View Full Version : Indie writer/researcher hacked HARD; badly need some real Apple "genius"

04-14-2016, 10:02 AM
calling all those with mad security skills ("balls" are a major +): i've reached the end with apple security's ability to assist me in shaking my now four-month-long, oh-so-favorite little hacker foe (also referred to, in my mind at least, as "thy local LANeighborhood skilled logician, with the possibility of a pretty good sense of humor, were it not for also being a S*B), and i'm in serious need of assistance in shaking him/her/them. if you can help, i'll totally get down on my knees, tho virtually of course, and scatter kisses all O.V.E.R the ground before you even consider walking on it. :)

me: just a single mom, a writer/researcher who dug a bit deep into a matter of significance. now i've been hacked up, down, all around and topped off with splash of oh-so-tart Tor. at this point, they "own" all the devices on my LAN and all my accounts, minus one. i think. how deeply and how final that ownership is, however, is the question.

i've wiped my devices and had new op systems installed three times; two new modems installed, the second of which i *thought* was pretty darn secure after some beefing-up (though doesn't that word -- "secure" -- seem such an oxymoron, at least in association with anything computer???); had my mac's Terminal and ScriptEditor uploaded to iCloud before being locked out of iCloud and unable to recover or close the account because the apple id dept. won't verify my identity. apparently a new, likely unique password is "stronger" proof than a government-issued ID, voter reg card, finger ID. who knew?!?! (but that was during wipe 3. let me backtrack.)

i think they first got into accounts because i stupidly had my primary email set as my apple ID. still, at that point, they had to continuously change my passwords and the like; we even had a super fun hour late one night switching it back and forth on one account! yeah. then, after the first, maybe it was the second wipe, and a new modem they got into my LAN -- tunneling maybe or perhaps they just used one of those handy-dandy lists i've read about that are, apparently, floating about out there -- le-de-da -- with various modem models' default admin credentials. i'm not really sure. but they got in there. oh, boy, did they. after i pulled the plug on that modem -- likely flinging f-bombs all OVER the place -- they *somehow* -- and i'm completely serious though also completely stupified -- had my hp wireless and networked printer begin functioning like a modem.

anyhow, once in my network the first time, they seized control of my computer. for instance, they no longer needed to change passwords and the like; if they wanted to restrict a search of specific words, they did; if they wanted to turn on a youtube playlist while i was listening to another, they did; if they wanted to delete all my notes or ANY file, they did; if they wanted to turn down the volume, well volume be gone! there seemed to be no limitations. the same has and does go for every account except the one.

and my iphone? yeah, not mine anymore. for ex., because i kept turning off and restricting Location Services in every place it's used on the darn phone, they just went on and added it -- yeah, added it -- to iBooks, which is a stock app that cannot be deleted, right? my restrictions no longer work for anything either. if they don't want my mother (or anyone for that matter) and me to talk or text, we don't talk or text. if they don't want my alarm to go off, it doesn't. as for being transferred once on the phone with a company like apple or AT&T, etc., forget about it -- three times now i've been transferred all right but NOT to anyone at the company or state agency i called. the list of things they're able to do and have done is absolutely astounding, and every time i learn something new (i'm no techie, or wasn't, but i'm having to learn fast ... or at least try) and bump up a defense, they just go a step above me. the consensus is that i'm dealing with someone pretty sophisticated. it all seems organized, too.

so, to the ip question. for a long time, my ip addy would change -- one day i might be in the UK and the next in cleveland. now it's being reported as a static addy, geolocating my city on the ip tool site i used most often to none other than the name of my apartment complex. yep. the country's right now, though! lol. i've also had a site confirm the use of a proxy server and detect tor nodes twice. from my online research, the apartment situation isn't possible in terms of geolocation, but, well, that's what it does, indeed, say! am i correct that this is an impossibility in terms of geolocation? if so, how are they doing it?

additionally, if you would -- i don't know for sure if what all they've got running on both devices is in the firmware or not, and i'd like you opinions. i feel reasonably confident it is on my iphone given than within minutes of a full system restore and new phone setup, location services is right back as an otherwise non-option option on iBooks, for instance. my computer, however, is another story. after the last modem installation, and thinking i'd really nailed it via some tightening up on the network config panel, my IP was checking out just fine. i didn't notice any changes to preferences, apps and such. but within about 3-4 days, i was again geolocating to either anywhere or my apartment complex. i haven't, however, noticed any other system changes or oddities (well, that's not true -- when i start up, i have to enter my password two times on two different login screens). so, are they all up in its firmware, too, and will getting a new hard drive resolve things (with the understanding that a bunch of other measures would also need to be enacted)? the apple "geniuses" say yes, but i've not found them to be particularly genius, frankly, and i've read elsewhere that new hardware doesn't always do the job. which is it??

any help you can provide on these issues -- or just any thoughts you have in general about how to kick them to the curb, if even possible, or thoughts/insights on the hacks deployed and ways i might "fight" them off or slow them down -- would be greatly appreciated. this has been an absolute nightmare, especially the social engineering component. and not being believed by others the more fantastical it becomes. i'm having to work *very* hard at not allowing it to do a serious, no, a scarily nefarious number on my psyche. i am basically begging for some relief, some real help. i've exhausted all other options, and all resources. are both devices trash?

04-14-2016, 10:22 AM
Can you just give a precis of the problems that you are having and what you have done to resolve them so far without all the storyline? A good start would be to list the type of mac & phone, version of operating system etc.

04-14-2016, 11:59 AM
thanks for replying, Sawday! i listed quite a few problems and the measures i've taken, or at least i tried. what types of other system-change things might it help to know?

as for defensive measures, things like changing the modem's security by enabling WEP2 personal encryption, setting up a new admin name and terribly unique password, renaming the network, and hiding it (and for a few days, i should mention, i always had to sign back into wifi once i either turned it off or shut down my computer and such but now it auto-connects all the time), creating a master password on my mac, ensuring the firewall is turned on, that bluetooth is off, restricting all sharing, only allowing MAC app store downloads, not hooking up my phone to my computer after the first wipe and new op system install, requiring admin authorization for everything it seems, never using icloud or any cloud service, setting up a new email account with two-step verification at the apple store on their computers and then using it only as and for each new apple ID. things like enabling restrictions on my iphone so theoretically things like location services (and its features) are turned off, that bluetooth is off, handsoff is off, background app refresh is off, doing the scary fingerprint thing and regularly changing the password on the device, not accessing accounts from it or ensuring as many accounts as possible have two-step verification and that they're all on (or not using those that don't), turning off fitness tracking (they like turning it back on and can because my restrictions no longer apply, apparently), removing a couple suspect recipes despite my phone saying there were none, turning off siri and siri suggestions despite the fact that i didn't enable it after the last two wipes and setting it up as a new phone each time (but they seem to like to turn siri back on all the time, too), safari stuff like blocking cookies, only allowing certain websites, being vigilant about web browsing, enabling fraudulent website warnings, disabling Javascript and so forth, never allowing it to connect to my wifi after the third wipe and second modem, not using my personal hotspot and i'm sure more.

thanks. really.

i'm on a '15, 13-inch macbook air with a 1.6 GHz Intel Core i5, running on El Capitan version 10.11.3.

and i have an iphone 6, 9.2.1