I think that my iMac has been hacked by an ex boyfriend and I think he now has access to my iphone and cloud as well. How can I tell which processes are supposed to be on and which are not? I have looked in the spotlight and I honestly do not know what is supposed to be on and what is not supposed to be on. Any ideas? Is there a program I can run that would tell me if the computer is being ghosted?
Hacked iMac
- Thread starter segingola
- Start date
vansmith
Senior Member
- Joined
- Oct 19, 2008
- Messages
- 19,924
- Reaction score
- 559
- Points
- 113
- Location
- Queensland
- Your Mac's Specs
- Mini (2014, 2018, 2020), MBA (2020), iPad Pro (2018), iPhone 13 Pro Max, Watch (S6)
Let's start out simple - what makes you think that your computer is being remotely accessed? Yes, it is possible but there are few visible signs that this is happening so if something is visibly wrong, this probably isn't the case.
First thing to check - System Preferences > Sharing. Are any of those options checked?
First thing to check - System Preferences > Sharing. Are any of those options checked?
C
chas_m
Guest
Actually, what you need to do if you sincerely believe you are being hacked by someone who has your admin password ... is the *change your admin password.* You should also change the passwords you use commonly (if any) to UNcommon ones. Not just different ones that anyone who knows you could guess, REALLY different. And strong (mixes of caps, numbers, lower case, preferably long and random -- look into a password manager program or keychain to generate and keep strong passwords.
If any sharing services are on, turn them off at least until you've changed the admin password.
If any sharing services are on, turn them off at least until you've changed the admin password.
- Joined
- Sep 30, 2007
- Messages
- 9,962
- Reaction score
- 1,235
- Points
- 113
- Location
- The Republic of Neptune
- Your Mac's Specs
- 2019 iMac 27"; 2020 M1 MacBook Air; macOS up-to-date... always.
If a key logger is installed and automatically uploading its logs, then I would think that changing the password before neutralizing the key loggers would be pointless since the keystrokes for making those passwords would be logged. I'm not sure that simply turning off sharing services beforehand would help.
EDIT: There are 3 commercial keyloggers (intended for business use) and possibly others. This post on Apple's forums explains how to screen for those 3 in particular:
https://discussions.apple.com/message/21451748#21451748
M
MacInWin
Guest
Depending on how much you need from the machine (data, mail, etc), the safest way to proceed is to disconnect from any ethernet connections, then stop WiFi and Bluetooth. At that point your machine is unreachable unless your ex has physical access. Once isolated, if it's ML, reboot into the rescue partition, wipe the hard drive and reinstall OSX. If it's not ML, reinstall OSX from the original disks after wiping the HD clean. (If you reinstall from the rescue partition, you'll have to reconnect to the Internet, as that process requires you to download ML from Apple. In any case, at the end of reinstall you'll have a clean system, reset to factory fresh. Follow chas_m's advice and use a strong password for all admin accounts. Turn on the Apple firewall (chas_m may disagree, but that's another topic) and then change all of your passwords on all accounts to something really strong. Frankly, I would not reload any of my old stuff unless absolutely certain it's clean, but that would be up to you.
There is a program called Little Snitch that can monitor what traffic is coming to and from your Mac, but unless you know what should and shouldn't have access, it can be difficult to use effectively.
On the iPhone and iCloud, the advice is about the same. Reset the iPhone to factory, change the iCloud password (after you have a clean machine to use to do that, otherwise a keylogger may just report to him your new password).
What I have suggested is pretty drastic, as you'll lose all of your personal data, but given that you are concerned about him, and if he has done this he's pretty creepy, it may be an acceptable price to pay to be secure.
If you aren't feeling tech-savvy sufficient to doing all of this, and if there is an Apple store nearby, you could try scheduling an appointment and have them restore the machine to factory conditions. Again, you'll lose your personal data.
There is a program called Little Snitch that can monitor what traffic is coming to and from your Mac, but unless you know what should and shouldn't have access, it can be difficult to use effectively.
On the iPhone and iCloud, the advice is about the same. Reset the iPhone to factory, change the iCloud password (after you have a clean machine to use to do that, otherwise a keylogger may just report to him your new password).
What I have suggested is pretty drastic, as you'll lose all of your personal data, but given that you are concerned about him, and if he has done this he's pretty creepy, it may be an acceptable price to pay to be secure.
If you aren't feeling tech-savvy sufficient to doing all of this, and if there is an Apple store nearby, you could try scheduling an appointment and have them restore the machine to factory conditions. Again, you'll lose your personal data.
Shop Amazon
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.