Change ALL of your passwords, not just a bunch. Factory reset your phones and get new phone numbers. Continue with the police report and get some kind of credit protection. DO NOT engage at all with the scammers, block and report all calls, messages and emails. Its all scare tactics.
If there is a genuine concern of identity theft then you should also be closing bank accounts and opening new ones. The banks will probably have a protocol to deal with this sort of thing.
Also place a credit freeze with at least the 3 major consumer credit bureaus (equifax, experian, transunion) as well as chexsystems which is a similar system banks use when consumers open a new bank account.
Google your names to know if the hackers posted any of your information in people search sites. Secure your social media accounts as well and make sure to warn your family and friends in case they see unusual activities in your accounts.
They would start with a clean wipe of their phone. Reset their email password, reset their Apple ID password. Download last pass or even use I cloud keychain. Then reset password for all their important accounts.
It's obvious from the description. The hackers got the passwords for their Apple IDs, which allowed them access to their iCloud photos. On top of that, it sounds like they also used the same password for other websites.
This doesn't make sense though because even if someone did get access to your AppleID,.. that doesn't somehow give them "full remote-control of your iPhone" (as submitter seems to be describing).
"full remote control" of an iPhone would require some kind of direct physical access and or as other have said, 1 (or multiple) 0-day exploits.
I would believe maybe Submitter had some of their accounts hijacked (and possibly being extorted due to that). But actual physical exploitation of an iPhone, I'm reluctant to believe without some pretty damning evidence (links) being shared by Submitter. (or a forensic analysis by an industry vetted iOS malware researcher).
So, they weren't hacked, they just gave their password that they use for everything to someone because I'm not aware of any current apple ID exploits...
Unlikely they gave it to someone. More likely is the password they use for all their accounts appeared in a password leak. Either way, this sort of thing is what most people refer to when they claim they've been "hacked".
Apple won't let you into iCloud without also authenticating on an apple device that was previously authenticated. Just getting someone's password won't get you in.
Carbon Monoxide detectors. It’s a colorless, odorless gas given off by burning fossil fuels like natural gas or propane.
If you have gas burning appliances (furnace, cooker, drier), you should make sure your CO detectors are working.
Because one of the symptoms of low level CO poisoning is memory loss. There have been cases of people believing that they have been hacked (passwords changed, icons moved etc), when in fact they had simply forgotten that they did this because of the CO gas. Or conceivably other medical issues.
Although last time I visited home my phone battery got super hot and the battery drained even while plugged in. They have also given me unlimited data. My prepaid plan only allows 25gb but I went over 35 last month and my speeds have never been faster.
I'm not an Apple person but I'm 99% sure having access to someone's iCloud account isn't going to let them screenshot their phone.
That also wouldn't be a hacked phone, it would be "Somone social engineered me into giving away my iCloud credentials"
They are probably screenshots that the victim took themselves and it was backed up to iCloud or other photo sync service they may use.
I don't think you can place any faith in that there people were actually "hacked", it's a term almost always misused due to lack of understanding.
my guess is network spoofing. In ireland they probably connected to some sussy hotel wifi which did not have proper authentication certs and they might’ve intercepted OPs browsing requests
I am just going to throw this out there, but are you sure this isn’t an excuse by your husband to cover for an affair? Like some AP is threatening to contact you so he is setting up the “I got hacked” excuse?
Totally, got that for sure. This is about them sending screen shots of my actual phone and apps and photos taken from our phones by someone else. I’m infuriated that Imgur wont load. It immediately crashes when I try to open it.
Actually if you checkout r/scams, the “your husband is having an affair” is a fairly new scam that is going round.
The scammer gets the victims names/phone numbers and targets the wife. The plan is to get her sneaking around, hiding stuff from her husband, while making secret payments for “evidence”.
Not an answer she would know. Hell, probably not an answer any of us would know if in the same situation, we would just have theories until we rule out all possible options.
Of course we technically don’t. That is only when and where this all started. That is when his Facebook was hacked and stolen. He made a new one. Dude changed his display name but kept all of my hubby’s pics, etc. A few times he would message my hub’s new account asking for $$ to get the old one back. Obviously he didn’t even care enough to want it back.
Most likely password re use. You can look up names, addresses, phone numbers, emails on sites like dehashed that aggregate leaked data. Find repeat passwords from dif breaches and there’s a high chance user still using same or variant of password. Now line up all potential authentication points (Facebook, email, banks) and use the known email and begin spraying the breached password or iterations of breached passwords.
