I understand what ill be askingnis not for this sub, but i dont know where to turn, and that is what im hopjng to have answered.
- In early January my family, close family in proximity (homes within 10 miles) and adjacent neighbors all had our mobile phones hacked. Apps installed and installed attrr this date have erroneous permissions, and so many of them with redundant permissions that it would have been impracticlenif not impossible to track which app was actually leveraging each permission. (Permissions such as rerouting calls, rewriting call logs, directly sending sms, keep phone from sleeping, gathering accounts info, gather phonenidentity, etc.) Nearly if not literally every app functioned this way after the hack.
Only one phone got a positive for a rootkit, and nfb it was the smartthings app from Samsung.
- Any and all electronic devices i attempted to boot would immediately have partitions rewritten, and apparently a persistent rootkit and/or an entirely new firmware flashed. On any PC id try to load Windows 10 installers from, the malware would boot to a ramdisk that would install a version of windows 10 that had many custom services and drivers installed that would enable remote manipulation of devices. For example, turning the PC's wireless adapter into an access point, furthering this perps physical reach.
Id never be allowed to read jnto anythingnof any substance, as though a System account or "the" system account directly MJ prevented my admin, or later, supernuser accounts from reading into the purpose of these services, drivers, policies, etc.
3.the issues with plugging in a mobile device in order to investiagte what these apps were actually doing continued when booting up linux, unix, macos, anything. Id come to find even appliances aro uh nd my home had their firmwares rewritten or replaced with malicious versions. All this kept me from investigating anythjng n.v sing legitimate tools.
-
(Very interesting) I noticed one night that a hidden network had appeared within range of my home one night. I attempted my neighbor's ssid and pw, wps2, and could connect to the hidden network... apparently, an evil twin attack had been or was being performed on my neighbor. Much later i would come to find that other adjacent neighbors were also being MitM'd.
-
I dont recall how, but it may have been early on when i was able to capture some traffic... i could see that my three neighbor's aps were actually aps in an 802.1x EAP wireless network.....
6..... backtracking just a little bit, my home ISP was all the while providing me with my leased IP and presumanly DNS, but each modem or gateway i would install would immediately be pummeled with mDNS packets, relentlessly... My gateways as well as network devices would all have their LAN adapters, wireless or wired, to have several virtual interfaces that data would be sent and received using. These virtual adapters would be named things like "dummy0_int" p2p_int, etc.
Most if not all traffic would be moved using an executable named"vpnclient.exe" or something equally as generic sounding.
Theres is so, so much more to this that id be willing to unwrap id I've got anyone's ear, but for now i just need to know where ro go with a problem like this. My wife and i just recently had a baby, happy and healthy, so we can't afford a forensics or investigator type at this time. We have absolutely looked into that, and their rates are simply too high for us.
Id like top keep things public if this thread should see the light if day, for more than one reason.
If anyone can help point me in the direction ro answers as top what might have happened or is happening to my neighbors and me, I'd be forever grateful, as would my family.
Thanks, r/networking. Siri for the typos im on a new mobile phone.
No comments:
Post a Comment