Jump to content

I KNOW someone has installed remote monitoring and keylogger software on my Macs, I KNOW this person has stolen a MacBook Pro and a MacBook Air, Cloned my iPhone, copied my hard drive.


Recommended Posts

Will I ever feel safe again? I am so tired of finding information that I can't fully understand but due to the dates I know who was doing what with my devices. For example, mach_init_per_login_session.d whatever this is happened the day after I became permanently separated from my MacBook Air. According to my Google Timeline my MBA was last located at my ex's house when I have never been.  There was also a re-install of my OS shortly after I never saw my MBA again and all kinds of other leavings with significant dates. I think due to iCloud, OneDrive, the long extensive history of my Apple ID takeover, the close association of our Apple ID accounts, also our devices I have a lot of information about activities involving my devices and my data. I also have a lot of other data that doesn't belong to me, but does belong to my ex on my devices, my externals, iCloud and other Cloud storage like OneDrive. Anybody? I didn't know it was happening then so I don't know if it's happening now, you know? 

Link to post
Share on other sites

So can you still pull up the MBA on Find My?  Call the police and tell them where they can find it.  You should have the option to erase and lock the devices too.  


Below is information for the computers you still control.


If you feel like your computer has been compromised you should format it.  


You can hunt down the processes if you have the technical knowledge but even if you know what you're doing you still run the risk that you miss something.


If the person was able to install one program, they could have done more.


I would use a freshly formatted backup volume.  Something larger in size than your largest mac's hard drive space.  If you have a 1TB iMac for instance, use 2TB or larger.  You can use a 1TB drive but some manufactures have variances in size.  If it's even a few bytes smaller it won't work (at least with the built in Time Machine).


Make a backup using Time Machine and/or third party software like Carbon Copy Cloner  -- sometimes I'll do both to be extra sure.


After you've made a backup Apple's website is a good place to start understanding how to reinstall MacOS https://support.apple.com/en-us/HT204904


And then you'll want to migrate your data back to the machine. https://support.apple.com/en-us/HT204350


If it were any of my machines and I had any indication of anything funny going on... especially if you've trusted someone with access to these computers and they have a motive to do this to you... I'd format the machines and do fresh installs to be safe.  


Just make sure you understand what you're doing first and the risks involved.  Make sure you're using backup drives you trust.  Personally, for reliability I only use Samsung SSD... they make the job much faster too.  Seagate backup plus drives have been reliable for me too, much more affordable solution.  But it might take forever because these cheaper drives have their limitations.  If there are a lot of small files in your backup you may need an SSD to back it up.  I just wouldn't want to do a backup this important on just any old drive you have laying around.  Now, if you have a couple of cheap drives and you do Time Machine on one and CCC on the other... I'd trust those odds.

Link to post
Share on other sites

Thank you but, this is not a response to my issue. In my post I say "There was also a re-install of my OS shortly after I never saw my MBA again " I worked for Apple for seven years, four of those years I spent as a fraud prevention analyst for the apple Online Store. My question may be vague so I apologize. Since I don't know how my ex got into my devices to hack and spy and steal data, erase data, use my data to harm me, successfully I might add, I don't know for sure he's not doing it right now. What is a terminal command mightI  use to confirm the type of connections to my device, and how and when my device was accessed remotely and when data left my device and how?  My ex copied my entire HDD how and when? I know my ex used script editor to steal my data. How do I locate information on what was exported/left my device thru the tool? 

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...