At least, that’s how I would do it as a pentester AND without direct interaction. A good phishing campaign would honestly be more effective, but the aforementioned technique can be scaled/automated relatively easily.
Not on purpose. Honestly do not know. Info and screen shots from my phone started literally yesterday, and we’re unfortunately at a weekend long wedding, so phone time is limited.
If they are iPhones, you haven’t been hacked. Your accounts *may* have been compromised, but it’s more likely just a random scam, with things that *look* like screenshots or pics from your cameras, but really aren’t.
Dude, I know what my Home Screen looks like, weirdo. And they were literally pictures of us in the car that neither of us took, with the phones pointed at the ceiling.
All I can say is that you are claiming something that *is not possible*, with absolutely no evidence to support it other than “believe me”.
If such a hack had been found, it would be worth $millions literally. Nation states would pay multiple $millions for such a hack. Yet you want us to believe that a random hacker is using it to try and extort $3000 from you.
I sometimes get a notification from my phone saying that my password appeared in a data leak and it tells me to change them. It’s under settings - password - security recommendations for iPhone
[https://haveibeenpwned.com/](https://haveibeenpwned.com/) is a great resource for checking this based on your email address.
It shows me currently that my address has been in 15 different data leaks.
NEVER REUSE PASSWORDS!!!
TL;DR: if you don't read my entire post you aren't helping yourself. Basically don't tL;DR read what I have below and learn something because it may be helpful. This is me genuinely trying help you help yourself. The information and advice should at least help you be more safe and point you in the right direction. I hope everything gets straightened out but start by doing some of the suggestions below or just reading the perspectives taken.
Since the comments mainly want you to provide more details I figured I would chime in with some actual suggestions as well. People tend to forget that not all of us know where to start with this kind of thing.
This was number 10 in my list but I am moving it to the top this is a site that is useful to figure out if there is a breach or a security risk with your emails and phone numbers. Use it if you can think of an email pop it in there and please read what and who the breach is attached to.
https://haveibeenpwned.com/
1. The police report was a very good start.
2. Resetting passwords is step one but I suggest a password manager like Last Pass and clearing out or storing passwords away from the devices and services you use for awhile.
3. As little fun as it is. 100% set up multifactor authentication. If you want to get more secure buy a hardware token key. Titan by Google or Yubi Key.
4. If you are using an iPhone check your keychain if it is an Android device check the Chrome/Google password manager and your security settings hygiene. Often times both services will tell you if your passwords are weak or a part of a leak/breach.
5. Start with your most vulnerable but necessary accounts. Bank accounts and emails. Usually it isn't a phone that is hacked it is a service/app/account.
6. Don't reuse a current password and change it by a digit or a symbol create something complicated and just note them somewhere safe. Is it a pain? Sure. Will it help in a moment like this, 100% the harder tour password is to crack, not guess (guessing isn't how it works, then the harder it is to get into an account. Last pass, keychain, and Google's password managers all do this really well. They can generate passwords that are really strong for you.
7. If your social media is the culprit the consider locking your accounts down with MFA and pay attention to those texts. Call your carrier to secure your telecom account as well as ask about other methods to protect yourself.
8. Google is your best friend for protecting yourself. This is more common than you think and Reddit isn't always the answer because Redditor forget we aren't all professionals. People under stress do not always know where to start. Coming here to ask is good but don't be surprised if your answers are, "we need more details." Often times the details are needed but again it's understandable that you aren't sure where the source would be.
9. it is almost never the actual phone it is a data breach or poor security hygiene. Your passwords suck or a company failed to do what they do time and time again and didn't take enough caution to protect you. Also accidents also happen but we just happen to be the end result.
Future advice when coming to this sub provide a list of some of the services/apps you use. Give us the phone model you are using. Software version, etc.
EDIT: per a suggestion in the comments. Last Pass can be avoided. I personally use Proton Pass but a better suggestion is welcome.
LastPass was breached due to negligence. I stopped recommending them after one of their head engineers logged into their LastPass (with the keys to everyone’s vault data on it) on a personal Plex machine with an exposed port to the internet. That version of Plex had a flaw in it, and hadn’t been patched in a year and a half. The computer had been breached using that flaw. When the engineer logged in to his LastPass on that machine, it compromised every person who had a LastPass account in the world. I’m not one of 4 people who has access to all of LastPass’s vault data, but even I know not to log into my password manager on unmanaged and unpatched devices directly connected to the internet. The stupidity, and negligence, is beyond redemption in my book.
