stalker hacker situation going on for 2 years, security help needed

[Mominneed]

Hello HAK5 community! Someone who is very skilled at hacking, spying, and covering his tracks has been invading my privacy for almost 2 years.  I've spent countless money on security systems, cameras, new phones, and computers and it continues.  I'm a single mom with 2 young children and am at my wits end with where to go from here to gain privacy.  I have had IT people come out several times, my router and modem reset, scans and sweeps ran, etc.  Every time I get a new computer or phone weird things happen to it and I know my iphone of 2 months has been compromised.  It's like someone is operating it remotely, turning on airplane mode, messing with my texts, connecting to wi-fi when its been turned off the whole time except for updates.  And I just noticed last week that my security apps have been accessed at times I'm positive I have not been on those apps... for long periods of times.  I get notifications that Lookout has been disabled often as well.  I just bought another burner phone and am trying to go off the grid as much as possible especially with my phone but am not feeling secure with my new laptop either.  I currently use a mifi and VPN to connect my laptop since my wi-fi network seemed to be the weak link initially. I hid the mi-fi name but have read how these are not super secure even with VPNs.  Is this true?  Can someone remote in or access your data on your laptop if they have not had physical access to it?  Any tips or advice is greatly appreciated.  I am not techy but have been forced to learn some things.  I also have a physical key for 2 factor authentication but can only use with some applications.  Thank you very much in advance.

[digininja]

Buy a dumb phone and move to a shed in the woods, you'll be fine then.

[Irukandji]

I don't know if this would help.

https://darknetdiaries.com/stalkerware/

Yes I'm linking to darknet diaries podcast site. But what Jack has curated is neat.

[Waspandy]

I own a company specializing in online privacy since 2012, and I have seen similar cases where it was difficult, despite throughly debugging, to weed out a stalker. You don't give much information about the circumstances, which makes it difficult to help you. Usually in these situations it requires an extensive process of elimination to identify the weak spots, and properly secure your environment, but more information is needed. In several of these cases, usually with ex partners, the stalker had physical access to equipment, without the victim knowing. In one particularly bad case, a mutual 'trusted friend' had the access.

[digininja]

And there is the reply from the initial setup message, what a shock.

[Waspandy]

What a bleak outlook on life you must have, if you really think I am in cahoots with OP. Please educate me, and let me know what any of us would gain from this, so I don't risk helping other people again. 

[digininja]

I think that as I've seen this process play out many times on forums. The OP posts a very similar question usually giving an oddly specific amount of technical info in certain areas while claiming not to be technical, and then someone else comes along, usually on a new account (very good timing you joined and read the message at just the right time) and suggests that they would be able to help solve the problem.

There is then some discussion in which the person offering help, you in this case, promotes their company and so get links or advertising on the forum under the guise of helping someone out.

The other way this sometimes plays out is that the second poster claims that the same thing happened to them once and they recommend this amazing program XXX which they then gush about and give links to, again, gaining free advertising for their app. The app usually turns out to be some dodgy thing that should never be allowed near anyone's machines.

The last option I've seen is that the OP posts more info over the space of a few days, has some interactions with people, and then claims to know the email/instgram/facebook account of the person doing the nasty stuff to them, and asks for help hacking that account. Only to get proof you understand, nothing malicious, they just want to get full access to they can prove things.

[Irukandji]

Yeah this is suspicious. Often how many times this has happened on the forum.

[digininja]

I've not seen it here for a while, there was the spate of people claiming their Apple lives where hacked and dumping whole loads of iOS debug info claiming that it proved that spyware was running on their phones but again claiming to have no technical knowledge. That was about a year ago I think.

I've seen a couple of this style this year on other tech forums I use.

[Waspandy]

It would have been a lot nicer towards a new member, just to write the explanation, instead of assuming right away that I had malicious intent joining. Not exactly the welcome I expected.

[digininja]

If you are legit, then I'm sorry, but once you've done the amount of forum moderating I have, you become quite jaded about this type of interaction.

[Rkiver]

It's common enough that suspicion is warranted.

And thankfully if legit, well then we can always apologise. 

[Bigbiz]

On 10/24/2021 at 6:27 AM, digininja said:

I think that as I've seen this process play out many times on forums. The OP posts a very similar question usually giving an oddly specific amount of technical info in certain areas while claiming not to be technical, and then someone else comes along, usually on a new account (very good timing you joined and read the message at just the right time) and suggests that they would be able to help solve the problem.

There is then some discussion in which the person offering help, you in this case, promotes their company and so get links or advertising on the forum under the guise of helping someone out.

The other way this sometimes plays out is that the second poster claims that the same thing happened to them once and they recommend this amazing program XXX which they then gush about and give links to, again, gaining free advertising for their app. The app usually turns out to be some dodgy thing that should never be allowed near anyone's machines.

