Jump to content

Apple diagnostics confirmed


Recommended Posts

I need to know how to stop a socks proxy from connecting to my device. Apple has confirmed this via their enhanced diagnostics even down to a specific port. I am waiting on them, its been over a year and numerous devices and platforms. I have tried all the usual and above and beyond. I only recently found that specifically was how it was happening. So, how to block socks protocol on your IOS device please?

Link to post
Share on other sites

  • Staff

What you're describing is extremely unlikely to be caused by malware on iOS.

Account theft or fraud is typically done remotely, without any access to one of your devices. It can happen as a result of "credential stuffing," which involves use of a reused password that was part of a data breach on another site. It can also be the result of brute force attacks on the server, phishing e-mails, an attack by someone who knows you well enough to guess your password, etc.

Seeing things change on the screen by themselves is never a sign of malware on iOS, as malware that does exist for iOS has no need to do such things. Most likely, this is due to something like a faulty or dirty touchscreen or some other iOS glitch.

Hearing someone else on calls is also not a sign of malware. This is probably some kind of interference or other issue with your cellular signal. This is something you should talk to your cellular carrier about.

Link to post
Share on other sites

Apple had confirmed it. Last I spoke with them...they were "working on it". Sure extremely unlikely I get it. I can tell you that the guy hacking me is an absolute psycho. I am fairly tech familiar and know how devices should act. Again. Apple ran detailed diagnostics which showed that there is a socks connection via some port using Link Director.

Link to post
Share on other sites

Thank you for all of that but...

Instead of posting another sentence or two every few minutes in a new post ( on a Holiday when staffing is low ) please post logs and data files providing Apple's actual findings and diagnostic results.  Something that can actually substantiate your text.  Something that can be used as a source of information to provide mitigation information.

 

  • Like 1
Link to post
Share on other sites

Did you update to iOS 16.4.1 today that corrected two zero-day vulnerabilities? Possibly what Apple claims to be working on.

https://support.apple.com/HT213720

Edited by alvarnell
  • Like 1
Link to post
Share on other sites

Bounty's are paid to those who first identify a coding bug, especially one that causes a security vulnerability (such as this). According to Apple's documentation of these vulnerabilities they were found by Clément Lecigne of Google's Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty International’s Security Lab on or before March 13 when the CVE numbers were reserved. At most, I would consider your findings of being attacked were at least partially responsible for Apple's statement "Apple is aware of a report that this issue may have been actively exploited" rather than having initially discovered the coding error.

Not sure why you are not seeing the update as I haven't run into anybody else running iOS 16.4 or earlier that wasn't able to update. Afraid I don't know much about the flaws to say whether your attack is responsible. Probably time to reset and restore from backup.

Edited by alvarnell
Link to post
Share on other sites

Over the past year I have submitted around 20 reports to Apple. Each one receiving a one sentence response of "We failed to find a security flaw in your report". A slap in the face for a guy that had to teach himself about all of this to gain privacy for his family again. I had downloaded the beta for 16.5 previously to see if there was a fix in there. Last night I had an Apple representative tell me, "well, if you couldn't connect your phone to the internet, you couldn't get malware right?" What a joke. What is funny...the other night I submitted a bounty to both Microsoft and to Apple. I met the guidlines for demonstration and to be paid out. What are the odds two companies put patches out for unrelated things on the same day? Haha. My most recent two submittions. Made on the same night.

Link to post
Share on other sites

So the 16.5 beta explains why you were unable to find the 16.4.1 update. Apple seems to have a strict policy against allowing older versions from updating newer numbered betas. That leaves a small but significant number of beta testers hanging out for several days. I suspect there will be new beta releases early next week. My personal solution was to switch to the last  production release of Monterey and download Safari 16.4.1, and my non-beta iPhone to get the patches. I'll stick with those until I can update the rest of my OSs.

I've speculated elsewhere that the betas released ten days ago now don't contain the security updates just released for macOS, iOS, iPadOS and Safari. If they had a fix ten days ago, surely they would have released it much earlier, not on a Friday before a Holiday weekend. 

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

We can't comment on bug reports you have sent to Apple, but be aware that they have a very strict bug bounty program, and if the details provided or impacts of a bug are not sufficient, they will not accept the report.

As for what you're saying here, I still have not seen any details to support your claims. What specifically are you seeing that you believe indicates you are under some kind of attack?

Also, you say that you have talked to Apple and they have confirmed your device is under attack. This sounds extremely uncharacteristic of Apple. If they actually believe that your iPhone is under attack, they would be working with you to learn more and to help you solve the problem. This is what they have done with victims of nation-state attacks, such as attacks involving infection with the Pegasus spyware.

How are you contacting Apple, and what specifically are they telling you? Are they recommending some third-party product to fix the problem? If so, you're not actually talking to Apple. They do not do that for iOS devices.

  • Like 2
Link to post
Share on other sites

This is all very big. I will release all info after this is settled. I had an Apple representative say “if you couldn’t connect your phone to the internet, how could you get malware”? Apple has camped on the mantra “IOS cannot be hacked” publicly. Privately they shrug the responsibility. 
 

Apple has repeatedly ignored me since about 1.5 years ago. They completely turn a blind eye until recently forced through their own diagnosis to admit that there is an issue. I have submitted so much and asked for help so many times. I really need the right lawyer.

Edited by exploitedsquirrel
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.