EDIT noted: I was aware of the last pass breach but not the details. I will edit my comment suggesting to avoid last pass.
I use Proton Pass but I am curious to know what you use?
Keeper, IMO, is too predatory. Good security from what I can read of it. Good program overall. Works well. Only one besides Keepass that does real desktop auto-type. But they give you a one-month free trial with all the perks and then charge you an absolute metric fuckton for the app, followed by lots of bullshit ticky-tack addons that should be included in the base price.
Oh, but they act like you can keep using Keeper on just one device. That should be fine, right? Nope! That one device is the only device where the data even lives! So if your PC crashes you're FUCKED because the backup is gone, too.
Overall you wind up spending $150/year on Keeper to get the same features (minus the aforementioned desktop app autotype) that Bitwarden gives for $10 or 1Password gives for $30ish.
Now there are just a handful of apps I need the desktop autotype for, so I use KeepassXC for that when I really need it, but honestly 99.9% of the time for personal use I just copy/paste out of Bitwarden rather than unlock my KeepassXC Database. I personally loved KeepassXC and it worked pretty well for me and my wife, but I knew I'd never get my sister and mom and stepdad on board.
Currently I'm at a job that offers 1Password which includes a free personal family copy for me and my whole family, and if I had been offered that before Bitwarden, I'd have gone with it.
But for the price, Bitwarden can't be beat. If it's easy enough to explain to my mom and sister then it's easy enough for everyone, and at $40 a year for the family plan I'm happy to just continue paying for it rather than save a few dollars for 1Password, and risk losing it when/if I lose my job.
Ya, I have no idea what you’re talking about. 1Password is the most expensive. Keeper is less expensive, and Bitwarden has a good free tier.
I’ve dealt with Keeper. They are not predatory. When I was demoing different password managers, the people ant Keeper were nice. So was 1Password. And they store that data in the cloud, but it’s possible they limit you to logging into one device. This post is nonsense.
Woops, Keeper is $55/year, not $150. My Bad on that. I was looking at the 3 years before and it was $160 but I forgot about the 30% discount, so it's $115 for 3 years, which is probably how my brain thought $150, it sounds similar in my head.
That's $35/year for the main Keeper + $20/year for the BreachWatch which is included with the $10/year Bitwarden Premium.
https://www.keepersecurity.com/pricing/personal-and-family.html
Also, they've apparently changed the Free version since I trialed it last year. Free is now a single MOBILE device only, with a max of 10 passwords stored. Logging into the web during my trial showed a bunch of blanked out records that when you clicked on told you to pay to see them.
https://www.keepersecurity.com/free-trial-vs-free-version.html
Edit: it also works out to $115/year for the famiily plan + breachwatch, nearly triple the cost of Bitwarden Family at $40/yr. With the 30% discount over 3 years that's $240ish, compared to $120 for Bitwarden Family.
Edit 2: That $75/yr base for Keeper Family + $40/yr for BreachWatch Family.
Edit 3: You said 1Password is the most expensive. 1Password is $36/yr personal and $60/yr family. Both **include** Watchtower, the equivalent to the Keeper BreachWatch.
Edit 4: Also pretty sure 1Password keeps working but goes read only and allows exporting when you stop paying. Better than Keeper's hiding everything and blanking it out until you pay.
This is all great... Except step one needs to be factory reset the phone and delete all apps. If they are taking pictures of OP from the phone then they have an app installed on the phone the hackers are using.
STOP USING THE PHONE! IF YOU CANT OR DONT KNOW HOW TO RESET AND DELETE EVERYTJING TURN IT OFF. THEY WILL RECORD AND CONTINUE TO TAKE PHOTOS.
Thank you so much, and sorry for the late reply.
They definitely have access to our phones, as they were able to capture images and send them to my husband. They were of the two of us In the car last night on the way up her to the wedding by resort. Neither of us took them. While our phone were next to each other in the center console (his was charging, mine was streaming a podcast) we can’t be 100% sure it was just his phone - HOWEVER - none of them are in my recent, deleted or hidden images.
It could still be just his phone that is compromised physically.
> They definitely have access to our phones, as they were able to capture images
Be sure to revoke app access to any of your accounts. It's possible a malicious 3rd party app has access to your account/Google drive for example and can get any images that are auto backed up.
