Jump to content

Search the Community

Showing results for tags 'hacker'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






Found 15 results

  1. I was invaded on my Mac running Catalina 10.15.5 by MacKeeper. Everyone thinks it's just a virus scanner app that has bad code but the company is worse than what it appears. I will attach some files that they took over to take full control of my Mac and wanted 200 to go on it with their techs and "clean" the viruses and malware that I had. When I told them no I got the full brunt of their invasion. They quickly ran a js file that installed their ransomware before I could disconnect my mac from the internet completely. I then spent a day tracking all the files and broke them into readable code so I could see what it was doing. Here was my first clue that I wasn't getting my Mac system drive back. This is from the System/Driverkit/Runtime/.../kernal/.../info.plist: Note that it changed the package type to 'FMWK' and the signature is '????'. I went looking for files installed by FMWK and found it had rewritten the code in my grammar checker for chrome to include thousands of lines of code. It took over root and all the groups. It added it's own acct and changed the root/admin password so I couldn't undo their program or kill it. It had a line of code in it that basiclly said, "if any of my files are changed or missing to add them back right away." I did try a lot of deephack moves on their code but it would just put itself back. It added hundreds of files in all different types such as js, php, xml, css, de, oss, json, h, c, html, intime, py, ssh, and more. They wrote files into the usr/local/opt, opt/x11/bin, lib/ext, lib/apple, sys/vol/data and added a burred directory called /zz/. They captured my fingerprint reader because I have all my passwords in a safe. This they used to control what I could get to and do. They added com.apple.lockoutagent and webpack bootstrap so neither I nor Apple support could use the system recovery section to rewrite the system. The grammar file base app was called Grammerly_popupeditor-denali.js. so I took it that they were from India. And I could go on for a long while about the code I found in these files but I couldn't do anything about it. I finally gave into the fact that they had won the battle and I totally cleaned the system drive and wiped my Mac til I knew it was clean. Then I used an external boot drive to reinstall the system. It's a good thing they couldn't get to my apple id password or my icloud id because they trashed my TimeMachine backup drive too and made it a mess. I had a couple of long days and nights breaking down what they had done and to what extent then reinstalling my system. I'm writing this account of their activities so other will be ware and maybe someone higher than me (Apple) will put them on the blacklist. Yes I did have Norton installed and it would have stopped them but they thought of everything and erased the main .exe file before they installed all this mess. Of course I could not reinstall it or any other app too. There are names for people like this that I won't say. I just hope someone shuts them down before we loose a government computer or something else important. It has taught me a valuable lesson in cybersecurity and that is to do better at it. They will get theirs someday. I found them out and so will others. Please put them on the blacklist Apple.
  2. Some weeks ago I realizad my Malwarebytes date is wrong. On "next scan" it says 01/01/21 and last scan says it was on 31/12/20. In the little icon at the top of the Mac screen says that scans are being done daily but when I check reports I can see that suddenly scheduled scans are not being performed. I deleted the app and downloade it again and I think it's working fine now but I still would like to know why this happened, I am a bit worried. Thanks
  3. I downloaded Malwarebytes Security a couple of days ago from the Playstore, it didn't say it was a 30-day trial, it said "in app purchases". The scan showed 98 programs having network access 36 programs can track location 15 programs can be device admins 30 programs can cost you money 38 programs can control your hardware I don't think I have to go any further. It took me forever to get to the malware.com website. The entire website looked ridiculous, the forum entries had mostly zeros, there were zero's at places where there should be numbers. Any suggestions? I also did not get a license key, I have a field to activate my trial in 28 days, where do I find my key? Thank you, Ladies and Gentlemen
  4. Last week our network was hacked into by an unknown party. Our firewall was open for remote connections to allow a firm that is performing major upgrades to our Microsoft Dynamics ERP software. Prior to this project, I set up a VPN connection on our Sonicwall firewall device and both myself and the local office of the firm doing the upgrades were able to log in successfully. However, the firm doing the upgrades has a team doing much of the work from India. The folks in India insisted they were unable to connect via the VPN and had to use a much less secure route. Yes, this should have been a major red flag, and I was very reluctant to allow this and suggested that I send them copied of the VMs and they work on them there, and return them when complete. Nope, we can't do that, so yes, the fool I am, gave in and allowed unsecured access. While I can't prove who logged into system, I can tell you that they used credentials that only myself, and the above firm knew. You decide ! Last Tuesday, one of the office staff tells me at 6 am that she can't get into her exchange mail and I go to log into my system to take a look and would get disconnected after a few seconds, over and over. I finally log in as the administrator and see someone logged in as me from a client that was not ours. I quickly ran to the server room and pulled the internet feed. I found they had left open multiple windows on a couple servers running commands and changing firewall rules. I also found they installed an IP scanner on one desktop and had it open as well. They successfully installed ransomware which wiped out a couple of our servers that I use for backups. Thankfully, they didn't get to all of the backups and tapes, and I was able to get us back up in a day or so. One thing that I found disturbing (well, even more disturbing) was that they uninstalled our Malwarebytes Endpoint agents, allowing the damage to be done. So, here is my question, can the Malwarebytes protection be made uninstallable or unable to be disabled by anyone, even administrators without a unique password, or special code specific to this purpose only? If not, maybe this is something that can be looked at.
