Sign in with
Sign up | Sign in
Your question

Help with intruder

Tags:
  • Computers
  • VPN Tunnel
  • Mac OS X
Last response: in Mac Os X
Share
August 15, 2013 5:36:36 AM

Developer has taken over both my Macs, 2 iPods and 2 iPhones. I have tried wiping both Macs 3 times, VPN tunnel and not able to shake him. He has also started the process in my friends computer also. Basically he has made us his tester. It has been going on for over 3 years now and it is getting worse. He will shut me out of my devices, take my network preferences away and other features. I have had it. How to I get him out of my computer and how do I identify who is doing this so I can report him to the police. I was told to file complaint with the FBI Cyber Crimes Unit but not from my computer. Pain in the ass to have to go to public library to use computer. Anybody, if you can help please do

More about : intruder

August 15, 2013 6:37:23 AM

antiglobal said:
Apple's operating system has a backdoor. He can do what ever he wants with your computers as long you are connected to the internet. And you have probably accepted this while installing the OS (licence agreement). There is nothing you can do abouth it.
That is why people use Linux based operating systems...


m
0
l
August 15, 2013 6:39:26 AM

antiglobal said:
Apple's operating system has a backdoor. He can do what ever he wants with your computers as long you are connected to the internet. And you have probably accepted this while installing the OS (licence agreement). There is nothing you can do abouth it.
That is why people use Linux based operating systems...


m
0
l
Related resources
August 15, 2013 6:39:44 AM

Are you saying I can never be rid of him? Is there anyway to identify this person? Will the FBI Cyber CRimes Unit be able to help?
m
0
l
August 15, 2013 6:48:48 AM

Dxyland58 said:
Are you saying I can never be rid of him? Is there anyway to identify this person? Will the FBI Cyber CRimes Unit be able to help?


Boot with a Linux Live CD. Monitor network traffic to and from your other compromised machine. That may lead you to an IP address. it almost certainly will not be 'him' (probably a botnet), but it might provide a starting point.

However..."I have tried wiping both Macs 3 times, VPN tunnel and not able to shake him"
I find that hard to believe. Wiped and reinstalled properly, it is *wiped*. How is he getting back in? Possibly just alternating infections back and forth between the two Macs?
m
0
l
August 15, 2013 7:40:16 AM

I spy a Troll.
m
3
l
August 15, 2013 7:40:24 AM

This would have to be done via an unprotected, open router (with remote access enabled) along with no or very poor network security (if being accessed wirelessly he would have to be physically located nearby) or malware is installed to allow such access. Backdoors aside, a clean install of OS X on a protected/locked down network should prevent all of this.

If malware is allowing access, then going to the library won't help.

m
0
l
August 15, 2013 7:44:31 AM

On two iPhones and two iPods too!? Come on, this is not for real. Just someone trying to slag of Apple IMO.
m
0
l
August 15, 2013 7:48:33 AM

Ijack said:
On two iPhones and two iPods too!? Come on, this is not for real. Just someone trying to slag of Apple IMO.

+1. I tend to agree that this sounds completely implausible as described.

BTW, even the local police, in most jurisdictions, can deal with cybercrimes to some extent. Step one, if valid, would be to file an official complaint with them.
m
0
l
August 15, 2013 7:49:48 AM

Insider threat is the most likely candidate here as well....if true.
m
0
l
August 15, 2013 10:44:43 AM

