Stop the Hacking

Discussion in 'MacBook Pro' started by Airush77, Nov 8, 2017.

  1. Airush77, Nov 8, 2017
    Last edited: Nov 9, 2017

    Airush77 macrumors newbie

    Airush77

    Joined:
    Apr 29, 2012
    #1
    Hi, I have trouble with my system MacBook Pro 9,1 various OS's - OSX 10.7.5, 10.8.5, 10.9.5 & macOS 10.11.3 being hacked. I've tried formatting the SDD completely and using remote recovery for fresh install. I unplug the wifi&bluetooth contact, all is well. Once I plug the wifi&bluetooth modual back in then my system starts acting compromised with verious indications, happenings or options go missing and system start playing up, it a fight to get the easiest of tasks done. I'm 98% certain there getting in through both wifi&bluetooth,,as I've uninstalled all network devices and deleted the system configurations.plist associated with wifi,,,to eliminate wifi vunrebilities. I'm using Hands Off - firewall,,,without any luck there\its still gaining access to my system. I've tried going to Apple for tech support but it's just a complete inconvenience (3hour drive, the lineup was from the front to the back of the shop) and mostly unhelpful (needing to have the mac for a 2-3weeks). So I up for suggestions.
    ☝️Please only reply with useful ideas\support... Thanks for your help in advanced


    Hi, yes all passwords have been changed on many occasions on all devices as a preventative measure, but its still gaining access. Though I did try to check the firmware using this -
    https://github.com/duo-labs/EFIgy/

    And was only presented with inconclusive response.
    Most of the web sites I try to visit with fixes or tools is a battle,,,I have 2-3 HDD with verious OS which I randomly swap out,, in an attempt to get these fixes\tools downloaded,,,but usually blocked\prevented\stoped or after downloaded it won't unpack cause it corrupted or damaged. This is completely BS, I've had to abandon my system until I gain some help, cause I'm mostly out of answers:(.
     
  2. KGB7, Nov 8, 2017
    Last edited: Nov 8, 2017

    KGB7 Suspended

    KGB7

    Joined:
    Jun 15, 2017
    Location:
    Rockville, MD
    #2
    You need to change your ip that is being assigned to your modem by your internet service provider.
    Log in to your modem, wright down your wan ip, click release ip and turn off the modem for 20min( pull the power cord and disconnect all the cables).
    Turn on the modem and you should get a new ip. Log in to modem and verify that your ISP has given your modem a new ip.

    Your WiFi router.
    Change ssid and password. Also set your WiFi router so it does not broadcast its ssid.

    Perform a full scan on all computers that are in your house hold, for viruses and Trojans. Use every free software available; stick to well known developers.
     
  3. Airush77, Nov 9, 2017
    Last edited: Nov 9, 2017

    Airush77 thread starter macrumors newbie

    Airush77

    Joined:
    Apr 29, 2012
    #3
    Hi, I'm frequently unplugging the router so I can mostly do what need without being compromised\mac not playing nice. My router SSID is already set not to broadcast and I'm frequently changing Wifi password and login password. Hears and a few examples of what's been happening. I use virus protection - ClamXAV and Bitdefender free app from App Store, half the time I'm fighting the computer,,to get it to do what I need\want. Downloading malwareBytes was a a hughe effort it would arrive corrupt\broken and not open .dmg file and after I was able to downloaded it completely,,, it won't install\work, like its been blocked from installing...?

    I've installed Hands Off..! And added rules to eliminate all access except firefox and mac ip delivery - not sure of the correct name ATM and that is all that's given access,,,HO is Similar to little snitch.

    1st) System Preferences\Sharing-Remote Apple Events - is deselected and option to only "allow these uses" option is selected and NO profiles are allocated (by me)
    2nd) System Preferences\Sharing\Remote Management - is deselected and option to only "allow these uses" option is selected and NO profiles are allocated (by me)
    At times these are RESELECTED (not by me) to allow administrators access. And sometimes the option in SELECTED and greyed-out preventing me from DESELECTING once agin, but administrator is allocated (not by me)
    3rd) The MacBook Pro Computers Name is "Admins MacBook Pro" this is often deleted (Not by me)during internet usage, and I'm unable to add new computer name, unless I do a OS reinstall across the top
    4th) Bluetooth - Advanced option "Allow Bluetooth device to wake this computer" this is Deselected and Dissabled (by me). Upon recheck due to strange events this option is RESLECTED and ENABLED (Not by me) and sometimes is grey out, preventing me from DESELECTING it once agin. This may explain WHY, after shutting down my computer "the MacBook Pro in question" from the days work,,,,it would miraculously some how be found automatically turned ON during the night (Not by me). I will also point out NO known Bluetooth device has been connected to the MacBook Pro for months due to elimination, and was removed from device list at that time (mac magic mouse).
    5th) Often document that I have developed and verified, some how the documents contence would be modified (Not by me) without acknowledgment or consent into mostly crap.
    6th) While using finder window, the tool bar ("View tool bar" option) would disappear (not by me)on its own.
    7th) Sometimes an IP address would NOT be supplied to the wifi of the mac, even though I just been using the system moments ago without change (coffee break).

