Multiple problems

Discussion in 'iOS 5 and earlier' started by Zoraloes, Feb 11, 2012.

  1. Zoraloes macrumors newbie

    Feb 11, 2012
    Wirelessly posted (Mozilla/5.0 (iPhone; CPU iPhone OS 5_0_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9A405 Safari/7534.48.3)

    Hi, this will be my first time posting so forgive me if I am noobish. I also know that this may not be the right site but all I can find are rumors of hacking or viruses. I have been having multiple issues with iPhone and iPad. I know everyone says that malware is non existent on ios but I'm beginning to think something is here. I have been getting redirects during web searches including screen flashing and results changing in front of my eyes, face time seems to be running occasionally even after I restrict it. Which multiplayer blocked I am still connecting to AV server. They are occasionally showing carrier settings menu option but it goes away after a few minutes. My bank statements show multiple 1-5 dollars purchases that list itunes and lins to a 866 number that is not an apple number. It's listed as spam and fraud number at 800notes. iTunes occasionally opens to blank page with mzstoreinstall as the only thing on page. I've used netstat and system status apps as well as iPhone config utility. Netstat shows multiple connections always sometimes as many as 20 to random ip addees. Sys logs show absinthe daemon running which could be legit. I randomly lose all my settings including pass code and restrictions. My devices keep showing an imap address with a DNS that looks like Verizon but resolves to nothing. Imap:my When I reset to factory, sometimes I get language select, sometimes not. Sometimes the apple icon goes from white then flashes blue, sometimes not. iTunes occassionally loads square white boxes instead of icons with a small blue question mark in the box. My Verizon call and data histories show mms and pix flick msgs to my friends and family that I never sent and do not show up in my phone logs. Config utility shows SMS messages being sent. Witnessed by both apple and Verizon employees. (they say no malware exists and clOning not possible. My font changes on my menu options. I have hotspot blocked by Verizon yet the menu collapses every time I go to network settings and Misd is constantly running on the phone. Battery needs charged 2-3 times a day. Thousand other things including ota firmware updates several times a day. And it keeps logging "highland park resource manager " firmware download. Constantly logs private vPn connections and USB cable connect at times that it's in airplane mode. Bluetooth keeps turning on by itself even in airplane mode. Is this legit? Debug): AppleBCMWLANCore::handleEventPacket(): WLC_E_FIFO_CREDIT_MAP,length 6 [10 2 8 4 3] and this is just tip of iceberg. If anyone wants to know more I can email logs. I just haven't been able to find anything on google and im not sure if this is something that im just being paranoid about. Im on the 4 th phone, all replaced by Verizon and apple after their techs say "that's odd, u def need a new phone" and after it crahes my home computer and need to reinstall itunes every time. I can't find answers. Is it malware, iPhone spy monitor service, law enforcement, paranoia, hacker? Carrier iq? I also have tried loading a self made config profile since my log was showing parsing profile errors shortly after resets. And shows cell and wifi harvesting which uploads to a vpn(apple?) what's normal here and what not. Any help would be great.
  2. SandboxGeneral Moderator emeritus


    Sep 8, 2010
    Wirelessly posted (iPhone 4S: Mozilla/5.0 (iPhone; CPU iPhone OS 5_0_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9A405 Safari/7534.48.3)

    Is your device jail-broken?
  3. Zoraloes thread starter macrumors newbie

    Feb 11, 2012
    Wirelessly posted (Mozilla/5.0 (iPhone; CPU iPhone OS 5_0_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9A405 Safari/7534.48.3)

    I've never jail broken an iPhone but absinthed.n92 is periodically running unless that is a normal process. And net stat is constantly showing a INTU-Ec-client listening on 8022 I think it is? Half the processes running say warning or error next to them and I can't find anything about them on google. Half the processes have a d at the end of them, I'm assuming that just means daemon. I'm really troubled by not being able to find anything on many of the processes and I almost forgot. Is duo.txt loading normal? I can't find anything on highland park resourcemgr. My iPad 1 is running imagent also which , crashes a lot, which I thought that's a FaceTime process?
  4. Zoraloes thread starter macrumors newbie

    Feb 11, 2012
    Wirelessly posted (Mozilla/5.0 (iPhone; CPU iPhone OS 5_0_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9A405 Safari/7534.48.3)

    Feb 11, 2012 5:34:56 PM - [170] (Notice): allowing special port forwarding for test fixtures
    Feb 11, 2012 5:10:45 PM - SpringBoard [15] (Warning): EKAlarmEngine: Region monitoring not available or enabled. Trigger ignored!

