was my mac hacked?

Discussion in 'Mac Apps and Mac App Store' started by simplenation, Jul 9, 2008.

  1. simplenation macrumors member

    Joined:
    May 29, 2008
    #1
    So I come home this evening to a little bit of a surprise. My Hard Drive name has somehow been changed. Now I wouldn't normally think anything of this but the name of the hard drive was changed to the this symbol "=]- " Which to me is basically a smiley face. Now i think it would be pretty difficult for me to accidentally change the name of my disk to this symbol. Now immediately after noticing this change I quickly thought of the recent mac remote desktop trojan, which was recently announced. After checking my osx version i realized that I missed several updates including a security update. Do you think my machine was exploited or am i nuts? i think im gonna wipe my hard drive tonight cuz an exploit like this is pretty disconcerting.
     
  2. todd2000 macrumors 68000

    Joined:
    Nov 14, 2005
    Location:
    Danville, VA
    #2
    Does anyone else have access to the machine? I doubt it was "hacked." If you installed a trojan you would know, since it would require you to enter your admin password to install it. Have you installed anything recently that you wern't %100 cetain was a legit application? Im thinking someone is playing a joke on you. Check your logs and see what kind of activity there was while you were gone.
     
  3. MacGeek7 macrumors 6502a

    MacGeek7

    Joined:
    Aug 25, 2007
    #3
    How do you do that?
     
  4. richard.mac macrumors 603

    richard.mac

    Joined:
    Feb 2, 2007
    Location:
    51.50024, -0.12662
    #4
    do you have a cat, a young family member or have anything that could of rested on your keyboard? as its pretty easy to type "=]-" as its just the press of three keys near each other.
     
  5. simplenation thread starter macrumors member

    Joined:
    May 29, 2008
    #5
    thanks for the response. well whats strange about that is that the machine has been home all day with noone home... except for my sister.. who well couldnt have done it.. i dunno.. I have installed several applications that are less than legal .. which i downloaded from limewire.. apps.. etc. now i dunno but I haven't had any other problems. Btw. . My girl friend is sitting here and thinks i'm just being paranoid.:apple:
     
  6. martychang macrumors regular

    Joined:
    Sep 3, 2007
    #6
    Not true, not with the trojan he's talking about. That was why it was actually worth mentioning as a valid threat.
     
  7. todd2000 macrumors 68000

    Joined:
    Nov 14, 2005
    Location:
    Danville, VA
    #7
    Good catch, but the cat/child, etc... would have had to select Macintosh HD first. Although I spose the OP could have left the icon selected. Heck my cat has sent my friend IMs before :)
     
  8. MacGeek7 macrumors 6502a

    MacGeek7

    Joined:
    Aug 25, 2007
    #8
    I didn't hear anything about a Mac trojan - do you have a link or something?
     
  9. simplenation thread starter macrumors member

    Joined:
    May 29, 2008
    #9

    Yea thats exactly what im worried about.. now do i need to have the rdp client on my computer ?? or is that something thats just built into osx. btw.. no cat or children here.
     
  10. MacDawg macrumors P6

    MacDawg

    Joined:
    Mar 20, 2004
    Location:
    "Between the Hedges"
    #10
    Anything good? :)

    Woof, Woof - Dawg [​IMG]
     
  11. MacGeek7 macrumors 6502a

    MacGeek7

    Joined:
    Aug 25, 2007
    #12
    And a quote from that article states that "Like any Trojan horse, AppleScript.THT does not spread on its own but relies on user actions, such as downloading and launching, to infect a machine."

    The article also says that "[It] allows a malicious user complete remote access to the system, can transmit system and user passwords, and can avoid detection by opening ports in the firewall and turning off system logging,"

    So unless you install software without looking at what it is I doubt that you have this trojan.
     
  12. gnasher729 macrumors P6

    gnasher729

    Joined:
    Nov 25, 2005
    #13
    Sounds like a dangerous hacker attack to me. Apparently someone clicked on the name of your hard drive, then typed in =)-. Might have been your cat. Might have been your girlfriend. Might have been your own clumsy fingers.