    >>>>>This list will be updated as I remember scenarios and return<<<<<

    Can someone PLEASE post A COPY or picture of the file system of there OS/System/Library/ perferably OS MtLion10.8.5 or Mavericks 10.9.5 to enable me to compare, file system...
     
  4. leman macrumors G3

    Joined:
    Oct 14, 2008
    #4
    How exactly do you know that you are being hacked?
     
  5. Airush77, Nov 9, 2017
    Last edited: Nov 9, 2017

    Airush77 thread starter macrumors newbie

    Airush77

    Joined:
    Apr 29, 2012
    #5
    As above, to get things done is like a battle,,,no smooth with ease.
     
  6. chrfr macrumors 604

    Joined:
    Jul 11, 2009
    #6
    You need to give more details. You haven't given any information that is useful.
    It's most likely that your computer is not being hacked; certainly not every time you reinstall the operating system.
     
  7. Airush77, Nov 9, 2017
    Last edited: Feb 25, 2018

    Airush77 thread starter macrumors newbie

    Airush77

    Joined:
    Apr 29, 2012
    #7
    Ho yher sure pal...! I've just explained weird events that have RECENTLY been occurring on my system. And your like,,, That's normal for you computer to ****** your hard work over and over, and do weird task and events without my permission. Ive been using this mac system for over 11 years without a hitch, and now things are STUFFED UP, you seem to think that's normal....! HEY EVERYONE MY MAC ISNT WORKING AS IT SHOULD, I NEED HELP FIXING THESE ISSUES and then I get UNHELPFUL YOU,,,,yhay.
    @ CHRFR - not helping...!
     
  8. DeltaMac macrumors G3

    DeltaMac

    Joined:
    Jul 30, 2003
    Location:
    Delaware
    #8
    I think OP may have Hands Off cranked up a little too tight, and that's "helping" by preventing OPs system from working properly. Those protective apps, another would be Little Snitch, can be set for TOO much lockdown, and really give problems until you turn that "protection" off, or at least wind it down to a more usable level.
     
  9. padams35 macrumors regular

    Joined:
    Nov 10, 2016
    #9
    I have never heard of a mac being hacked that didn't first require user complacency via some social engineering scam. More likely you are fighting one of your security programs that is 'helpfully' 'fixing' settings; it is also plausible that one of your favorite apps is an undocumented trojan that you keep reinstalling.

    Have you tested if the symptoms persist with a vanilla install without any 3rd party applications? If you haven't I'd suggest resetting the NVRAM, reformatting the hard drive, and reinstalling the OS without migrating any past data or profile information. Bonus points for upgrading to the latest version of MacOS (or any version new enough to receive security updates).

    If symptoms still persist after that then ...ouch.
    Otherwise reinstall critical applications like firefox one by one until symptoms reappear (showing the faulty app) or everything you need is installed and working.
     
  10. dangerfish macrumors 6502

    Joined:
    Aug 28, 2007
    #10
    What do you mean by "you plug/unplug the Wifi/BT module"?
    Also, what do you mean by you have 2-3 HDD with various OS's? Are these external drives with the various OS's on them? If so, where are you keeping all your files/docs?
     
  11. Airush77 thread starter macrumors newbie

    Airush77

    Joined:
    Apr 29, 2012
    #11
    Now a partition that holds all my work is some how inaccessible and locked\write protected and I'm unable to mount that partition. It's showed in disk utilities in RED and now named as "Virtual Whole Disk",,,, Any idea...?
     
  12. simonsi macrumors 601

    simonsi

    Joined:
    Jan 3, 2014
    Location:
    Auckland
    #12
    "Not working as it should" and "Weird events" are not the same thing as being hacked.

    Quote some examples of weird tasks and events, be specific and you will get help here. Waving your arms will achieve nothing and no-one can help from there.

    Screenshot what you can and show it here. What you have going on isn't normal, but equally its <highly> unlikely to be hacking.
     
  13. ApolloBoy macrumors 6502a

    ApolloBoy

    Joined:
    Apr 16, 2015
    Location:
    San Jose, CA
    #13
    You sure your hard drive cable isn't at fault? Constantly swapping out hard drives isn't a good idea considering how fragile the cable is, and a faulty cable could potentially cause weird issues like the ones you're experiencing.
     
  14. Gino Sun Angelo macrumors newbie

    Gino Sun Angelo

    Joined:
    Jan 7, 2013
    #14
    If some one hacked a mac must have your entire codes and number of the mac (you can get it from box of an item or inside about this mac option) then maybe more likely i would go with changing ip.
     
  15. dangerfish macrumors 6502

    Joined:
    Aug 28, 2007
    #15
    What partition, on what drive? You've go so much crazy stuff going on that its impossible to even begin diagnosing your issues.
     
  16. bopajuice Suspended

    bopajuice

    Joined:
    Mar 22, 2016
    Location:
    Dark side of the moon
    #16
    You could easily rule out bluetooth by moving to another location. In order for someone to compromise your computer via bluetooth they would have to be physically nearby to gain access.