    Am I just being paranoid here? I have hotspot blocked if this is what it's referring to.
  5. lg2312 macrumors newbie

    Feb 18, 2012
    They will tell you you're just being paranoid. In fact, you'll end up in the apple store 5-6 times to only hear "impossible"
    You are not crazy or paranoid. Or maybe you are and we have the same hallucinations. I sure hope you get through this easier than I have.
    My network got hacked. Sophisticated too. Rewrote my my router config and all my firewall settings. I won't get into detail, but 6k down and 6 months later- I'm online with an old mac.You can't beat whatever it is they do- even with the HDD pulled on my many trashed laptops, it still denies me any type of control. My 4s is less than 2 weeks old, and although it's holding up much better than the iphone 4 did, I think it might be in trouble too. I have the same log entries, and, my 4 showed android software running, and processes no one could identify. I bought it new and never jailbroke it. The geniuses just blame it on apps, but even wiped clean, they are still there.
    Here's one that will scare you. Go into your safari settings on your iphone and look at the history. You will find all kinds of web sites you've never visited- most of which are hacker and dev sights. I opened safari one day to find it actually changing pages- and it was a site that bought e-software- in the checkout. I went to one of those sites which is a forum and finally posted, and even they are suspicious. But it's real- and I have a STACK of brand new computers that didn't survive the drive from store to home.Also check your data usage- Mine is constant. And no, I am not wireless since september; I have only been online with my iphone all this time until now. One mac took a hit already and stopped booting completely. I'm sure hoping this one stays alive.
    I had apps disappear, move, lock me out, and VNC apps I never downloaded would appear.
    The day after Thanksgiving, I finally gave in and went to apple for the 4th time for a dfu wipe, since even a brand new computer was hacked immediately. I lost 3500 songs (which all my backups were lost, so everything I had left got wiped) for nothing. I had a friend with me and I showed her the safari history before I had even opened it. someone was busy but not me.
    when you open network connections- does the hotspot button have a constant spinning wheel? Check your bluetooth- it will show off but look at your logs- it will be tethering.
    I got a supervisor at apple to listen finally. I sent him logs, photos... things no one could logically explain. He forwarded them to the engineers, but they would never contact me. I tried over and over. It got to the point in the apple store, they either thought I was insane or they KNEW they have a problem. The programed "impossible" answer is a lie.
    Check any other cell or wireless device. Also look for forged ssl certificates or expired ones.If you have a pc, it's obvious. All logs and software are still there.
    I have had my accounts accessed and used also. Another indicator is language packs on computers that were not there before.
    I've lived a nightmare since early september. I might be crazy, but I wasn't before. My phone was hacked and most likely my new one is too. And since it is impossible, there is nowhere to go for help. you will tether with anything close. I know how it came in on my network and my iphone, but knowing that is of no use.
    Look at the things I have suggested and report back. It sucks for sure, and since no one at apple will even look, it is frustrating beyond belief and there's really nothing you can do. I guess you'd need to jailbreak to get some control, and by now I will if that is what it takes. I was the firs that I could find, but I have seen others reporting too.Methinks all hell is going to break loose in the cyber world, but I was sure it would have happened before now too, so who knows?
    Good luck, and you are not crazy. I can't tell you how many times I had to question myself. The things I saw happening before my eyes made it impossible to draw any other conclusion- it is a live hack.
  6. meyer9 macrumors newbie

