Hey guys thank you I am being devoured by hackers

1FING_ding3
1FING_ding3 Lewisburg, Tn.Member Posts: 15
10 Comments

Hey guys thank you I am being devoured by hackers. Please see photos because that’s the best way I know to try and explain this.

I was just wanting to get this up and because I’m excited and pissed. I have been fighting this for three months. The SS ID for the things I’m showing you 10 minutes ago were “ATTSUszc-TA(Arris Router)” and “SpectrumSetup-F1 (Askey Computer)” and they suddenly changed to kind of mimic my names. I will put together some more information thank you so much.

THERE DISTANCE CHANGED SOME WHEN THE NAMES DID (WTF?) from like 96.9m to 54.5m / 48.9m on the Askey / MySpectrumWifi30-2G and 248.9m to 385.7 on the SpectrumSetup-F1 / MyCharterWifi8-2G.

The [email protected] and 2GcharterWIFI are my ssid.

thank you there’s way way more. 4 main major attacks that I fought 8-12 hours each time then there were these to start.

  1. Google meet (ex nex wife) IMG-20220622-WAO…..? That I believe downloaded a servicelogin that holds the door open.
  2. i caught them try to plant something to do with “Find My Device”.

Best Answers

  • AlexTheStampede
    AlexTheStampede Member Posts: 6
    Second Anniversary 5 Awesomes Photogenic First Answer
    edited September 2, 2022 #2 Answer ✓

    Edit: damn you added a lot of stuff while I replied! Uhhh... I'll check that out.


    Being on all channels is normal as routers will try, with varying degrees of success, to change channel to ones less used.

    By the way I just figured out what was the problem with Atalanta! Your account says you're from Tennessee, so it feels weird, right? It just means that the closest server to do the speed test was there.

    Traceroute has quite the reputation thanks to movies and TV, pinpointing devices anywhere in the world and sometimes to a specific spot in a building! Well, what you've seen is the reality: it follows the network infrastructure and said infrastructure is often going to block it causing anything from mystery hops to complete stop and, worse, they usually end up at a big data center for the isp. Quite likely in the wrong city. Now I'm in italy so things are a little smaller, scale wise, but believe me when I say that if it gets just 200 km off, that's already pretty close. And in italy that's not a trivial distance. Having said that, I'm confused by your results. What did you try to Traceroute and how did you do it? Since it works with ip addresses those need to be connected to your network for you to see them and run the Traceroute, something that should lead to a single hop. It's... weird, but I can think of a very odd configuration of the isp network that COULD do something weird. Do you get any similar odd results with devices you know? A tablet, that Xbox, anything really.


    More things worth mentioning: the mystery devices are (Google says) a Samsung Galaxy Tab 8 and a Samsung Galaxy S8 for AT&T. Does that ring any bells? But either way there's a problem for tools like Fing nowadays, a common security feature in modern devices is to randomize the mac address to avoid tracking and disguising the device. It's good stuff overall, but if it's enabled you risk seeing messages about new devices you've no idea what they are! And that's why I think you have apparently two each of the Samsung devices. A note, the mac address has nothing to do with Apple, it's that lenghty bunch of numbers and letters with ":" in between.


    Finally I'd say the part with the most speculation on my side is why your devices have issues, and your son's don't. It's possible that his stuff is configured differently, for example the Xbox might benefit from a static ip and a few settings in the router, all stuff not difficult to find online so there might have been a few tweaks here and there. Potentially without understanding what they do and maybe causing issues for other devices. Or simply being set up in a specific way they are not being effected by whatever causes issues to your stuff. If we're talking teenagers, maybe a little tech wise, well... any recent arguments that could have lead to some sort of retaliation? Keep in mind that I don't believe this is the case, but you know. Another thing that could have happened is related to the randomized mac address and Fing, if you didn't recognize a device and blocked it, you might've been just so lucky to have blocked your own stuff. Or maybe it's some odd issue with your isp, hard to tell.