The last option I've seen is that the OP posts more info over the space of a few days, has some interactions with people, and then claims to know the email/instgram/facebook account of the person doing the nasty stuff to them, and asks for help hacking that account. Only to get proof you understand, nothing malicious, they just want to get full access to they can prove things.

Like a online phishing 

[digininja]

Either phishing or spamming but manually and with a bit more finesse than just drop links in and hope they stick.

[NxXxP]

I was curious about the poster mentioning her phone got into ap-mode, that's wery odd thing to do for a intruder.   The other thing that doesent add up here is  that someone skilled enough to do what she's describing, would leave the system full of traces like that , no way....Listen,  Checking activity logs on phone apps are not saying you anything more than that you have been online with the device, and this is how it is.  if her devices been changed several times, and assuming she's not copying info from her old phones on to new ones,  using backups or staying on same icloud, logging into old accounts from the new unit, fb/tw/gOOgle etc. Then i see chances for that someone with possible resources and skills  are lurking around her belongings and so on keeps regaining access all this time is really low, and with the skills needed,  no way if you will leave such dumb and easy traces... those with purpose(the law) hate those same iOS products because they are a pita to break, and that's with full access and unlimited time.  . Shes not very thecnical and describes her phone issues like what the real deal is, on iOS u don't have much control, the system is running trough all kind of things randomly, if the unit is not jail broken, proper access to systemlogs are hard to get, so what's left is the general info apple wants to share, activity, and time, apple won't even allow you to see an event log, they ban all software that's capable for this from appstore, then I notice a 3rd thing here, the security and camera issues, she had her systems replaced several times. Why?, she's not saying any more, and on other side she describes her own findings for what she can, so my guess is that no one finds anything wrong anywhere.   , when i read between the lines here, something tells me she's not part of a scam.  and it might be this person needs to get urgent help in a totally different way than she's opting for. I feel sorry , because there are children included in this, and I hope that she don't run into more morons, "helping" either by lying about their skills or just taking advantage of her to gain something.  And that's my last words here,poster nr 2 with long experience in this area... nobody with skills reads the first post and thinks that this is the reality, that security experience can provide much help. 

[digininja]

Just to add to my original thought on this topic, the user NxXxP joined the forum, posted this single message in support of the OP and hasn't been back again since.

The two writing styles are very similar, the use of ... and the whole message in a single huge block of text.

Odd and suspicious.

[NoExecute]

My first thought would be, "who would be annoyed enough to do that ?"
First, listen. Messing with someone, on the level you're talking about, for a whole two years, takes a lot of dedication and skill, or you're being careless with your security somewhere, making yourself open for an attack. Is it possible, yes, But, is it realistic ?. NO, not much.
And for your new systems being compromised, look..not realistic. Again if that happens, you're doing something that let's them in again, or trusting someone you shouldn't be.

You say that you have people out to scan the network, check the settings and so on. Listen if they didn't find anything, and they were good at what they do, it's because there's nothing to find, OR you're being careless, and doing something for an attacker to come back in again.

If you want to get off the grid, STOP USING CELLPHONES !!. Stop using social media, email and instant messaging ! Get an unlisted address and phonenumber, change your name, change your look. Buy an alligator to watch the back yard entrance 😉

As for wifi, hiding your SSID does nothing, it's useless when it comes to security. VPN's are only for hiding your IP externally, and encrypting your data within the wifi network, they can help, but again, if an attacker have access to your machine, it doesn't matter anyway.

Can someone access your laptop even without access to it ?. The short answer is yes, depending on the situation and the user, if they are careless, jumping into social engineering attempts, phishing attacks, installing something they shouldn't. or using it somewhere out in public without thinking on where and for what they are using it.
There's a lot of possible attack vectors, and shutting them all down, is nearly impossiblem but with good habits, a lot of them can be avoided.

1. Change your passwords, (No reuse ANYWHERE)
2. No social media use, no instant messaging use, no use of files from someone you don't know. If someone sends you anything, check with the sender, and be sure you REALLY trust them
3. Use a VPN
4. NO WIFI USE !!
5. Turn off wifi on laptop and cellphone when you're in public and don't need it ! (Use cell providers dataplan)
6. Reinstall you OS, clone it, so you have a good working reliable copy
7. Get good locks in your doors
8. Be sure you alarm provider isn't using factory reset codes (A lot of them do actually)

Best of luck 😉

/NX

[digininja]

One last follow up on this, as already pointed out, the user NxXxP appears quite suspicious. I checked, the user joined, posted the one message in support of the original, and has never logged in again since.

In my opinion, having seen a lot of these before, the original message is using sympathy to try to recruit people with security knowledge to do illegal hacks, initially under the guise of helping out, then later, probably just for straight up cash.

[Irukandji]

Ugh, I hate people who do this thing.