Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

123TLS

macrumors newbie
Original poster
Oct 8, 2020
1
0
How can I be sure I have not been hacked. I came across the Console, so I was curious and started looking around in it. I found some info and I am wondering if this is normal or if I have a hacker. I have over 200,00 messages and it continues to build as we type. Here is one line [HID] [MT] dispatchEvent Dispatching event with 2 children, _eventMask=0x2 _childEventMask=0x2 Cancel=0 Touching=0 inRange=1

The following is some of the system logs.
Oct 8 23:24:20 admins-MBP com.apple.xpc.launchd[1] (com.apple.Safari.CacheDeleteExtension[7458]): Extension is hanging on launch. Killing.
Oct 8 23:24:20 admins-MBP com.apple.xpc.launchd[1] (com.apple.Safari.CacheDeleteExtension[7458]): Extension did not initialize in time.
Oct 8 23:26:33 admins-MBP syslogd[93]: ASL Sender Statistics
Oct 8 23:29:22 admins-MBP xpcproxy[7466]: libcoreservices: _dirhelper_userdir: 557: bootstrap_look_up returned (ipc/send) invalid destination port
Oct 8 23:29:25 admins-MBP TVCacheExtension[7469]: objc[7469]: Class PDFToRasterImageRef is implemented in both /System/Library/PrivateFrameworks/AMPLibrary.framework/Versions/A/AMPLibrary and /System/Applications/TV.app/Contents/PlugIns/TVCacheExtension.appex/Contents/MacOS/TVCacheExtension. One of the two will be used. Which one is undefined.
Oct 8 23:29:25 admins-MBP MusicCacheExtension[7468]: objc[7468]: Class PDFToRasterImageRef is implemented in both /System/Library/PrivateFrameworks/AMPLibrary.framework/Versions/A/AMPLibrary and /System/Applications/Music.app/Contents/PlugIns/MusicCacheExtension.appex/Contents/MacOS/MusicCacheExtension. One of the two will be used. Which one is undefined.
Oct 8 23:37:57 admins-MBP com.apple.xpc.launchd[1] (com.apple.mdworker.shared.0A000000-0200-0000-0000-000000000000[7494]): Service exited due to SIGKILL | sent by mds[119]
Oct 8 23:38:34 admins-MBP com.apple.xpc.launchd[1] (com.apple.mdworker.shared.05000000-0400-0000-0000-000000000000[7495]): Service exited due to SIGKILL | sent by mds[119]
Oct 8 23:39:00 admins-MBP com.apple.xpc.launchd[1] (com.apple.mdworker.shared.0C000000-0200-0000-0000-000000000000[7496]): Service exited due to SIGKILL | sent by mds[119]
Oct 8 23:39:31 admins-MBP com.apple.xpc.launchd[1] (com.apple.mdworker.shared.0B000000-0700-0000-0000-000000000000[7497]): Service exited due to SIGKILL | sent by mds[119]
Oct 8 23:39:36 admins-MBP xpcproxy[7499]: libcoreservices: _dirhelper_userdir: 557: bootstrap_look_up returned (ipc/send) invalid destination port
Oct 8 23:39:37 admins-MBP MusicCacheExtension[7500]: objc[7500]: Class PDFToRasterImageRef is implemented in both /System/Library/PrivateFrameworks/AMPLibrary.framework/Versions/A/AMPLibrary and /System/Applications/Music.app/Contents/PlugIns/MusicCacheExtension.appex/Contents/MacOS/MusicCacheExtension. One of the two will be used. Which one is undefined.
Oct 8 23:39:37 admins-MBP TVCacheExtension[7501]: objc[7501]: Class PDFToRasterImageRef is implemented in both /System/

Any thoughts on this.??
Thank you
 
None of the described behavior or logs raises any red flags as far as I can see. Console is a very busy place.
 
  • Like
Reactions: ght56
None of the described behavior or logs raises any red flags as far as I can see. Console is a very busy place.

This.

Console logs everything so it generates a ton of messages. Even if you are not using the computer, there are hundreds or even thousands of operations occurring every minute in the background and the Console logs all of this. All of your system logs look normal. Macs are generally pretty difficult to hack in real world usage scenarios, and most of the malware Macs can get are more annoyances than major security threats (as it's not easy to modify critical files on your system). For that matter, Macs also make it very difficult for the user to install malicious content (e.g., an App downloaded from the Web that is not what it claims to be.)

There is security software like antivirus programs and antimalware programs, such as Malwarebytes that can scan your system for issues and have various other security features, but I don't think that they are necessary and some can cause more issues than they resolve. The only security program I personally use is called Little Snitch, which has the ability to allow or deny individual applications and program from connecting from the internet to your computer, or vice versa.

Especially if your are using Safari 14, there are some very robust security features designed to keep you safe when accessing the World Wide Web. You can pair this with a good content blocker such as Wipr, which blocks popups and often malicious content.

In sum, with good browsing habits, Macs are very robust on the security side.
 
It’s broadly comparable to Windows Event Viewer and is similarly useless without specialist knowledge, which I for one don’t have. It has been known for scammers to point users at WEV as evidence their computer has been hacked, the list is so alarming, and then charge a muscular fee to ‘fix’ the problem.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.