    If you have any other questions do ask, but I don't think it's going to be easy to answer them. But overall I think there's nothing to worry about hackers! Even if I do realize that as a random internet stranger, my word has very little weight :)

    1FING_ding3
  • AlexTheStampede
    AlexTheStampede Member Posts: 6
    Second Anniversary 5 Awesomes Photogenic First Answer
    #3 Answer ✓

    Now that would've been a great place to start. Good and bad news, they're the same so here it is: your instincts are correct! There's something wrong going on. And by the looks of it... actually let me point out that in italy there's a saying "tra moglie e marito, non mettere il dito" and it means to not get involved with personal matters between husband and wife. I'm going to stick to that. Anyway, the point is that the Google meet was almost certainly what started this, but keep in mind that it's quite likely just bad luck and not malice! Your ex might not even know what you are going through, as that sounds (to me! But I don't know either of you) that she got her Google account compromised by using a bad password or falling for phishing, and then you got that Google meet. If it was pretty much only the link and maybe some generic "You should probably see this" then it feels like automatic rather than her. Point is, now the weird stuff makes a lot of sense! The transcript of the Traceroute (much to my surprise) was useful as the second hop seems to be a VPN service, then most of the new pictures point towards a virus AND a configuration profile! In other words your Windows computer has a virus messing with it, apparently preventing you from accessing the settings as there you could do something about the profile... that (New York! It was an important detail! Good catch) also makes you go through a VPN. Why? No idea, but that's not good as it opens a lot of options to cause trouble. Your Mac and iPhone are fine-ish, because probably the only issue is that profile and the vpn, and here's some good news https://support.apple.com/en-gb/guide/iphone/iph6c493b19/ios that's a guide on how to remove the profile from your iPhone. All of this by the way, explains why your son has no issues: he didn't open that link, so his devices are clean.


    Bad news, you'll probably have to format and reinstall Windows to get rid of all traces of the infection, given how nasty this stuff can be I suggest considering doing the same also for your Mac and iPhone, further bad news is that this is a great way to steal passwords so I would suggest (on a clean device!!!!) to change your passwords, starting with the services you used since the trouble started. Keep a close watch on your credit card and bank accounts for any suspicious activity. What else... yeah I think that's all. Not great by any means, but this might be a better scenario than the one you imagined?

Answers

  • 1FING_ding3
    1FING_ding3 Lewisburg, Tn.Member Posts: 15
    10 Comments

    PHOTO I WAS TRYING TO LOAD

    I JUST FOUND THIS TOO but haven’t located “INTERNET PERFORMANCE in Atlanta Ga”


    AND THE PLOT THICKENS. NANA and B9 HAVE JOINED THE RANKS:again….wtf?


  • 1FING_ding3
    1FING_ding3 Lewisburg, Tn.Member Posts: 15
    10 Comments

    Too much?

    I REALLY NEED HELP IN A BAD WAY. IF ANYONE SEES THIS AND CAN POINT ME TOWARDS AN EXPERT OR INFORMATION I SURE WOULD APPRECIATE IT.

  • Pixel
    Pixel Devon, U.K.Member, Moderator, Beta Tester Posts: 387
    100 Likes 25 Answers 100 Comments Second Anniversary
    ✭✭✭✭
    Hi, I’m afraid the presentation of your enquiry is very confusing and it’s not clear what the problem is.
    The only thing I can deduce is that the photo’s seem to be displaying other wifi networks in the local vicinity. which isn’t a problem as far as I can see. 
    It would help considerably if you could be more specific about the actual problem you are experiencing, then you are likely to get more helpers.
    Sorry I can’t be more help.
  • AlexTheStampede
    AlexTheStampede Member Posts: 6
    Second Anniversary 5 Awesomes Photogenic First Answer

    As far as I can tell, this is just a big misunderstanding of what you're seeing. For example as apparently you have an iPhone, ask Siri to "open find my" and you'll see that find my device is an Apple service, stuff used to find other Apple devices you own and automatically enabled the first time you turned on the phone. Most of the screenshots are (really! Only more detailed) just a list of nearby access points, the same thing as going in your phone's Wi-Fi settings to choose what network to connect to. Similar names are not something that is scary, for example Spectrum is an internet service provider, I guess? So it's normal to see similarly named Spectrum this and Spectrum that networks if any of your neighbors have the same. Depending on the interference at a specific time, you might be able to catch a glimpse of networks that are further away than usual, so that would explain far networks coming and going. Additionally, changing name of a Wi-Fi network (you own! Not other people's) is very easy and can lead to funny network names. Or just an endless sea of Spectrum this, Comcast that and so on. As a side note, the distance reported? Wildly inaccurate to say the least. I have an access point on the other side of the house that Fing says is 45 meters away! Hilariously wrong.