    Now think about it: A "trojan" is software that _you_ must download from the internet yourself, and then _you_ must start it yourself. And you'll be told by your Mac first that you are downloading a program, and then you are told that you are starting a program that was just downloaded, and the Mac tells you what website it comes from and asks you if you really want to start it. A trojan can't sneak up on you and bite you in the arse, it needs _your_ help and complete loss of your judgement in order to run.

    And think about it again: If I was a hacker, and I was capable of infecting your Mac with a virus, and I was up to no good, do you really think I would create a virus that changes your hard drive name so that you figure out something is wrong? Nonsense. If I was an evil hacker and could hack into your computer, I would either cause _real_ damage and destroy all files on your hard drive, or (more likely) I would install some software that sends all your credit card numbers to a server where I can pick them up. And I would make sure that this leaves no traces.
     
  13. simplenation thread starter macrumors member

    Joined:
    May 29, 2008
    #14
    Ok well I know that its not some "hacker" .. im just thinking that someone .. a kid.. a neighbor .. someone might be messing with me which just bothers me a little.

     
  14. gnasher729 macrumors P6

    gnasher729

    Joined:
    Nov 25, 2005
    #15
    That's completely wrong. It is an application that you need to download and then run. Once you download and run any application, it can do lots of damage without using any clever hacker tricks - it can easily delete all files in your home directory without any chance for you to recover them if you have no backup. This one also managed to get access to the operating system, which is slightly worse, but still only if you downloaded it and ran it, completely ignoring two safety warnings from your Mac.
     
  15. gnasher729 macrumors P6

    gnasher729

    Joined:
    Nov 25, 2005
    #16
    And five minutes after you wiped your hard drive and reinstall MacOS X your neighbour's kid knocks on the door and asks "did you like the smiley that I put on your computer?" ;)
     
  16. MacGeek7 macrumors 6502a

    MacGeek7

    Joined:
    Aug 25, 2007
    #17
    That would suck....
     
  17. CanadaRAM macrumors G5

    CanadaRAM

    Joined:
    Oct 11, 2004
    Location:
    On the Left Coast - Victoria BC Canada
    #18
    ... and the OP has said that they have installed 'less than legal downloaded software' , which means that is entirely possible they could have downloaded and run an application thinking it was something else.
     
  18. simplenation thread starter macrumors member

    Joined:
    May 29, 2008
    #19
    just wanted to thank everyone for the comments.. i decided to just go ahead and be safe.. gonna wipe it clean today and patch the machine before installing any additional apps. I may also be purchasing a few of those apps this time around ;)
     
  19. Consultant macrumors G5

    Consultant

    Joined:
    Jun 27, 2007
    #20
    Good call, but also ask your sister if she or perhaps her friends have typed a smily face on your computer.
     
  20. krye macrumors 68000

    krye

    Joined:
    Aug 21, 2007
    Location:
    USA
    #21
    All you have to do it press enter and press those 3 keys. Since they are all really close together it wouldn't surprise me if you did it by accident by simply leaning on the keyboard. My kids sometimes lean on my keyboard when they are not paying attention and I find quite a few icons have been changed.
     
  21. martychang macrumors regular

    Joined:
    Sep 3, 2007
    #22
    Yes, that wasn't my point. My point was this one doesn't need your admin password. The post I replied to stated that you would've needed to enter your admin password to install a Trojan, which isn't true.
     
  22. Poncho macrumors 6502

    Poncho

    Joined:
    Jun 15, 2007
    Location:
    Holland
    #23
    Why not look in your system log and see if anything happened between the hours you left the computer and returned?
     
  23. karlsilla macrumors newbie

    Joined:
    Jun 23, 2008
    #24
    This just happened to me today, happened twice while I was alone at home, my hard drive changed names into some random characters, alphabets and numerals.

    Worrying... any update from the OP??
     
  24. tobster100 macrumors newbie

    Joined:
    Mar 11, 2009
    Location:
    new york
    #25
    HD renamed

    this also happened to me, which prompted me to look for answers, my hd was renamed from mac hd to numbers and letters also some files where moved around and renamed, does anybody know what could cause this? I'm gonna take human error out of the equation ,we my wife and I are both
    working people and have no kids messing with our computer, we just want to make sure someone isn't trying to get personal information.
     

Share This Page