Guys I really appreciate the feedback and I know it is hard to believe. Nobody believes me but it is true. I started taking pics of what I was seeing on my screen. My son in law is a big geek and got me into all my electronics and I told him about it and he didn't believe me until I sent him pics. He did some cking and called me to say he realized I was telling the truth. He is the one who told me to do the VPN tunnel. I took my computer to Apple and had it wiped, changed inet providers, went to friends home away from my inet and set VPN up with his help on wiped computer and went home. It was just a few hours and all the stuff he had installed on my computer before was reinstalled. I'm talking all kinds of bluetooth access, all kinds of different cameras, tons of different printers, etc. I am just the average person using the computer. I know nothing about how it works. Your suggestion to boot with Linux CD is totally foreign to me. I'm sure you know your stuff, I wish I did, but have no clue how to do what you suggested. I have learned alot about what can be done with computer and what some things are used for only because I would see it on my computer and google it. I do not know how to use it. For example I was seeing a lot of references to ROOT in my logs etc. I now know it is used to get access to someone else's information. But believe me, I do not know the first thing about how to use it, where to get it etc. I also learned where my keychains are and all the certificates on my computer are ROOT. And a few days ago I looked at my keychain and noticed a network other than mine. I went up to look at the networks at the top of my screen and sure enough there was the network right under mine. For the hell of it I tried logging into it with my password and I was able to connect but I guess someone realized it because I lost the connection. That is just a few of the things. Like I said it's been over 3 years that this has been going on. Apple said they could not help, inet providers said they could not help, so I have just taken it but it is getting worse. My friend has her computer in her bedroom and told me a while back that her computer had started coming on by itself especially at night and it would wake her up. She had a problem a few days ago and took it to be diagnosed and was told that someone had changed some things around inside. So the reconfigured it and said she should not have any more probs. While at the store picking it up with her I asked the guy to show me where to find her logs. He did and asked to see all them and there was a warning and can't remember exactly what it was but it mentioned ROOT. That tells me my intruder has gone after her. I use to get mad and drag his stuff to the trash and he would shut my computer down and would not let me in for a while. He has locked my sim on my phone and had to take it to AT&T and replace sim card cause codes did not work to unlock it. He locked up my iPod and it gave me a to try to access again in 15 mins, in 20 I tried it again, and it told me to try again in 30 mins, tried again and it told me try again in 45 mins. Finally turned it off and after a few days went back to it everything looked normal. I called American Airlines to get my itinerary sent to me because the original one was no longer in my email. While I was waiting for the girl to email it I got an email and thought it was from American but it wasn't. It looked like it but info was all wrong. It showed me a flight to Tulsa Ok the next day and my seat # was 72F. My real flight was to New Jersey, was still a month away, and we all know there is no seat 72F. Good luck finding that seat. I confirmed with the agent that she had not even sent my email when that one came thru. I was on my phone. Tell me that was a coincidence.
Here is a pic I took of my screen yesterday. I deleted some of his stuff so he took access to my system preferances away. Just a sample of what happens. And not sure it was you but the referance to trying to slag of Apple IMO. I have no clue what you mean but if you r saying I'm trying to criticize Apple you are wrong. I don't blame Apple for this at all. I love Apple and that is the only computer I will ever buy. Their products are a big part of my life and can't imagine life without them. But I may have to if I can't get rid of this person. Forget about pic, couldn't copy and paste, and yes I tried several diff ways. Thank You to my intruder
m
0
l
August 15, 2013 10:45:34 AM

COLGeek said:
Insider threat is the most likely candidate here as well....if true.


What do you mean. What can I do
m
0
l
August 15, 2013 10:53:54 AM

Is your home network secure? Are you encrypting your wireless network and only providing the connection information to those who you want connected?

Insider threat is someone authorized to use your network, but is doing things you don't like or want done. Like a curious teenager...

Are you using your own router/firewall, one that you can personally configure?
m
0
l
August 15, 2013 10:55:18 AM

1. Your router and the rest of your network appears to be compromised.
2. Your Macs are compromised
3. Fixing the PC and leaving the router compromised just leaves is still open
4. Now to the odd parts - iPods and iPhones as well? That's a stretch.
5. "Insider threat" refers to someone who already has physical access to your network. Possibly someone repeatedly downloading something malicious.
m
0
l
August 15, 2013 11:10:04 AM

COLGeek said:
Is you home network secure? Are you encrypting your wireless network and only providing the connection information to those who you want connected?

Insider threat is someone authorized to use your network, but is doing things you don't like or want done. Like a curious teenager...

Are you using your own router/firewall, one that you can personally configure?


m
0
l
August 15, 2013 11:20:48 AM

Simple things to:

Change router default password (often password or admin) to something only you know. Make it hard to crack by using special characters and caps.

If using a typical commercially available router, change the SSID and not broadcast it....

Disable remote access to the router.

Set wireless security (I recommend WPA/AES) using another hard to guess password.

Set filters on the router to only allow designated MAC addresses to connect to the network.

These simple things will keep someone out of your home network (will make very difficult anyway).

Scanning/cleaning/re-installing all of the desktop/laptop machines should also be accomplished. No suspected dirty computer should be connected to the network until verified as clean.

