Jump to content

Search the Community

Showing results for tags 'hacker'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 6 results

  1. I was invaded on my Mac running Catalina 10.15.5 by MacKeeper. Everyone thinks it's just a virus scanner app that has bad code but the company is worse than what it appears. I will attach some files that they took over to take full control of my Mac and wanted 200 to go on it with their techs and "clean" the viruses and malware that I had. When I told them no I got the full brunt of their invasion. They quickly ran a js file that installed their ransomware before I could disconnect my mac from the internet completely. I then spent a day tracking all the files and broke them into readable code so I could see what it was doing. Here was my first clue that I wasn't getting my Mac system drive back. This is from the System/Driverkit/Runtime/.../kernal/.../info.plist: Note that it changed the package type to 'FMWK' and the signature is '????'. I went looking for files installed by FMWK and found it had rewritten the code in my grammar checker for chrome to include thousands of lines of code. It took over root and all the groups. It added it's own acct and changed the root/admin password so I couldn't undo their program or kill it. It had a line of code in it that basiclly said, "if any of my files are changed or missing to add them back right away." I did try a lot of deephack moves on their code but it would just put itself back. It added hundreds of files in all different types such as js, php, xml, css, de, oss, json, h, c, html, intime, py, ssh, and more. They wrote files into the usr/local/opt, opt/x11/bin, lib/ext, lib/apple, sys/vol/data and added a burred directory called /zz/. They captured my fingerprint reader because I have all my passwords in a safe. This they used to control what I could get to and do. They added com.apple.lockoutagent and webpack bootstrap so neither I nor Apple support could use the system recovery section to rewrite the system. The grammar file base app was called Grammerly_popupeditor-denali.js. so I took it that they were from India. And I could go on for a long while about the code I found in these files but I couldn't do anything about it. I finally gave into the fact that they had won the battle and I totally cleaned the system drive and wiped my Mac til I knew it was clean. Then I used an external boot drive to reinstall the system. It's a good thing they couldn't get to my apple id password or my icloud id because they trashed my TimeMachine backup drive too and made it a mess. I had a couple of long days and nights breaking down what they had done and to what extent then reinstalling my system. I'm writing this account of their activities so other will be ware and maybe someone higher than me (Apple) will put them on the blacklist. Yes I did have Norton installed and it would have stopped them but they thought of everything and erased the main .exe file before they installed all this mess. Of course I could not reinstall it or any other app too. There are names for people like this that I won't say. I just hope someone shuts them down before we loose a government computer or something else important. It has taught me a valuable lesson in cybersecurity and that is to do better at it. They will get theirs someday. I found them out and so will others. Please put them on the blacklist Apple.
  2. Some weeks ago I realizad my Malwarebytes date is wrong. On "next scan" it says 01/01/21 and last scan says it was on 31/12/20. In the little icon at the top of the Mac screen says that scans are being done daily but when I check reports I can see that suddenly scheduled scans are not being performed. I deleted the app and downloade it again and I think it's working fine now but I still would like to know why this happened, I am a bit worried. Thanks
  3. I downloaded Malwarebytes Security a couple of days ago from the Playstore, it didn't say it was a 30-day trial, it said "in app purchases". The scan showed 98 programs having network access 36 programs can track location 15 programs can be device admins 30 programs can cost you money 38 programs can control your hardware I don't think I have to go any further. It took me forever to get to the malware.com website. The entire website looked ridiculous, the forum entries had mostly zeros, there were zero's at places where there should be numbers. Any suggestions? I also did not get a license key, I have a field to activate my trial in 28 days, where do I find my key? Thank you, Ladies and Gentlemen
  4. Last week our network was hacked into by an unknown party. Our firewall was open for remote connections to allow a firm that is performing major upgrades to our Microsoft Dynamics ERP software. Prior to this project, I set up a VPN connection on our Sonicwall firewall device and both myself and the local office of the firm doing the upgrades were able to log in successfully. However, the firm doing the upgrades has a team doing much of the work from India. The folks in India insisted they were unable to connect via the VPN and had to use a much less secure route. Yes, this should have been a major red flag, and I was very reluctant to allow this and suggested that I send them copied of the VMs and they work on them there, and return them when complete. Nope, we can't do that, so yes, the fool I am, gave in and allowed unsecured access. While I can't prove who logged into system, I can tell you that they used credentials that only myself, and the above firm knew. You decide ! Last Tuesday, one of the office staff tells me at 6 am that she can't get into her exchange mail and I go to log into my system to take a look and would get disconnected after a few seconds, over and over. I finally log in as the administrator and see someone logged in as me from a client that was not ours. I quickly ran to the server room and pulled the internet feed. I found they had left open multiple windows on a couple servers running commands and changing firewall rules. I also found they installed an IP scanner on one desktop and had it open as well. They successfully installed ransomware which wiped out a couple of our servers that I use for backups. Thankfully, they didn't get to all of the backups and tapes, and I was able to get us back up in a day or so. One thing that I found disturbing (well, even more disturbing) was that they uninstalled our Malwarebytes Endpoint agents, allowing the damage to be done. So, here is my question, can the Malwarebytes protection be made uninstallable or unable to be disabled by anyone, even administrators without a unique password, or special code specific to this purpose only? If not, maybe this is something that can be looked at.
  5. I got an email on winter from a ”Save Yourself” hacker which found one of my passwords. He hacked all my accounts, Battle.net, Steam, PS4, but he didn't hacked Google or Facebook. I restored my PS4 account with a hard work and on monday, I will try to restore the others two. I've enabled 2FA for Yahoo, Google, PS4, Facebook etc. I've found that I was hacked this may, but I didn't notice the mail. Today, I've checked the spam and found a guy telling he would post videos with me doing ... I have never doing that so I am not stressed, but after 4 hours I got the same email. I know his IP from Steam email address change. I found that he lives in Russia. How to report him to prevent people getting hacked by this guy? I know his bitcoin wallet btw. Please help.
  6. Been dealing with this for some time now. Just did a fresh reinstall yet again - Ran windows update and it said MDM is managing your orgizations updates and something about forcing me into using windows insider updates, All the security certs are fake - at least most of them, Was removing them them the hacker locked me of MMC. Yet Im on the admin account. I have run multiple antivirus and anti malware programs it never finds anything I am at a complete loss of what to do to get rid of this malware. Also it has windows update install really really old updates like my video card driver it installed was from 2017 - when I tried to install the up to date one it just fails. tried it in safe mode without networking also still failed. Any ideas suggests, any help whatsoever would be greatly appreciated.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.