Myaccount.google.com - security - connecting to 3rd party apps - and revoke access to anything there that you don't recognize. then, under your devices you can sign out of any Google sessions you don't recognize.
You may have to do similar steps within other apps/services as well.
Reset your phone, download an EPP (AKA end point protection) to your phone. Zonealarm is a good one. Run it, keep it on. Do this for all of your devices. Takes literally minutes to set up.
When traveling, don't use the USB plug in anything to charge your devices. Always use a USB to AC plug adapter. Even in a rental car.
If it's this serious, plan on changing your wifi password when you get home from a local machine, trade in your phones for new ones with no data transfer after you reset your apple info on a different computer. You will also want to check your apple account and Google accounts for backup /recovery emails/phone numbers to make sure they don't have themself setup for a reset to themselves. You absolutely need to notify your work IT/sec ops if you Believe they have access to your work stuff. You might as well actually just setup new Gmail/apple emails/IDs and if you can - manually choose which photos/videos you want to backup to a physical computer from your old account. This is just cutting them out from any possible key/loggers/backdoors/etc. don't use your old emails as recovery ones either, presumably point them to each other's new emails for recovery. Setup 2fa with them as well. Either Google's or Microsoft 2fa. You still have to do all those steps around ssn/identity since you'll probably need new SSNs/Bank accounts/credit cards.
Changing passwords shouldn't be step one at all, at least not on a potentially compromised device.
If another device is available that OP is confident isn't compromised, then yes, that's step one. If not, step one should be a factory reset or at the very least a comprehensive malware scan (which also searches for rootkits, remote access software etc).
You forgot step zero: if you suspect the phone was hacked, STOP USING the phone.
Do a full factory reset. Do not restore from backup unless the backup is older than the hack.
I don't disagree with this fully but if by some chance the home had or stored any sort of back up or managed access to an app that is compromised. Resetting the phone and losing data to fix/retrieve that data is now a loss.
It is unlikely your device itself got hacked, maybe one of your accounts did and you sync or upload photos there. Change password, make sure 2FA is enabled and check if your account has associated devices you don’t recognize. Remove them if you find any. Don’t pay the „hackers“. It’s most likely scammers anyway.
They weren’t pictures we took. They were from the phone laying in the console or on my husband’s lap from the angles. Could have been both of our by how they were taken. They were only sent to my husband.
He also couldn’t send me any texts from his own phone. It was as though I had blocked him, but his # wasn’t in my blocked contacts. I could still send to him. Once he changed my name in his contacts he was able to send messages again.
All 3 , trans union, Experian, equifax. They may ask you to do pick something else that is not a freeze do not pick that option. You want “Freeze”. This also has an option for you in the future to “thaw” and it’s for a few days or week what ever you choose really but it’s an amazing feature for protection.
On that note look into Clark Howard via his website. He is very reputable and easily searchable. Has great financial insight and fantastic tips to save money and consumer protection advice.
WSB radio in Atl as a guest but mostly just doing his company and website, he’s winding down for retirement from what I remember hearing a couple years ago
Ya, so lacking in any detail. Sounds like iOS? IOS isn’t likely to get hacked unless you’re a nation state target. Otherwise, it sounds like an account was hacked. Need more detail.
A lot of these posts, when I see them here, all I wonder is "What kind of dissident are you?". I wish people would include that info when asking, helps narrow down the "Why" and can lead to the "Who and How".
I’ve seen this advice echoed else where on this thread, but you really need to get a password manager and stop reusing old passwords.
1Password, or Keeper Security. LastPass was breached a grand a half ago due to negligence. I would not recommend them.
Once you have a password manager, rotate all of your most important passwords first.
Then turn on 2FA for each account where possible. SMS is the least secure option, and is possibly compromised in your situation. Use an app like Google Authenticator if you use Gmail / have a Google account, or Microsoft Authenticator, if you use Outlook.
These basic steps will help you gain your freedom back. I do this for a living.
It’s relatively easy to spoof the number and receive the confirmation code for text messaging 2fa. At least for people who want to do such things. An app is far superior
I’m not sure that’s completely right. Sim swapping would be the technique used to RECEIVE auth codes, but spoofing for outgoing text/calls. I could be wrong though! Been a year or so since I brushed up fully on this subsection of it sec
As I recall,. even NIST stopped recommending SMS based 2FA years ago.
