Troubleshoot My devices all hacked or being accessed by a Developer. All events by hacker logged in Event Viewer

Status
Not open for further replies.
Infected operating system
Windows 7 and Windows 10 PC, iPhone 6 Plus on iOS 11 .2 6, Samsung Galaxy Tab, Android 7
Infected device
The software I have used is Trend Micro, McAfee live, Norton Internet Security, and a VPN service
Infected device issues
I first noticed issues with my Samsung TV, then my Windows laptop about 10 weeks ago around January 15th 2018. Shortly thereafter the problems spread to my Samsung tablet and my iPhone. Symptoms of my windows PC include virtual devices being installed as well as software, Event Viewer logs showing remote access and monitoring of my computer by external users. Mobile devices show tracking of my keystrokes, strange display, strange apps not installed by me, poor operation, device appearing not to be mine, homepage changes
Steps taken to remove the infection
See above. I have replaced most of my devices two or three times including my router and have utilized tech support from my device manufacturers such as HP, Samsung, and Apple and currently have 24/7 Geek Squad support who have scanned my PC for viruses and malware and have cleaned my device and reset it to factory default settings. I have done the same thing twice with my PC and with my Galaxy tablet. And replaced my iPhone 6 + twice with new devices. No malware or virus has ever shown up on any tech support or software scans and the changes made but the hackers changes show up on my new devices within a few hours

AnonymousIwish

New Member
Sep 26, 2018
2
I could post screen shots but I suspect no one cares. But I want it to be known this is a real threat. But you may or may not have attracted the attention of the federal government if this is happening to you. They aren't as secretive as they think and when they know you know they will act childish.
 

oldschool

Level 81
Verified
Top Poster
Well-known
Mar 29, 2018
7,044
@AnonymousIwish - I care! Noonebelievesme either! Help! I'm trying to remain.. anonymous, I wish..... I wish they would leave me alone. This is my anonymous wish :eek::emoji_hushed::barefoot::barefoot::barefoot::emoji_hushed:
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
I could post screen shots but I suspect no one cares. But I want it to be known this is a real threat. But you may or may not have attracted the attention of the federal government if this is happening to you. They aren't as secretive as they think and when they know you know they will act childish.
There's no easy solution. The majority are not targeted by the state, so we don't know how we can help. We're at most just volunteers with knowledge from past experiences.

If this issue is real, I'd recommend ditching all your electronics, at your expense. Don't buy second-hand electronics either.
 
Last edited:

Reggow

New Member
Dec 27, 2018
1
Well my apologies I just spent a very long time trying to insert the photos of my corrupted devices but the hacker is thwarting my efforts rearranging my pics replacing them with other pics so I give up.. seems he doesn't want me to share those pictures. Anyway I've got your advice Sly in previous post so got the help I needed or at least a starting point so thank you. I'm going to print and save it then carry it out when I can..
Hi. I feel your pain and frustration. For close to 3 years now, my neighbor and her merry band of tweakers have hacked our internet making life a living h(@!. I have learned not to underestimate said tweakers, for they have nothing but awake time to google how to hack. Over the 3 year period, as my knowledge and skills increased, there way of hacking has evolved. It started with brut force attacks against our Wi-Fi. Then they moved into breaking into the house to get access to a computer and installing several different remote access capabilities such as virtual Bluetooth Ethernet and several others. Tanks to event viewer and device manager I found and got rid of those. After about the 3rd time of them installing and me deleting the different RATS, they virtualized my driv It took me forever to figure that changes I was making were to a copy of the harddrive only. I finally managed to figure out how to un-virtualize it only to discover that we weren't accessing the "real" internet but a Windows server she had set up for our devices to connect to. Any time I googled something, everything but what I was googling would come up, pics and videos I had taken as proof had either been edited or disappeared completely. My daughter went out of town and I was home alone. For 2 days, I could not access the outside world. I couldn't connect to Facebook, no responses to my calls, text or FB messages. She completely shut me off from the world. (I don't drive.) Well by this time, we are on like our 10th modem. We purchase higher end modems so we shouldn't be having any trouble connecting. During this time, when we installed a new modem, all was well for a few days then back to the usual stuff. Then a lightbulb went off. I opened up one of the previous modems and found the board had been switched out. I keep records of serial numbers and mac addresses of all our devices because I have had the board switched on several phones. I went back and checked my records and sure enough, mac addresses are different. I decided to get another modem and go by the ISP and have them manually put in the mac address and serial of the modem. That way they have the correct info on hand and I should have been able to just install it and be connected. Nope. Had to call them several times and it wasnt connecting. Finally it connects but this got me thinking, so I tried a couple of things just to see if I was on to something. First I hid our SSID and ran a networking tool which was showing 2 of our networks, one hidden and one not. Both had the exact same SSID and mac addresses. I then changed the modem/router connection mode from dual to bridge mode. That should have shut down our wireless network but it didn't. I came to the conclusion that not only are they stealing our modem/router boards, they have intercepted the coax. I have found and cut several coax cable leading from our house to hers. She has our service going to her house and turned our router(well the inferior crap she stuck us) into a AP repeater. Everything coming or going to or from our devices goes through her. I have had people ask me why i havent responded to 3 days of texting me. She has responded, on subject, to text that wasnt sent to her. My daughter and I were inside our home discussing about going to the police about her. We get knock on the door, it's her niece telling us that they have the cops on the way because we are hacking her internet. Not only are they intercepting every thing from our devices, she has bugs and probably cameras to INSIDE our house. I immediately started checking the devices. I can't even tell you how many remote access scripts and programs I discovered. They can access our mics, cameras, and even gps remotely. They use that ability to steal from us. They don't just take things like normal thrives
Well my apologies I just spent a very long time trying to insert the photos of my corrupted devices but the hacker is thwarting my efforts rearranging my pics replacing them with other pics so I give up.. seems he doesn't want me to share those pictures. Anyway I've got your advice Sly in previous post so got the help I needed or at least a starting point so thank you. I'm going to print and save it then carry it out when I can..

