Mac's been Seriously hacked. And I need help determing the extent of damage.

Discussion in 'macOS' started by cloudlife, Oct 3, 2008.

  1. cloudlife macrumors newbie

    Joined:
    Jun 18, 2007
    #1
    Well, it all started when i woke up one morning, look at websites, etc when i tried to download a small pdf file. I was told i was out of hd space, impossible because 1. it's a pdf 2. i remember having at least several gbs.

    I check my hd space. It shows 0, I tried deleting files and to my dismay my hard drive space slowly filled itself without any running applications. Immediately i began locking down my computer, locking down security preferences, and the one thing that tipped me off was when i tried to restart.

    Window popped up saying "One apple user is connected to your computer. Are you sure you want to disconnect?"

    I immediately went to my sharing preferences and basically blocked out everything. In the end it was Personal file sharing under the firewall tab that allowed him to connect. (<- Don't leave that on at all.)

    Now i've changed my router admin password, wifi password, user password, run clamx (detected nothing....), running little snitch, and i turn off wifi before i go to sleep. But still paranoid, going to ask a friend who has leopard family pack to install that on my computer.

    There's only one thing i'm really worried about. How easy is it for a hacker to run a keyboard logger in the background and send the information without me knowing it?

    As far as i can tell, he was able to fill my hard drive and maybe mess around with my monitor. It had a weird problem where the monitor was only useable for a few seconds before the screen image began to dissolve....

    Any help would be appreciated.
     
  2. nebmot macrumors newbie

    Joined:
    Sep 5, 2008
    Location:
    San Diego, CA
    #2
    back up your data, and erase using security settings, the 7 passes meets the DOD requirement. After that reinstall what ever OS (tiger or leopard) and go back to using your mac as before.
     
  3. mshepherd macrumors regular

    Joined:
    Feb 29, 2004
    #3
    Where was he putting files? If you have guest access turned on he could have just been dropping files in your drop box in your shared directory and giving you a simple denial of service attack by filling your disk space :).
     
  4. Sun Baked macrumors G5

    Sun Baked

    Joined:
    May 19, 2002
    #4
    Or his access was causing the error logs to expand enough to fill the drive space.

    A DOS attack through error log.

    Look at the log sizes and delete if needed, though a lot of the people I've seen usually did this to themselves with some sort of Samba error.
     

Share This Page