    Sep 15, 2012

    Add me to the list of "crazies." I have been experiencing the exact same things as you, lg. My iPhone, iPad and MacBook have been giving me a serious, ripping-my-hair-out headache for the past two months. I have been to the Apple store three times, talked to countless senior advisors, Authorized Apple techs, Linksys, AT&T and my Internet providers and not one person can give me an explanation. I have wiped all devices and my hard drive numerous times and still nothing. It is super frustrating sitting on the phone asking techs if "a,b,c" is possible and having them tell me "no," while I am reading tutorials on how to's. I am not new to Macs or any other Apple devices for that matter and I know when I am having a problem and when I'm not, and when processes are running at 102% on my MacBook, I know that isn't right. The Apple Remote Desktop icon (binoculars) would suddenly pop up, camera light would turn on... On both my iphone and ipad, I've had FaceTime requests pop up out of nowhere while it is set to off. Oh, and Bluetooth is always on too, even though I turn it off. My apps disappear, but show they are running- just recently noticed my bank account app was hidden (this was after my credit card number was stolen...)

    I have been searching for an answer for too long and while I am starting to get it narrowed down, I don't have time to devote my life to learning this open source stuff. But being the determined person I am, I really don't feel like saying, "oh, well" and giving up while just dealing with the fact that my privacy has been ultimately invaded. If either of you have figured anything out, please let me know. Maybe we can exchange a little more info about our stories. I have sent a friend request to you both.
  7. Offfffug macrumors newbie

    Aug 24, 2012
    Hi, I have the same issue, LOSER Asian Mafia hacked me

    The hack is a result of them using DD-WRT and rerouting your traffic to rogue update sites, i.e. Windows Update, Apple App Store etc.... Eventually they control everything. I've been battling these *******s for a year, would love to compare notes. My me. com addy e1202


    The hack is a result of them using DD-WRT and rerouting your traffic to rogue update sites, i.e. Windows Update, Apple App Store etc.... Eventually they control everything. I've been battling these *******s for a year, would love to compare notes. My me. com addy e1202
  8. seanpercival01 macrumors member

    Jun 1, 2012
    I've ne'er jail broken Associate in Nursing iPhone however absinthed.n92 is sporadically running unless that's a traditional method. And internet stat is continually showing a INTU-Ec-client listening on 8022 i feel it is? 0.5 the processes running say warning or error next to them and that i cannot notice something regarding them on google. 0.5 the processes have a d at the tip of them, i am forward that simply means that daemon. i am very troubled by not having the ability to seek out something on several of the processes and that i nearly forgot. Is duo.txt loading normal? i am unable to notice something on highland park resourcemgr. My iPad one is running imagent additionally that , crashes plenty, that i assumed that is a FaceTime process?
  9. sagar4995 macrumors 6502a


    Aug 11, 2012
    Dubai, UAE
    wow thats some messed up s*it!!
    sorry, ive got no real advice or suggestions, but dam do i feel for u guys!!
    g'luck dealing with this!
  10. Dolittle macrumors newbie

    Dec 2, 2012
    I have had all these problems and much much more. I have been going through this for a year and a half.
    I am curious- do any of you happen to have unlimited data accounts? The reason I ask is because I am suspecting that the phone companies ie- AT&T Verizon may be the ones screwing around here. When I finally got apple tier level 2 accounts security personnel to give me names of people using my apple id fraudulently (after a 4 hour Genius Bar appt-mind you) it just so happened the users had the same first and last name as me. Also after much investigating I discovered that all the ip addresses using MY phone came from exact towns where there were also iPhone users with same first and last name AND I even called one of the numbers that I had accessed via a deep who is and guess what- they answered and I asked for (insert my name here) and they said "speaking".
    Now I find it hard to believe its a coincidence. Maybe they figure it is an easy way to save money instead of purchasing additional space in the cyber world for data use. Perhaps that's why AT&T throttled unlimited data acct users?
    Oh and yes- made me feel crazy for a while. Crazy enough to sue the pants off the person or company as soon as my investigation is completed. I finally hired a cybercrime attny and investigation service two days ago to help me. I've had it!!!
  11. Blue5spd macrumors newbie