I was reading about Google's Advanced Protection Program you referred to above. If assuming i'm correct and there are hackers accessing my devices remotely, using a keystroke logger on me, and take control of my devices, do you think this program, specifically using the 2 physical keys, would prevent the hackers from accessing my accounts? I'm willing to try anything but thinking if they can see my keystrokes not much I can do to safely use any app/device??
 

RoboMan

Level 34
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,399
Hahaha, there is 2-3 threads like this here where Average Joe's believe being hacked by nation-state spies craving for their holidays pictures and their limited amount in bank. Most stomaches laughes ever.
No jokes I once was massively targeted because I had one of Runescape's biggest bank. I was only a teenager. And they emptied by account dozens of times... Who would have though that Jagex e-mail saying they needed to re-validate my password wasn't original?
 
  • Like
Reactions: yuglyS
F

ForgottenSeer 58943

With proper formatting I might read all of that.

Responding to these alien-level hacking posts is exhausting and I can't help but always take the bait of these... :unsure: . But the reality is bro, if you don't control the Layer 1 (physical) access to your home then all bets are off. Give any decent hacker a few minutes with physical access to a home and you are pretty much hosed. This is why servers are located in high security COLO's behind cages, and with locked panels.

There are a few locks they can't get through in under 12 seconds; (probably only 5 or less people in the world that can bypass the locks below, and certainly not in the field)

BiLock Single Cylinder Deadbolt :: Deadbolts :: Door Locks :: Security Snobs

Bowley Lock Company Inc

Also replace junk window locks with cross-block latches and use window stop tabs if you have them.

You mention the board in your modem was swapped out. This actually isn't that far fetched. Years ago I ordered a flat panel from Costco. It arrived, I enjoyed it, then one day it popped and smoked. The manufacturer sent out one of their repair reps who opened it in and I could hear a bunch of 'WTF' from the other room. I went in and asked what was up and he said the normal components for the flat panel TV were swapped out with some custom looking stuff and that's why it blew. I've run into some pretty nice gear/components over the years that almost always goes into the lab with me at work for the boys and girls to play with. :love: But I must admit, not much exciting/fun stuff like this happens anymore to us and I kind of miss the attention. :cry:

Anyway, I can't respond to every point in this novel other than to say you should work on securing your physical location before even bothering with everything else.
 
