I don’t want to go into to much detail, but I am an ID theft victim. I have been diligent in starting over since everything happened beginning of March 2022 (ie new router, modem, phone, even phone #). Now, I am experiencing some similar issues as I initially did in March before I realized I’d been hacked. Again, I’m deliberately refraining from exposing too much info, but I really need help.
So…I have have taken a dive into my macOS logs. Specifically, the Wi-Fi and install logs. Also, I’ve been keeping an eye on my network settings per the system preferences dashboard. Nothing looked out of line until I noticed reference to some network changes per the install log that was generated per a clean wipe and fresh install of the macOS on may 10.
Per the log:
Configd: DHCP en0: publish success
Configd: network changed v4(en0+:192.168.1.202 DNS+ Proxy SMB
…addl output…
RTADV: en0 DNS experiation timeout Mon May 16 …
There is also reference to the following:
configd: QoS marking policy: XHC20: enable
QoS marking policy: sysctl
Questions:
-
Per the above output, am I connected to a proxy server?
-
If so, why don’t my Network Settings per system Prederence show such?
-
Is reference to XHC20 in install log referencing potential use of wire shark, etc on my network?
Sorry for Bree city of this post as there is so much more to explain, but suffice it to say I have confirmed my online banking passwords have been changed again. I certainly didn’t change them yesterday so someone else did. As those issues were concerning to me, I thought I should research a little on my end.
One of the things I did was to use terminal and execute nslookup discover.com to see what the up Indicated per my Mac was. Naturally, one of the ways my passwords could have been intercepted is per browser redirects.
Suffice it to say, I confirmed the output I received was not for discover. I had an exhaustive discussing with them about this so please don’t bash me or question how I know (as occurred on another board where the first response was that a Mac can’t get hacked so I must be making this up). To be honest, I wish I was. I’d certainly be a lot better off.
I’ve been through a lot over the last couple of months. I’ve returned three (3) brand new MacBook pros and a new iPhone 13 pro max that had been analyzed by Apple personnel both in person and via screen share sessions on numerous occasions. I even followed one Apple Senior Techs advice following one screen sharing session to buy all new equipment. I’ve contacted the Authorities on several occasions about things that had occurred as well as closed all of my online checking and savings accounts after they had been drained to a zero balance. And…there is so much more I’ve done. I’m exhausted and need help so please help if you can.
And thanks in advance for any and all feedback.