    Jan 2, 2013

    I stumbled across this article by doing extensive investigative work into the exact same issues all of you guys are seeing. I am in IT by profession and have been troubleshooting these issues myself since Dec 1 2012. I have gone off the grid due to all the issues. This all started when I started noticing bad SSL certs from utn network or something to that extent. I have also seen the config file re written on a Verizon fios router. Very scary as a physical reset does not erase the custom configs in the router. I am currently on my second iphone and have a feeling the one ive had for 2 weeks has been hacked again. When running a visual trace route every domain I query shows a route always going to the same out of us country. I also run netstat and I am seeing the same local connection with tons of other remote IP's that shouldn't be accessing it. Verizon and Apple do not want to give any merit and have been absolutely no help. When I talk to anyone they start telling me that this is technical and way past there expertise level. I have also setup a local http proxy and ran all iphone traffic through it and I am seeing a lot of proxy request in the headers with other cookie settings and data that should not be in there. I have taken the logs from phone and I am seeing a specific file labeled "AITTarget" which leads me to believe this is a specific attack geared towards me specifically. This is just the tip of the iceberg and would like to compare notes and put together a solid group of individuals that have been dealing with this nightmare as a group approaching Apple might mean more. Does anyone have a contact for Apple security or someone with contacts into news organizations that might want to take on the story. From what I have I am thinking this is going to be a huge issues for Apple. Please pm me your email soI can contact you if you have been having these issues


    By the way I have IOS6.01 on Iphone 4 Verizon and grandfathered unlimited..

  12. Gurlbug14 macrumors newbie

    Nov 25, 2013
    Never ends

    Two years and still, no one believes that my phones (7) are being hacked!!
    Believing apple is more secure, I switched and still...... same problems!!!
    Phone is not jailbroken.....
    Crash log info:
    BB HW Log
    BB HW Rpm
    BB HW 1xevdo
    Research tells me this is Black Barry(smart phone) information, not iPhone. Why or how could I possibly get BB HW in my iphone 5 (7.0.4) crash logs??

    Here are a few other things I found.....
    AIT Target
    Pk zip
    UUID shared
    NS Cocoa error domain

    Will send or post any files.....please help!!!
  13. C DM macrumors Sandy Bridge

    Oct 17, 2011
    What? What exactly is happening? Why do you think there's something like hacking going on? Where are you getting the information that you mentioned--what is it in reference to?
  14. Gurlbug14 macrumors newbie

    Nov 25, 2013
    I was able to access my root files with an app I had found. With most of them being encrypted, parts of them were not and these are just a few of the things I've found! The first set of items re: BB HW were in my crash logs!
    As of yesterday, the app I was using to view my files has suddenly changed and I can no longer access ANYTHING!!!
  15. Gurlbug14 macrumors newbie

    Nov 25, 2013
    Here is one thing I found!!! There was also a file named H5SURamDisk.dmg????

    Attached Files:

  16. Gurlbug14 macrumors newbie

    Nov 25, 2013
    Got this error yesterday!!!

    Attached Files:

  17. C DM macrumors Sandy Bridge

    Oct 17, 2011
    Sounds like you might want to first figure out what it is that you are actually looking at and what it might contain before trying to come up with what it might even mean.
  18. Gurlbug14 macrumors newbie

    Nov 25, 2013
    Here's another!

    Attached Files:

  19. Gurlbug14 macrumors newbie

    Nov 25, 2013
    don't get me wrong, I'm no expert on any of this stuff, but you no when there's something not right with your phone. Just like your car or computer.... you take it to the shop & have it looked at!!!

    Attached Files:

  20. Gurlbug14 macrumors newbie

    Nov 25, 2013
    This just isn't right!!!