Last edited by a moderator:
  • Like
Reactions: upnorth

oldschool

Level 81
Verified
Top Poster
Well-known
Mar 29, 2018
7,044
I believe the best security is never, ever leave the house. That way, you'll be able to catch the thief/hacker in the act. Unless they're wearing a disguise. That could be problematic. But at the very least you'll be able to see exactly what they do so you may take corrective action. Also, staying indoors at all times is a good source of ionization. Ionization helps recharge your aura. Your aura will act a pre-defense. All electronics should be kept in a locked bathroom, with a full tub of very hot water to create a lot of moisture in the air. The more humid, the better. The water vapor acts as a hacker barrier and it lubricates all the boards and connections. Also very good for colds and flu. And always keep a pot of homemade chicken stock on the stove with the lowest flame possible. This emits antibiotics into the air, making an excellent first layer of security. For more tips I recommend keephomesecure.net and a good farmers almanac for chicken stock recipes. But please do NOT post security configuration here on the forum. Stay informed and stay secure! (y):alien: :emoji_hushed::barefoot::emoji_hushed::barefoot::emoji_hushed::barefoot:
 

kylprq

Level 4
Verified
Jul 26, 2018
146
Hi. I feel your pain and frustration. For close to 3 years now, my neighbor and her merry band of tweakers have hacked our internet making life a living h(@!. I have learned not to underestimate said tweakers, for they have nothing but awake time to google how to hack. Over the 3 year period, as my knowledge and skills increased, there way of hacking has evolved. It started with brut force attacks against our Wi-Fi. Then they moved into breaking into the house to get access to a computer and installing several different remote access capabilities such as virtual Bluetooth Ethernet and several others. Tanks to event viewer and device manager I found and got rid of those. After about the 3rd time of them installing and me deleting the different RATS, they virtualized my driv It took me forever to figure that changes I was making were to a copy of the harddrive only. I finally managed to figure out how to un-virtualize it only to discover that we weren't accessing the "real" internet but a Windows server she had set up for our devices to connect to. Any time I googled something, everything but what I was googling would come up, pics and videos I had taken as proof had either been edited or disappeared completely. My daughter went out of town and I was home alone. For 2 days, I could not access the outside world. I couldn't connect to Facebook, no responses to my calls, text or FB messages. She completely shut me off from the world. (I don't drive.) Well by this time, we are on like our 10th modem. We purchase higher end modems so we shouldn't be having any trouble connecting. During this time, when we installed a new modem, all was well for a few days then back to the usual stuff. Then a lightbulb went off. I opened up one of the previous modems and found the board had been switched out. I keep records of serial numbers and mac addresses of all our devices because I have had the board switched on several phones. I went back and checked my records and sure enough, mac addresses are different. I decided to get another modem and go by the ISP and have them manually put in the mac address and serial of the modem. That way they have the correct info on hand and I should have been able to just install it and be connected. Nope. Had to call them several times and it wasnt connecting. Finally it connects but this got me thinking, so I tried a couple of things just to see if I was on to something. First I hid our SSID and ran a networking tool which was showing 2 of our networks, one hidden and one not. Both had the exact same SSID and mac addresses. I then changed the modem/router connection mode from dual to bridge mode. That should have shut down our wireless network but it didn't. I came to the conclusion that not only are they stealing our modem/router boards, they have intercepted the coax. I have found and cut several coax cable leading from our house to hers. She has our service going to her house and turned our router(well the inferior crap she stuck us) into a AP repeater. Everything coming or going to or from our devices goes through her. I have had people ask me why i havent responded to 3 days of texting me. She has responded, on subject, to text that wasnt sent to her. My daughter and I were inside our home discussing about going to the police about her. We get knock on the door, it's her niece telling us that they have the cops on the way because we are hacking her internet. Not only are they intercepting every thing from our devices, she has bugs and probably cameras to INSIDE our house. I immediately started checking the devices. I can't even tell you how many remote access scripts and programs I discovered. They can access our mics, cameras, and even gps remotely. They use that ability to steal from us. They don't just take things like normal thrives

you must go to the police
 

RoboMan

Level 34
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,399
I believe the best security is never, ever leave the house. That way, you'll be able to catch the thief/hacker in the act. Unless they're wearing a disguise. That could be problematic. But at the very least you'll be able to see exactly what they do so you may take corrective action. Also, staying indoors at all times is a good source of ionization. Ionization helps recharge your aura. Your aura will act a pre-defense. All electronics should be kept in a locked bathroom, with a full tub of very hot water to create a lot of moisture in the air. The more humid, the better. The water vapor acts as a hacker barrier and it lubricates all the boards and connections. Also very good for colds and flu. And always keep a pot of homemade chicken stock on the stove with the lowest flame possible. This emits antibiotics into the air, making an excellent first layer of security. For more tips I recommend keephomesecure.net and a good farmers almanac for chicken stock recipes. But please do NOT post security configuration here on the forum. Stay informed and stay secure! (y):alien: :emoji_hushed::barefoot::emoji_hushed::barefoot::emoji_hushed::barefoot:
LOL
 
