Search the Community
Showing results for tags 'certificates'.
Found 1 result
My 1-year old Mac Air laptop was massively hacked on 3/28/19. I’ve figured out how it happened and it disguised itself as a source for published medical papers. It made its debut by shutting my laptop down and when I restarted it I couldn’t use google as my safari search engine despite it showing in system preferences. All searches were directed to Yahoo! and the sites there weren’t authentic. I couldn’t even get on Apple support. I believe the malware may have gotten in through my gmail as that account was seriously affected. The more I tried to figure out what was going on by going by searching system information the more I lost access to them. Eventually my entire interface changed - it looked more like a bad reproduction of the real interface. I called apple support and they connected with my screen. We downloaded a virus detector which showed nothing but I could tell it was still there because the margins on any site were too large I’m not at all a technical person but I was driven to figure this out. I used every system investigation I could and found out my network was being entirely redirected; commands were being blocked; data was being accessed and large and continuous data packets were being sent even though my computer wasn’t on or another time while I was completely off line. I found 2 mysterious “printers” and think those were involved in redirecting my network. Going into logs I could see a lot of commands the malware set up which were very disquieting. I saw instructions related to the camera and microphone, commands to circumvent the virus scanner, activating a control to get into computer while shut off and rerouting my network. I somehow found a malicious certificate and traced it to root systems. I called in our tech person and she downloaded Malwarebytes and ran every choice but it too showed nothing She wasn’t interested in the information I’d found and trusted that the virus scan was correct She rebooted our internet and we created all new names and passwords and it seemed like it worked for about 4 days but then it showed up again The malware changed so many things especially related to keychains and passwords were being rejected Finally I sent my laptop out and it was download on an external drive Had the whole operating system deleted and downloaded it again But I’m still really concerned I’m still vulnerable and I’ll admit I’ve become extremely paranoid Could the data reloaded from the backup contain malware? I’d appreciate any input on this This malware sounds very like one i saw on this blog but it seems more advanced by protecting itself from discovery especially by deep virus scanners I documented a lot of data I found including taking screenshots with my phone If anyone is interested in that or name of site where I made that fateful download let me know Side note: My iPhone was also affected likely through gmail. My photos were being accessed as well as contacts I got locked out, had it deleted but couldn’t reactivate because my gmail was disabled.