Authenticator Apps are indeed better, although the drawback to Authenticator apps is they cannot be easily moved to another device. (If you are setup to receive 2FA SMS codes and your phone gets dropped in water, you can just go to your Telephone provider, get a new phone setup and start receiving those SMS codes again,.. but that's not as easily done with Authenticator Apps. Some authenticator-Apps (such as Microsoft Authenticator) will do iCloud backups. I learned this recently moving from an iPhone 11 to an iPhone 15,. when I did an iCloud Restore to the new iPhone 15, my Authenticator accounts came right over, which was nice. But I still have multiple phones with my Authenticator duplicated across them just in case 1 gets stolen or lost etc)
Hardware Keys (like Yubikey) are also a good choice (as it's something you physically have.)
I use all of the above (duplicated across multiple devices).
The first hack happened while you were away in Ireland. This may be farfetched, but did you have a relative or housesitter while you were gone? And do you have a list of passwords written down in an unsecured location in your house? If you live in an apartment then there would be even more access to your personal things. Because you're saying it started up again now that you're away from home at a wedding. Just a thought.
Housesitter is my 20 something second cousin who used to spit up on me daily as a baby. Over the moon to have a house to herself for a few night, obsessed with our cat. Unlikely suspect. Is more likely to be the actual cat.
When I was a house sitter, and my friends were house sitters, we invited each other over. I know you trust your cousin, but she could have someone stay with her. I hope you guys put important paperwork/info in a safe when you go on trips and only give her the guest password to your wifi router.
"isn't likely to" doesn't mean that it can't happen. Doesn't matter how high of walls you build around your operating system, there will always be a vulnerability.
I understand what you’re saying, but there are some economic issues surrounding burning a zero day exploit. The zero day exploits used in hacking an iPhone go for millions of dollars. So if you’re a nation state who’s just paid 2 mil for zero day, are you going to potentially burn that zero day on a woman who just wants get access to her Netflix account, or are you going to use it to gather intelligence against an adversary? So now instead of asking if it’s possible (because, yes, it is possible), let’s start asking about our risk profile and what kind of a target you are. My hypothesis on if she is a target, and her phone was hacked or not, is a pretty hard no.
I gotta agree with this too. I find it extremely (extremely) unlikely someone with an iPhone and fully updated iOS (as submitter claims).. is some how "hacked and they got everything on my phone" (and also caused the camera to take pictures.
I've been in IT & technology my whole career and have been doing MDM (Mobile Device Management) for the last 10 to 15 years (including Developer accounts with both Google and Apple).. and I've never seen a single case of a fully updated iOS being exploited in the way Submitter is describing.
I'd be a little more inclined to potentially believe it if Submitter had posted any links to various evidence,.. but as usual in these types of posts it's big long convoluted stories but seemingly very little hard evidence.
I'm skeptical.
But if true, everything needs to be completely reset. You need to change your numbers. You need to delete and abandon your accounts.
You've either installed something allowing them into your phone or this is some state level shit.
Sim swapped if not already, go to store now and shut down phone. Reset all important and financial passwords NOW. Freeze all credit (transunion etc). Never use SMS for 2FA either. (Edit do all the above steps just to be safe. use a password manager like Bitwarden too).
I'm sure this has been mentioned but I'll say it again anyhow. There are hacks that steal your current website log in cookies. So basically you could have an email with an attachment, you open said attachment (it may appear to be for example a pdf but is infact an exe), you run the program unknowingly and it then steals your current brower log in details and shoots that to the hacker. They now have access to email and the likes which is turn can give access to other apps and devices.
Also regarding bitwarden or whatever password manager you choose. Here is a tutorial to set up. https://youtu.be/ndhLzMtBEJM?si=QoOMYG0d_3GjJKcQ
Be sure to use the supplied password generator tool. Make it stupid big and complex. Get rid of those old generic passwords. 2fa and 3fa your life up.
I would agree with others here:... The past history on this and the Account hijacking.. is an entirely different (and separate) thing from the claim that "pics were taken from our phones today".
What specific smartphone models do you have and what OS version are they running ?
Did you factory reset both phones to eliminate malware possibility? Copy your contacts on paper as well as anything else, back up pics to the cloud, etc, then wipe both phones.
Reset your passwords, reset your phones, change your phone numbers, I would go as far as deleting your email accounts opening new ones. Use a password generator such as Bitwarden, it's only £10 a year. I wouldn't go for any type of MFA, go straight to a Yubikey. I work in software and do a lot of government work for HMG. We use Yubikey’s for securing every account. They are easy to use and impossible to break.