D

Deleted member 178

I'm happy that at least one MT member can see value in my security tips!
You forgot buying live pigs stored in the basement, their excrement is high on methane which can be transformed into gasoline to power the house, then you will fool hackers trying to compromise your network using the electricity grid and PCL.
 

RoboMan

Level 34
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,399
I have heard birds are good pets in these cases because they can sense hackers 30 miles away, therefore their singing will alert you about hackers or it could just mean they're hungry (you will need to indentify which is the case, but you can use albanian iguanas since they can identify the exact singing of birds, just be careful they don't eat them).
 
D

Deleted member 178

Holy moly, this is perfect for an action movie. Are you sure there's nobody hidden inside your house taking physical control over your devices? :eek:
Thinking about this reply, you may nail the truth!
If the OP is in a psychiatric institution, the "hackers" could just be the hospital employees, they would indeed have the keys of his cell, "breaking in" to check his online behaviors...

Now compare the events he describes but placed in the context I just gave, it does indeed make sense now...

LOOOOOOOOOL
 
  • Like
Reactions: RoboMan

RoboMan

Level 34
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,399
Thinking about this reply, you may nail the truth!
If the OP is in a psychiatric institution, the "hackers" could just be the hospital employees, they would indeed have the keys of his cell, "breaking in" to check his online behaviors...

Now compare the events he describes but placed in the context I just gave, it does indeed make sense now...

LOOOOOOOOOL
LOL

Where's Umbra Total Security when we need it? It sure would have stopped the hackers, and spread through all their hacker's colleagues via brain memories
 
  • Like
Reactions: oldschool
F

ForgottenSeer 58943

I guess you could do this and really forgo all of the drama. I don't care who they are, this is going to present some major hassles for them and won't cost you too much money;

1) Replace your deadbolts with Bi-Locks.
2) Keep Windows locked, with the opening stops engaged (or use stick/bar)
3) Get a NON-PUMA Chipset Modem. (might I recommend a CM1000, and change the login credentials for it)
4) Get a Gryphon router. (DO NOT activate it yet)
5) Get cheap Tracfone and activate the phone. (burner)
6) Download Gryphon App onto the Tracphone.
7) Get a big bag of Ferrite Ring Core (Ferrite Chokes) on Ebay and put them on all of your cords to your electronics. (especially modem and Gryphon)

Next, this should be done orderly.. First install the new locks on the doors, and secure the windows. Turn off WiFi on all devices. Unplug the ethernet from every device. Disconnect the cable from the cable modem and power it down. Leave the cable disconnected overnight so you bump to a new IP scope.

Plug in the new cable modem (including coax), login to the new modem (192.168.100.1), change the PW to something tough. Now plug in the Gryphon to the modem, install the Gryphon App on the Tracphone. Setup the Gryphon as per the instructions ensuring your WiFi SSID's are good, and the passwords are great.

Now go into each WiFi device and FORGET every network. Disable auto-connect, Hotspot 2.0 and all of that other rubbish on each device, then connect them to the Gryphon SSID. Connect your ethernet cords back to wired devices. But ONLY connect that which MUST have internet. Reduce your threat surface by reducing the devices that really need internet. Once all devices are connected, set the Gryphon to BLOCK ALL NEW DEVICES.

Your Tracphone will serve a few purposes now.. It's your Gryphon Control Device and your Two Factor Authentication device. Enable TFA on every account you have. When you are not using the Tracphone turn off WiFi on it, and toss it into a SCIF/RFID bag. (Signal Blocking Bag they are called on Amazon, etc).

If you still get hacked after this, then we really need to talk. :) Basically, most vectors are now closed except for some really powerful adversaries.
 
Last edited by a moderator:
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top