    I also have to ask what is on your system worth gaining access to? It sounds like random things are happening for no apparent reason. Why would someone hack you just to mess with your settings or corrupt your downloads?

    Something does not sound right here.
     
  17. Fishrrman macrumors P6

    Fishrrman

    Joined:
    Feb 20, 2009
    #17
    OP:
    Do you by any chance "browse the dark net"...? ;)
     
  18. KGB7 Suspended

    KGB7

    Joined:
    Jun 15, 2017
    Location:
    Rockville, MD
    #18
    I’ve been hacked randomly in the past for no reason at all, but then I got a proper firewall and made a habit to change my wan ip every now and then.
    Hackers hack for various reasons, it doesn’t matter what the reason is but, anyone can become a victim.
     
  19. Airush77, Feb 25, 2018
    Last edited: Feb 25, 2018

    Airush77 thread starter macrumors newbie

    Airush77

    Joined:
    Apr 29, 2012
    #19
    Sorry for the late replay,,,Ive been (angry) neglecting my mac,,, Its been sitting in it case, turn off and locked up....
    .
    Okay check this out,,, I develop training packages, and other complex documents for a living and have been for over 12years. I basically use my mac for work purposes,,,, until recently I've had nothing but battles with my mac trying to compile documents. During drafting id go and review the first few pages after developing a few chapters, to only find; fonts have been altered, letter spacing would change, doc format would change, spelling errors, punctuation errors, things just all stuffed up. After the first review I would fix It to be great and formatted correctly and ready to move on; But soon enough I'd re-review the start of the doc again and again and again and again and again,as soon as I fix one part another part of the the doc would be altered,over and over and over,,,to finally give up,,, (Next day) Id start again all would be good for a short while, but soon after, it would all start happening again.
    Ive experience things like; system setting changing and adjusted, apps closed\open, Macbook pro firmware password lockout\changed, then my Mac wouldn't obtain a valid IP address (using Ethernet(can't connect to the net), until I created another mac user account then I'd gain a valid IP address enabling me to connect to net,, for short term, but soon enough I'd have to create another user account. For the last 11 years I have my system setup exactly the way I want and how I want ready for work (I don't browse to far away from safe browsing using My mac book,,,that's what the iPad is for... and No one else has access to my system (apparently).
    Some times I'd develop a great piece of work, (document development,,,and be happy\satisfied with my work) save it, shut down my mac,, go to bed,,,only to return the next day to review the great piece of work from the previous night,,only find rubbish mistakes and errors and changes (cry). The only way I was able to meet my dead line,,,,was to use my mac was without the Bluetooth and WiFi module. Id removed it then all would work fine...and I was done as it was close to Christmas and I needed a break....
    .
    These are the step I've taken to try stabilize;
    I've reinstalled system images, I've reinstalled clean OS, Ive completely formatted the hard drive and used internet updated recovery to reinstall OS and upgrade OS to High Sierra.
    I've formatted the SSD hard drive over and over using different systems (Linux). Ive down graded the SSD firmware and updated it back to the latest.
    Ive reset modem, Ive installed new firmware, Ive downgraded firmware and reinstalled the latest firmware through router settings.
    .
    Now,,,just recently Ive been directed to The Eclectic Light Company to use Lockrattler41r,,,, where it completed a few checks and injected updated and system compliance to the system... also I've installed ESET Internet Security to work in conjunction with my updated Hands off firewall,,and Ive changed my internet service provider.
    .
    .
    I'll report back with a overview,,,,
    But a big THANK YOU to Apple for defending us and keeping us safe as much as practically possible,, sorry about the initial doubt,,,its mostly been a joy thank you:cool:
     
  20. DeltaMac macrumors G3

    DeltaMac

    Joined:
    Jul 30, 2003
    Location:
    Delaware
    #20
    I think you have missed one likely fault:

    Have you tried replacing the SATA ribbon cable? If you look around on these, and other Mac support forums, you will see that a faulty SATA cable can cause very unusual problems, including corruption of files --- particularly after installing an SSD (due to timing issues on the much-faster SSD). A damaged SATA cable can contribute to at least some of the issues that you have on your Mac.
     
  21. simonsi macrumors 601

    simonsi

    Joined:
    Jan 3, 2014
    Location:
    Auckland
    #21
    So you are physically unplugging the WiFi module inside your Mac? Are you still randomly swapping out various OS' on various external drives?

    What OS are you running?
     
  22. 960design macrumors 68030

    Joined:
    Apr 17, 2012
    Location:
    Destin, FL
    #22
    So, your SSID is pretty much guaranteed to be included in everyone's rainbow tables. Save yourself and broadcast your SSID to prevent beaconing while you roam with your mobile devices.

    Information to help you make an informed security decision:
    https://dfarq.homeip.net/why-hiding-your-ssid-makes-your-security-worse/
    https://www.pcworld.com/article/2052158/5-wi-fi-security-myths-you-must-abandon-now.html

    PS. Just trying to be helpful.
     

Share This Page

21 November 8, 2017