  5. I got an email on winter from a ”Save Yourself” hacker which found one of my passwords. He hacked all my accounts, Battle.net, Steam, PS4, but he didn't hacked Google or Facebook. I restored my PS4 account with a hard work and on monday, I will try to restore the others two. I've enabled 2FA for Yahoo, Google, PS4, Facebook etc. I've found that I was hacked this may, but I didn't notice the mail. Today, I've checked the spam and found a guy telling he would post videos with me doing ... I have never doing that so I am not stressed, but after 4 hours I got the same email. I know his IP from Steam email address change. I found that he lives in Russia. How to report him to prevent people getting hacked by this guy? I know his bitcoin wallet btw. Please help.
  6. Been dealing with this for some time now. Just did a fresh reinstall yet again - Ran windows update and it said MDM is managing your orgizations updates and something about forcing me into using windows insider updates, All the security certs are fake - at least most of them, Was removing them them the hacker locked me of MMC. Yet Im on the admin account. I have run multiple antivirus and anti malware programs it never finds anything I am at a complete loss of what to do to get rid of this malware. Also it has windows update install really really old updates like my video card driver it installed was from 2017 - when I tried to install the up to date one it just fails. tried it in safe mode without networking also still failed. Any ideas suggests, any help whatsoever would be greatly appreciated.
  7. Have an odd situation. My MalwareBytes Premium is repeatedly showing blocks for an inbound IP address (we'll call it for example) on port 53. I am running this on a personal 2008 server that does have MS DNS running and the server is behind a Cisco router that has an explicit ACL deny for I've scanned the inbound connections on both the router and the server and do NOT see that IP address connected nor does the access-list show any matches for that IP being denied. Still, MalwareBytes is repeatedly blocking that IP about 50 times every 15 minutes. Any ideas where I should be digging deeper?
  8. I have been targeted by a hacker ever since i discovered a group vicitimizing kids online and threatened them to tell he police (im 17 mself and the hacker is also young). A couple of months ago i knew nothing about malware removal but boy have i gotten a lesson and now im not bad. ive been able to beat eveyrthing she has thrown at me (and omg are some of these tings unreal) but svchost has totally schooled me. i have tried everything and i mean everything. it wont even let me nuke the hard drive because it has blocked me from effectively accesssing the bios. This example of svchost looks legit because it is actully saved in system32. But it uses hte nternet 24/7 even after i disable all the things that windows does online in the background. it allows her accesst to my comp even when in airplane mode. When i wrote a rule against it in the firewall it wreaked havoc. sometimes it doeastn allow me to delete it and soemtimes i get the blue screen. it has corrupted the permissions window so that i had to repair it before taking ownershio of it. The one time i managed to remove it using iobit it was back in seconds. She has used it get a betteer idea of where i live and to turn on m cam. One day i was having an argument wtih her on messenger and she took control of my comp to move some windows araound to make a point (we actually are on decent terms -- i objet to who she works for more than who she is and i think this has saved me a lot of grief). She also tracks me using the trojan and will disrupt my online activities. in fact if i walked away from this post to eat or something there is a good chance it would be gone when i got back and that i would have trourel accessing this forum. .in fact, i hope you have an awesome firewall beacuse she wont think iwice about hacking you and posting a bogus reply to this. she would prabably make a joke of it. This thing has put me on a leash. i hope you can help. im in your hands.