    Attached Files:

  21. C DM macrumors Sandy Bridge

    Oct 17, 2011
    You still haven't explained what you are even looking at and how you even know that's what it is (whatever it is you think it might be).
  22. Timotalktalk macrumors newbie

    Mar 9, 2014
    I too have been dealing with this for two years now and my iPhone, MacBook Pro, and new dell laptop keep getting destroyed and having to reformat and reinstall constantly. I have been searching for help and apple can not get any of my logs or remote in anymore. I would love to hear if you are able to find out how to resolve these issues. I am using a iPhone 5 and really post. Apple last told me to contact there security dept.
    I was told to contact address:

    Product Security - Apple Support

    Contacting Apple
    To report security issues that affect Apple products, please contact:
  23. Goph macrumors newbie

    Mar 15, 2014
    After reading previous posts I made an account just to respond to this. I'm having similar issues with my computers becoming compromised with super intelligent kernel mode rootkits.. Ive done multiple clean reformats onto various computers, none of which i allowed onto the same networks as previous. I bought myself a new iphone 5 in january that became buggy and flooded with data export logs and filenames i couldnt dig up on google. I just bought this iphone 5s 2 weeks ago because i couldnt deal with the wierd crap on my iphone 5 and now its doing the same thing and I noticed the "AITTarget" on my logs which brought me here, i have unknown networking devices on my net anylizer app that shows are connected and running, ip's listed as N/A that have open listening ports, my traceroutes are routing out of the country at some point every time i check.. ive been complaining to a few close friends that it feels like everything linked to me is becoming corrupted since the start of this year and i dont want to be paranoid but ive never seen anything like this.. ive lived on computers since i was a kid this is just really wierd never experienced anything like this. Ive been considering going off the grid myself. If you guys find out anything at all post back here i'm going to dig a little while longer not sure how long i can put up with this stuff. Ive already researched and got people ready to build a self sufficient earthhouse to escape this ************.

    The last straw for my sanity was reading a random computer log that lost encryption due to my efforts showing their inability to reconnect through various methods then stated "Target is acting very authoritative" followed by more access attemps then stating "You do NOT exist. Go away". My room mate became more paranoid than me after seeing it. Wtf is going on
  24. Timotalktalk macrumors newbie

    Mar 9, 2014
    What are super intelligent kernel mode rootkits?
    I am not that tech savvy and don't know how to get rid of the back door so robe has to my computer. Restoring and reformatting does not help. I have setting changing all the time, application changing without an update, some loop back ipadress on my wireless network, and firltering gallor. My logins saying they are wrong even when I use a password manager. My icloud passwords disappear, bookmarks doubling and tripling, then all disappearing, phone calls not ringing, and my icloud purchases for games taken off my account, can't play multiplayer games and my points are wiped clean, and I say I want to play with someone of my same skill level and I have no effect on my opponent and they can do things I can't, I can get 12 hits in and they hit me once and I die. This is happening across multiple games and developers. What can I do to protect myself. I have gone through three iPhones in the last month and my windows and Mac laptops seem to always needing to go to the shop for new parts or fried hard drives.
    PLEASE ANY ADVICE would be appreciated, other than "That can't happen". I use to feel the same way but this new experience is the most crazy and I couldn't have even dreamed up this mess. I didn't know someone could or even would target someone.
    Desperately needing help!
  25. Hacked2Insanity macrumors newbie

    Jan 22, 2015
    i am so relieved to hear someone else has had the same problem. I have been pulling out my hair and on the brink of insanity for almost a year. My problem originally began on my Dell computer in which I plugged in my iPhone to sync via iTunes. They had hacked my computer and became the "roaming administrator" all hidden beneath me controlling everything. My updates appeared to be loading, my firewall appeared to be working but over time bizarre things were happening like files and users and computers were appearing connected to my desktop. I eventually unplugged my dell and used only my MacBook which they hacked as well - my iPhone 4s, my child's android phone too. I finally got fed up and ditched my Dell XPS which was only 6 months old, ditched my MacBook, changed ISP Provider (after 4 new routers, encrypted passwords, firewalls ware etc couldn't get rid of the hackers), ditched our cell phones, changed cell providers and basically did a clean sweep of our house getting new devices and new services. I bought a brand new 29" iMac last July convinced by Apple they were secure. New router, new ISP, encrypted VERY encrypted passwords, router and computer firewalls set to high. Only used iMac Ethernet, all incoming blocked, wifi, Bluetooth etc all inactive. In a matter of days hacked!! iMac, iphone 5s, iPhone 5c, iPad mini, new MacBook ALL hacked. Our devices are syncing via Bluetooth to their computer - I have photos to prove it - Bluetooth syncing to nuvi #3809284246 (Nuvi is listed as a real-time social intelligence social media monitoring, listening, reporting program) They synced their keyboard and mouse to my iMac. There are thousands of hidden files on iMac, they have changed daemons, Kerberos and permissions. I have factory reset ALL my devices at least 5 times. Apple denies a problem - says it's impossible even with shell shock! The closest I got to an admission of a problem is when I showed a Genuis supervisor the hidden user and all the hidden files, and scans showing they have changed my router to redirect to a different address. The hacker is mounted to the root as part of the recovery so any reset just resets above it. I cannot seem to unmount them - APPLE CARE will only factory reset but not have a tech fix it.