    The "channels" bit has quite literally nothing to do with security, it's just to optimize your network: if a lot of the Wi-Fi in the neighborhood are for example on the channel 6, then that one will be full of interference causing low range and poor performance of the network. Picking a channel that's not as used, or better yet free, will lead to better Wi-Fi.


    The rest, is admittedly... just hard to understand what kind of issue you see. The Xbox picture for example? All it's telling is that you have an Xbox at home, so unless you don't, that's perfectly fine. The one about the location history is, I think, just telling you that at some point you denied the "Always" location access to Fing, so going into the system settings app and scrolling down until you find Fing, then in "location" changing the setting to "always" would solve it.


    Is this helpful in any way?

  • 1FING_ding3
    1FING_ding3 Lewisburg, Tn.Member Posts: 15
    10 Comments

    That would be all well and good if every device I personally use (not my sons) didn’t become a paperweight when I use it. Just mine, not his.

    No doubt that my presentation is confusing. Thanks for your time and efforts, Alex and Pixel.


    1) they are on every channel. Is that normal? Traceroute goes cold 5 hops away in New York. (They all 4 have the same route) Then goes cold and untraceable.


    Please stay with me I have to figure this out. Thank you so much for your patience. I will be back with more soon. I will try to be more precise

  • 1FING_ding3
    1FING_ding3 Lewisburg, Tn.Member Posts: 15
    10 Comments

    My phone my new iPhone 13 Pro showing extra people on it I’m sorry on Google.


  • 1FING_ding3
    1FING_ding3 Lewisburg, Tn.Member Posts: 15
    10 Comments

    Traceroute

    I ended up with fing showing “my network” , that I was on, was in New York.



  • 1FING_ding3
    1FING_ding3 Lewisburg, Tn.Member Posts: 15
    10 Comments

    When I said my net work and the previous comment I meant my service provider.

    My laptop paperweight. My uneducated guess Is that it’s been infected with “known privilege escalation attack WScript.exe PID2576”.

    The above picture is from the MacBook incident previously. So far it’s claimed my desktop a cell phone MacBook Air and my laptop. I believe it has infected this phone but not sure yet.

  • 1FING_ding3
    1FING_ding3 Lewisburg, Tn.Member Posts: 15
    10 Comments

    I feel like I need to back up and give you some idea of how this started. Mine covert narcissistic sociopath of an ex-wife I believe started this with a Google meet where I clicked on an image named IMG.20220622.WAO…. That infected my phone or actually Google account with a servicelogin Program and that was June 16.

    Sorry I could not or did not take the time to turn the picture around. From what I hear she wants me dead.

  • 1FING_ding3
    1FING_ding3 Lewisburg, Tn.Member Posts: 15
    10 Comments

    If you’ll hang with me I think you’ll see.

    thank you so much. I’m at my wits end

  • 1FING_ding3
    1FING_ding3 Lewisburg, Tn.Member Posts: 15
    10 Comments

    This is a targeted attack. She’s trying to get pictures I may have that show who she really is and the evidence of her involvement in this latest attack. Covert narcissistic sociopath therapist long term addict, 30 year marriage/ relationship, 2 times “destroyed” me, the latest and this after I saved her life from 2 overdoses while spending 2 years babysitting her and protecting my son. She has everyone from judges to hackers in her pocket (and pants). Total destruction to date is 4 million dollars and my reputation as an entrepreneur/ businessman.


    Notice that everything is picture, media, related.

    Do your “save draft” and “post comment” buttons flicker as you type on here?

  • AlexTheStampede
    AlexTheStampede Member Posts: 6
    Second Anniversary 5 Awesomes Photogenic First Answer

    Save draft and post comment do flicker a bit, it's when the draft is saved automatically. The post button gets very light blue, and the save draft, at least on my phone that's a few years older than yours, shows just long enough that it's changing into "Saving Draft...". Easy to trigger, just type a word and then stare at the button for a few seconds.


    Another quick tip, don't use the iPhone's marker tool to censor stuff. Black seems to cover, but it won't do it properly and tweaking the image will reveal potentially all that was supposed to be hidden...

  • 1FING_ding3
    1FING_ding3 Lewisburg, Tn.Member Posts: 15
    10 Comments

  • 1FING_ding3
    1FING_ding3 Lewisburg, Tn.Member Posts: 15
    10 Comments

    Lookup Mitre Attack. That long S number was the key. Thank you buddy!!!!!!!!!!