  9. Hi, I have been noticing my C drive folders getting larger though I do not install anything and I notice many different created dates/dates accessed, modified, date last saved dates and my win 7 32 bit software was purchased sept 2010. I also found hidden desktop remote configuration icons also in different folders. No matter how many times I do a Zap0 on the hard-drive and re install my windows this keeps coming back a few months later. I feel the install CD or the X boot drive is corrupted. I also saw in the registry many files in cabs, also what to back up and restore, what NOT to back up and restore, and recently was directed from a cached file in my computer to a fake Microsoft site where it almost got me to update my computer and stuff. Someone please help me
  10. Hi, My laptop seem to be hijacked for a long time. I have tried everything , installed malwarebytes, webroot after avast failed but still nothing is working. The problem is everything I typed or site i visits seem to monitored by my ex , please dont ask me how i know.. There have been some strange files (C17 in c/users/appdate/local/temp folder which are loaded at least 5 or 6 time a day at different intervals. Then their was a folder in idlecrawler. DDC6.Temp and ~DF... format plus other random folders. Also my screen gets frozen time to time and sometime , screen goes blurry. Now the malwarebyte is also not working as it is coming with an error. SDKLoaddatbasedefaulcode:2 Please help. ta kas
  11. Hello. I don't know where else to put this, so I will put it here. One day I was on Google chrome and when I opened a new tab, it went to the bing search engine. I got that fixed, but then my default search engine was bing. The next day(today) it said that someone tried to open my gmail. I just changed my password.The reason i am not scanning with DDS is because this is web malware. Please use web browser/hacker detector scanners instead of normal malware scanners like MBAM, RougeKiller, or ComboFix. Thanks, and I hope you can help. P.S: the email hacker's info and date was: Wednesday, February 19, 2014 11:54:57 PM UTC IP Address: Location: Changsha, Hunan, China
  12. Hi. I have been asking this on some forums but people don't seem to can help me. My computer has recently gone just weird with all random advertisements, lag(especially when the internet is on) that is near unbearable .. In the beginning only pc, programs and clicking was lagged, but now also the internet speed is restricted(connection timeouts etc) So there must be malware, but I cant get any program to find anything. I started thinking the possibility that someone has gotten on my pc when net started lagging, mouses/keyboard disconnect and programs started to crash and lag ESPECIALLY when im looking for anti-virus help and I was quite sure of it, when my x-fire(offline but running) starts to give messages to me "xkon3kt has connected" I dont know him and there is no way x-fire sends messages offline. This is starting to creep me out and I could use a help b ecause I am not quite sure what to do now. I tried to use "netstat -a" in command prompt, but I dont really know what its telling me. TCP DMG-PC:56283 T TCP DMG-PC:56286 T TCP DMG-PC:56288 T TCP DMG-PC:56290 T TCP DMG-PC:56292 T TCP DMG-PC:56296 T TCP DMG-PC:56298 T TCP DMG-PC:56302 T TCP DMG-PC:56306 T TCP DMG-PC:56310 T TCP DMG-PC:56314 T TCP DMG-PC:56316 T TCP DMG-PC:56320 T TCP DMG-PC:56322 T TCP DMG-PC:56324 T TCP DMG-PC:56326 T TCP DMG-PC:56327 T TCP DMG-PC:56330 T TCP DMG-PC:56334 T TCP DMG-PC:56336 T TCP DMG-PC:56338 T TCP DMG-PC:56340 T TCP DMG-PC:56342 T TCP DMG-PC:56344 T TCP DMG-PC:56346 T TCP DMG-PC:56349 T TCP DMG-PC:56350 T TCP DMG-PC:56355 T TCP DMG-PC:56358 T TCP DMG-PC:56361 T TCP DMG-PC:56363 T TCP DMG-PC:56365 T TCP DMG-PC:56367 T TCP DMG-PC:56369 T TCP DMG-PC:56371 T TCP DMG-PC:56373 T TCP DMG-PC:56375 T TCP DMG-PC:56377 T TCP DMG-PC:56378 T TCP DMG-PC:56379 T TCP DMG-PC:56380 T TCP DMG-PC:56381 T TCP DMG-PC:56388 T TCP DMG-PC:56393 T TCP DMG-PC:56395 T TCP DMG-PC:56399 T TCP DMG-PC:56405 T TCP DMG-PC:56409 T TCP DMG-PC:56411 T TCP DMG-PC:56415 T TCP DMG-PC:56417 T TCP DMG-PC:56419 T TCP DMG-PC:56426 T TCP DMG-PC:56428 T TCP DMG-PC:56432 T TCP DMG-PC:56434 T TCP DMG-PC:56438 T TCP DMG-PC:56440 T TCP DMG-PC:56441 T TCP DMG-PC:56446 T TCP DMG-PC:56448 T TCP DMG-PC:56450 T TCP DMG-PC:56452 T TCP DMG-PC:56454 T TCP DMG-PC:56456 T TCP DMG-PC:56458 T TCP DMG-PC:56460 