Thread: Hacked iMac
09-08-2013, 02:20 PM #1
- Member Since
- Sep 08, 2013
I think that my iMac has been hacked by an ex boyfriend and I think he now has access to my iphone and cloud as well. How can I tell which processes are supposed to be on and which are not? I have looked in the spotlight and I honestly do not know what is supposed to be on and what is not supposed to be on. Any ideas? Is there a program I can run that would tell me if the computer is being ghosted?
09-08-2013, 02:26 PM #2
Let's start out simple - what makes you think that your computer is being remotely accessed? Yes, it is possible but there are few visible signs that this is happening so if something is visibly wrong, this probably isn't the case.
First thing to check - System Preferences > Sharing. Are any of those options checked?
09-08-2013, 06:57 PM #3
- Member Since
- Feb 14, 2004
- Groves, Texas
- 21in. iMac 10.11 --- HP Linux Mint 18
Spotlight isn't going to help anyway. What you need is Activity Monitor, in the Utilities folder.Any priest or shaman must be presumed guilty until proved innocent.
09-09-2013, 03:26 AM #4
- Member Since
- Jan 22, 2010
- Victoria, BC
- Mid-2012 MBP (16GB, 1TB HD), Monoprice 24-inch second monitor, iPhone 5s 32GB, iPad Air 2 64GB
Actually, what you need to do if you sincerely believe you are being hacked by someone who has your admin password ... is the *change your admin password.* You should also change the passwords you use commonly (if any) to UNcommon ones. Not just different ones that anyone who knows you could guess, REALLY different. And strong (mixes of caps, numbers, lower case, preferably long and random -- look into a password manager program or keychain to generate and keep strong passwords.
If any sharing services are on, turn them off at least until you've changed the admin password.
09-09-2013, 10:47 AM #5
EDIT: There are 3 commercial keyloggers (intended for business use) and possibly others. This post on Apple's forums explains how to screen for those 3 in particular:
Please verify and include the exact model/year of your Mac and OS X version number (available from "About This Mac", then "More Info" on the Apple menu).
Links: Onyx | EasyFind | Apple Hardware Test | How to test your hard drive | The Safe Mac » Adware Removal Guide | Uninstall MacKeeper
Lifeisabeach - Mac-Forums Member of the Month June 2009, Feb 2012, and March 2013.
09-09-2013, 12:47 PM #6
- Member Since
- Jul 07, 2008
- Winchester, VA
- 2015 rMBP, 2008 iMac, iPhone 7, iPad mini, 13" MBP, AppleTV and two MacMinis
Depending on how much you need from the machine (data, mail, etc), the safest way to proceed is to disconnect from any ethernet connections, then stop WiFi and Bluetooth. At that point your machine is unreachable unless your ex has physical access. Once isolated, if it's ML, reboot into the rescue partition, wipe the hard drive and reinstall OSX. If it's not ML, reinstall OSX from the original disks after wiping the HD clean. (If you reinstall from the rescue partition, you'll have to reconnect to the Internet, as that process requires you to download ML from Apple. In any case, at the end of reinstall you'll have a clean system, reset to factory fresh. Follow chas_m's advice and use a strong password for all admin accounts. Turn on the Apple firewall (chas_m may disagree, but that's another topic) and then change all of your passwords on all accounts to something really strong. Frankly, I would not reload any of my old stuff unless absolutely certain it's clean, but that would be up to you.
There is a program called Little Snitch that can monitor what traffic is coming to and from your Mac, but unless you know what should and shouldn't have access, it can be difficult to use effectively.
On the iPhone and iCloud, the advice is about the same. Reset the iPhone to factory, change the iCloud password (after you have a clean machine to use to do that, otherwise a keylogger may just report to him your new password).
What I have suggested is pretty drastic, as you'll lose all of your personal data, but given that you are concerned about him, and if he has done this he's pretty creepy, it may be an acceptable price to pay to be secure.
If you aren't feeling tech-savvy sufficient to doing all of this, and if there is an Apple store nearby, you could try scheduling an appointment and have them restore the machine to factory conditions. Again, you'll lose your personal data.
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
By Alwyn in forum Security AwarenessReplies: 7Last Post: 11-08-2014, 05:58 PM
By akopman in forum OS X - Operating SystemReplies: 10Last Post: 07-13-2014, 03:09 PM
By leojfs in forum OS X - Operating SystemReplies: 3Last Post: 08-09-2012, 03:40 PM
By thatflookguy in forum OS X - Operating SystemReplies: 3Last Post: 01-31-2011, 05:32 PM
By Jakee in forum Internet, Networking, and WirelessReplies: 3Last Post: 05-05-2007, 02:20 PM