    They have hacked all my email addresses and are syncing them/controlling them with Xmailer, they have hacked my Apple ID so I can't even change it ( I need to verify my new Apple ID via email but the problem is I NEVER get the verification email! - I try to change Google email but they've changed my password, I'm synced via Chrome with them.

    I don't get phone calls, I get voice messages 5 days later, my iMac is syncing with Apple TV I don't own! My cell phone can download music as if connected to iTunes ( apparently you can stream downloads like this if you are connected to Apple TV. I have 2,000 photos on my iPhone but they are not on my device when I go to Dropbox it shows only two of those pics are actually on my device.

    I havE no contacts on my phone because of factory reset yet if I type a name in an email all these contacts show up - I'm NOT signed into iCloud on the device!! Worst yet there are contacts that are my 12 year old daughters not mine! AND contacts of a friend of mines.

    I find photos of myself from my phone I didn't take. Turn the device off only to find it has been remotely started. They added the Find Friends app on my phone and I'm connected to it with all my email addresses but I can't disconnect because it's grayed out. I can't use my GPS app I bought because they are using it and I'm told only one device at a time can receive directions. All the terrific scanning programs I bought to find them like IP Network Pro etc won't work. If I try and download them again it will only download the Liteand won't restore the purchases. I downloaded Little Snitch on to my MacBook and the next day when I turned it on all I got is a large ? on the screen - can't even sign into to Recovery mode. I have a $2800 iMac that has been used 10 times collecting dust, unplugged.

    I have a MacBook with a ? mark on the screen rendered useless! And three iPhones, an iPad mini, 3 iPod touch devices all hacked and controlled!! No privacy. My daughter tries to call me from school on bothy iPhones and she can't reach me - needs to call a neighbour to tell me to pick her up from school. - they turn the volume levels down on my phone, shut it off, drain the battery? , shut off alarms. I try calling out to Apple or ISP and talk to a bogus person I end up at bogus websites, passwords have been changed to websites, Google history shows devices trusted but I can't disconnect them because there is no remove button like there normally is. I have neighbours having similar problems - I suspect they may be on the "hub" because it doesn't seem to matter which ISP YOU USE. This has all brought me to the brink of insanity. This is only the tip of the iceberg of what's going on and all the specifics to prove its not in my head I have recorded in books of notes, thousands of photos/scans etc. everything I've tried to do to get rid of them I'm blocked out. I try to change Apple ID but can't because I don't get emails to verify, can sign in to App Store using Apple ID but not into iCloud to try to disconnect them because it says I need to verify the change to my Apple ID via email first.

    AppLE, my ISP, the Police NO ONE WILL assist. I'm ready to cash in RRSP's to hire a technician but I'm not convinced spending another $1,000+ will make any difference. Afterall, I just bought an iMac, two new iPhones and a new MacBook and it made no difference. I ate two cell contracts, bought a new router too and a year later almost $10,000 poorer and I'm no further ahead. And Apple stands by their bs story they can't get hacked. They can!!
    Now that the hackers have the Mac addresses of ALL of my devices they are like a beacon on the Internet waiting to be found. I'm just relieved someone else has a similar problem - I was starting to believe I had gone crazy. Apple it's time to start admitting there are vulnerabilities that can compromise Apple devices and put them at risk - can you say Shell Shocked? And when you are done doing that how about offering some help to fix the problem. Apple says everything is working fine - well yes except there on a man in the middle in control - how about helping to regain control!

Share This Page

27 February 11, 2012