T TCP DMG-PC:56462 T TCP DMG-PC:56464 T TCP DMG-PC:56466 T TCP DMG-PC:56468 T TCP DMG-PC:56470 T TCP DMG-PC:56472 T TCP DMG-PC:56474 T TCP DMG-PC:56476 T TCP DMG-PC:56478 T TCP DMG-PC:56480 T TCP DMG-PC:56494 T TCP DMG-PC:56496 T TCP DMG-PC:56501 T TCP DMG-PC:56531 T TCP DMG-PC:56533 T TCP DMG-PC:56535 T TCP DMG-PC:56540 T TCP DMG-PC:56544 T TCP DMG-PC:56548 T TCP DMG-PC:56550 T TCP DMG-PC:56552 T TCP DMG-PC:56556 T TCP DMG-PC:56558 E TCP DMG-PC:56566 E TCP DMG-PC:5354 E TCP DMG-PC:49161 E TCP DMG-PC:49160 E TCP DMG-PC:49163 E TCP DMG-PC:49162 E TCP DMG-PC:49193 E TCP DMG-PC:49192 E TCP DMG-PC:27015 E TCP DMG-PC:54181 E TCP DMG-PC:54180 E TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 T TCP DMG-PC:44080 E TCP DMG-PC:44080 E TCP DMG-PC:2559 S TCP DMG-PC:0 L TCP arn02s05-in-f12:https E TCP arn02s05-in-f11:https E TCP cache:http T TCP cache:https E TCP web-vip:http T TCP arn06s02-in-f15:https E TCP T TCP T TCP 193-45-10-159:http T TCP lb-in-f84:https E TCP bs:http T TCP 193-45-10-162:http T TCP 193-45-10-162:http T TCP data107:http T TCP ns2339835:http T TCP ns2339835:http T TCP ns2339312:http T TCP data11:http T TCP data11:http T TCP data110:http T TCP T TCP edge-star-shv-07-ams2:ht TCP n1nlhg700c1700:http T TCP arn02s05-in-f12:https T TCP arn02s06-in-f15:http T TCP 193-45-10-159:http T TCP T TCP ec2-107-21-123-212:http TCP 193-45-10-151:http T TCP ec2-54-225-133-14:http TCP 173:http T TCP T TCP server-54-230-99-245:htt TCP edge-star-shv-07-ams2:ht TCP ec2-54-235-189-9:http T TCP ec2-54-243-105-127:http TCP a23-52-17-224:https E TCP la-in-f95:https E TCP ec2-79-125-110-85:http TCP ec2-50-112-162-47:http TCP 193-45-10-159:http T TCP T TCP ec2-54-236-156-196:http TCP www:http T TCP E TCP cache:http T TCP T TCP T TCP T TCP T TCP T TCP T TCP T TCP arn06s01-in-f22:https E TCP arn02s05-in-f11:https T TCP E TCP arn02s05-in-f10:https E TCP arn02s06-in-f15:https E TCP T TCP E TCP arn06s02-in-f29:https E TCP bom04s01-in-f15:https E TCP lhr08s04-in-f15:https E TCP l3:http T TCP E TCP cache:http E TCP E TCP E TCP db3msgr5011612:https E TCP [::]:135 DMG-PC:0 L TCP [::]:445 DMG-PC:0 L TCP [::]:23505 DMG-PC:0 L TCP [::]:44080 DMG-PC:0 L TCP [::]:49152 DMG-PC:0 L TCP [::]:49153 DMG-PC:0 L TCP [::]:49154 DMG-PC:0 L TCP [::]:49155 DMG-PC:0 L TCP [::]:49165 DMG-PC:0 L UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP *:* UDP [::]:5355 *:* UDP [::]:23505 *:* UDP [::]:64698 *:* UDP [::1]:1900 *:* UDP [::1]:5353 *:* UDP [::1]:49916 *:* UDP [fe80::29a8:fc8:9415:3158%11]:546 *:* UDP [fe80::29a8:fc8:9415:3158%11]:546 *:* UDP [fe80::29a8:fc8:9415:3158%11]:1900 *:* UDP [fe80::29a8:fc8:9415:3158%11]:49915 *:*
  13. I've had a strange occurrence the other day where I could constantly hear the sound of a usb turn on and off as well as a bit of computer strangeness. I was unable to update windows and other things had occurred. Though the former occurred when I installed BitDefender and still happened after installation. I had a recent System Recovery and my Windows 7 has been grossly out of date. I looked around and I saw that the EventViewer had MANY instances of an anonymous account logging in and out of the computer. Though through scanning with AVG, MalwareBytes and others showed it to be clean, but I'm not sure of that. I took some screenshots and have a few logs to share, tell me if something is up. EventViewerLog.txt hijackthis.log
  14. Malwarebytes ; I have registered two business in the city of San Francisco CA. While searching for radio play and promotion , I ran into criminals that have hijacked some of my product and have been working hard to prevent me from conducting any business from my business . I've never met these criminals but some musician friends in the bay area who claim to know something about them on verious level says they're Nazis .One linkenedin associate whom is not my friend say they're not nazis but it seems they dont want my business to work . I've contacted some Lay enforcement to at least monitor this situatuation. I have a the Lawyer I need now and is under investigation and preparing to go to court. They have hacked into my computer and have gave me a lot of problems for to long now . I would like software that will block the hackers . You've sent me that software before , please send it again.,
  15. Are there any reliable, free antikeyloggers out there? Only taking answers from experienced members.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.