Simple, common sense stuff can solve these issues.

m
0
l
August 15, 2013 11:23:03 AM

I don't know if my home is secure. I don't know how he is getting back in. This is all way over my head. As for my phone, I only use my new phone which is iPhone 5, not sure what the other one is. I erase everything, turn everything off and ck it a few days later and everything is turned back on and bluetooth is on. I read that these people use bluetooth to access other computers. When I look at network utility this is what it tells me
Network Interface (en1)
Hardware Address - and it lists my mac address
IP Address- it shows the address listed on my router from Time Warner Cable
Link Speed- 54 Mbit/s
Link Status-Active
Vendor-Apple
Model-Wireless Network Adapter
(802.11 a/b/g/n)

Sent Packets-523611
Send Errors-0
Recv Packets-704743
Recv Errors-0
Collisions-0





m
0
l
August 15, 2013 11:23:21 AM

This is stuff from a second-rate movie. I'm out.
m
0
l
August 15, 2013 11:34:11 AM

When I look at my IP address on my computer it shows me the IP address listed on my router which starts with 192 and the last 2 #'s are 10, for the DNS numbers(it shows 2) they start with 209. When I look at my phones IP address it starts with 192 also but the last 2 numbers are 11 and 12, on my iPod it starts with 192, last # is 13. When I was using my hotspot on all my devices it would show IP address and DNS would be Lan. That may be normal but have no clue if it is
m
0
l
August 15, 2013 11:47:24 AM

Ijack said:
This is stuff from a second-rate movie. I'm out.


I'm so sorry Jack. I didn't mean to run you off. I get the same reaction from everyone. If I could get my computer to let me copy and paste I would post pics of all this. I'm a 55 year old grandmother. I have no reason to make stuff up or play games. Just reaching out desperately seeking help and why I don't know because I wouldn't know what to do with it or how to use it if I got it. But I know when something is not right. I know when something is missing or moved. And I knew when I x'd out of a screen one night and saw a keyboard behind it then suddenly it disappeared that I was not the only one using my computer. I hope you never have this problem but then again you could probably fix it. It has literally turned my life upside down. I may not know anything about how a computer works but I do use my computer a lot. And when I try to go online to banking information or whatever and I see redirecting I know I'm going to the site they set up and not the real one
m
0
l
August 15, 2013 11:50:34 AM

Dxyland58, I am sending you a private message.
m
0
l
August 15, 2013 11:53:46 AM

COLGeek said:
Simple things to:

Change router default password (often password or admin) to something only you know. Make it hard to crack by using special characters and caps.

If using a typical commercially available router, change the SSID and not broadcast it....

Disable remote access to the router.

Set wireless security (I recommend WPA/AES) using another hard to guess password.

Set filters on the router to only allow designated MAC addresses to connect to the network.

These simple things will keep someone out of your home network (will make very difficult anyway).

Scanning/cleaning/re-installing all of the desktop/laptop machines should also be accomplished. No suspected dirty computer should be connected to the network until verified as clean.

Simple, common sense stuff can solve these issues.

I thank you so much for your feedback and help. I'm not sure how to do all that you said but thought I would call in the Geek Squad to help me. I know it probably sounds lame but as I replied to the other man, I'm a 55 year old grand mother and just use the computer not understand it as you and the others do. I wish I could find someone near my home. I would gladly pay them to do whatever it takes to stop this invasion.


m
0
l
August 15, 2013 12:00:10 PM

After the Geek Squad helps you solve all of this, you need to change both the router password and your wireless network password. Otherwise, complete strangers will know this info for your network. Have them show you how to change those settings yourself after they leave.

Also, don't give the info to anyone afterward.
m
0
l
August 15, 2013 12:04:16 PM

COLGeek said:
After the Geek Squad helps you solve all of this, you need to change both the router password and your wireless network password. Otherwise, complete strangers will know this info for your network. Have them show you how to change those settings yourself after they leave.

Also, don't give the info to anyone afterward.


I was about to suggest the same sort of thing. Someone local, hands on.

And whatever you do...do NOT do any online banking or similar until your entire network and all the devices are confirmed secure.
m
0
l
August 15, 2013 12:18:17 PM

THANK YOU GUYS FOR ALL YOUR HELP, I TRULY APPRECIATE IT. AND THANK YOU EVEN MORE FOR BEING SO KIND AND NOT MAKING NASTY COMMENTS BECAUSE IT DOES SOUND FARFETCHED. I'M SURE YOU GUYS HAVE HEARD OF cPANEL AND REDMOND PIE. I HAD NOT EITHER BUT FOUND STUFF FROM THEM SAVED TO MY BOOKMARKS AND MY READING LIST(DIDN'T EVEN KNOW ABOUT A READING LIST AT THE TIME) AND I WENT TO THEM AND IT GIVES STEP BY STEP DETAILS OF HOW TO DO ALL THE SAME THINGS I'M SEEING ON MY COMPUTER. IT'S AMAZING WHAT CAN BE DONE. IT WOULD TAKE ME DAYS TO TELL ALL THAT HAS HAPPENED AND I WOULD POST PICS OF MY SCREEN I HAVE TAKEN AS PROOF IF I COULD COPY AND PASTE. AGAIN I WANT TO SAY THANKS.
m
0
l
!