In any event, I would like to clean up my mac just in case. I have a 13" macbook pro running the latest version of OSX. It originally came with Snow Leopard and the install disks. Do I need to use these disks or can I use command R while rebooting and start with the most current version of OSX?

    Also, any suggestions on transferring important files from time machine to the fresh system? I want to make sure I only keep safe files.

    I'm aware that the mac ecosystem is safe and that it is more likely that the hack occurred somewhere else but I've lost my peace of mind.

    Thanks guys.
     
  2. Orlandoech macrumors 68040

    Orlandoech

    Joined:
    Jun 2, 2011
    Location:
    Salt Lake City, UT
    #2
    You can use that disc or do Internet recovery by holding down the OPTION key on boot up.
     
  3. tgi macrumors 65816

    tgi

    Joined:
    Aug 29, 2012
    #3
    Wow, that's crazy. There was no one that knew of the account details? i.e. girlfriend, wife?
     
  4. trigonometry, Jul 11, 2013
    Last edited: Jul 11, 2013

    trigonometry macrumors 6502

    trigonometry

    Joined:
    Jun 19, 2010
    Location:
    South Carolina
    #4
    I can't say for sure if your Mac was compromised but if it was you should be worrying about how it was compromised. If I had to guess I'd say a man-in-the-middle attack or social engineering. Make sure your connections are secure. Don't bank or input passwords over public Wifi. Reset your home router and password. Enable its highest level of security. Turn on your Mac firewall, and click all the options. Encrypt your hard drive. Set up your Mac so every time it is used you have to input the password. Apple has a great PDF on Mac hardening on its website. Read it.

    As far as restoring old files only bring over those that you created yourself. Nothing you downloaded. Don't restore old apps because the attacker could have migrated shell to another app.

    Set up Safari so you only allow Java/Javascript on sites you trust. Install a trusted ad blocker. Don't click suspicious links even if they're on the front page of Google Search results. Safari is a good candidate for how your account could have been compromised as well. Never ever visit a Russian social website! Don't trust Facebook either. And if you have to download something dodgy, turn off all network connections before opening it.

    Install nmap and run a scan on your own network. To see if someone else is there and how your computer looks to an attacker. You should configure it so all ports are closed and your OS, etc. are non-determinable.

    Change passwords often and never use the same password twice. Never use the same username twice.
     
  5. niteflyr macrumors 6502a

    Joined:
    Nov 29, 2011
    Location:
    Southern Cal
    #5
    Are any of these "password" apps secure? Any better or worse than Keychain?
     
  6. Astroboy907 macrumors 65816

    Astroboy907

    Joined:
    May 6, 2012
    Location:
    Spaceball One
    #6
    My mac must be the most infected in the history of macs....
     
  7. trigonometry macrumors 6502

    trigonometry

    Joined:
    Jun 19, 2010
    Location:
    South Carolina
    #7
    I like 1password. It can generate random usernames and passwords. It also integrates with your browser so you can command-backslash to easily enter your saved password and data. Just make sure to use one of its back-up options so you wont be screwed if you have to reinstall your OS or happen to change machines.

    Nah, but considering he was already "hacked" I was trying to give him some tips for future reference.
     

Share This Page