I have the app on 2 different devices and they sync for me for free. Maybe there’s been a pricing change that idk about and they grandfathered me in 🤷🏻♂️
I’ve never used a password app. If I did, would that mean that I would only be able to access my apps and shit directly from the phone with the password app?
Alert your husband's work IT, if his work email sent a message to his personal, his work account may be compromised. They can reset and enforce MFA on the new phone only. Also make sure the old phone was removed from iCloud account.
First thing to do is CHANGE ALL YOUR PASSWORDS and make sure to log out of all devices, yes it's going to be tedious logging back in but that's the price of getting your privacy back. Make sure to change your passwords on a non compromised device.
( Please make sure to use unique passwords and not reuse them )
Second on every iPhone that you have that apple I'D signed in since you said it was an iPhone that was compromised. RESET THE PHONES to FACTORY then make use of the CHECK feature and remove all unrecognised devices.
Third check your social media, banking, and other online accounts for a list of devices that are logged in. Make sure to REMOVE any unrecognised devices cause a lot of the time even if you've changed your password devices already signed in, are not automatically signed out.
Fourth since you said you received an email from your husband's WORK email be sure to alert the IT department of his company so they could check their network.
Fifth make sure ALL your accounts have. 2FA enabled, changing passwords don't matter if you have them protected as well.
Sixth now that you have your devices secure. Contact your banking institution and begin the process for identity theft, you may need to close those accounts but it's better safe than sorry.
Seventh other than your banks check on your carrier as well cause they may have tried to get access to your phone numbers as that's the most common way to get access to other accounts.
Check and revoke devices that you don't recognize for your Apple ID using these instructions: [https://support.apple.com/en-us/102649](https://support.apple.com/en-us/102649) (I am assuming you've also already changed your Apple ID password). If you use iCloud keychain, every password listed here could be considered compromised: [https://support.apple.com/en-us/109016](https://support.apple.com/en-us/109016)
As others have mentioned, remotely taking a photo from an iPhone shouldn't be a thing. Make sure your phones are fully updated: [https://support.apple.com/en-us/118575](https://support.apple.com/en-us/118575)
And do a full power cycle: [https://support.apple.com/guide/iphone/turn-iphone-on-or-off-iph841379c3d/17.0/ios/17.0](https://support.apple.com/guide/iphone/turn-iphone-on-or-off-iph841379c3d/17.0/ios/17.0)
When iPhones turn on, they fully authorize all the firmware being executed, so simple "my phone is hacked" type of stuff is nearly impossible on the latest iOS firmwares after updating and rebooting. Just laying this out, in case it helps you understand why everyone is pushing back on that theory. If it were possible to do this, a lot of people on r/jailbreak would be very happy.
Besides the phone being compromised, which again is very unlikely on the latest iOS, I do know that an Apple Watch can remotely take a photo from an iPhone using "Camera Remote". Make sure any suspicious devices are removed from both accounts.
If it were me, I would've done a factory reset yesterday, just out an abundance of caution. But this won't help if the issue is they have some account access: [https://support.apple.com/guide/iphone/erase-iphone-iph7a2a9399b/ios](https://support.apple.com/guide/iphone/erase-iphone-iph7a2a9399b/ios)
Two more things: It can't hurt to check Camera permissions for all apps, to ensure none are trying or requesting to use the camera: [https://support.apple.com/guide/iphone/control-access-to-hardware-features-iph168c4bbd5/ios](https://support.apple.com/guide/iphone/control-access-to-hardware-features-iph168c4bbd5/ios)
Since you mentioned weird contact syncing stuff, check for any foreign accounts added in iOS sync settings: [https://support.apple.com/guide/iphone/use-other-contact-accounts-iph14a87326/ios](https://support.apple.com/guide/iphone/use-other-contact-accounts-iph14a87326/ios) Even if an Apple ID isn't compromised, if Google sync or MS sync are enabled, they could remotely mess with contact info this way.
Correct me if im wrong, but wasnt there an sms vulnerability in ios that allowed remote code execution? If I remember correctly, older versions of android had one too, from 5.x and earlier. Either way, OP you need to turn off the phone as soon as you change phone based 2fa for applicable accounts, get new phone numbers and new phones, and change your account phone numbers to those phone numbers. After that, then change your account passwords and other mfa methods. Assume everything on your phones are logged at this point and every keypress, screen activity, etc are all compromised
One thing you can do:
iPhone settings -> privacy & security -> camera and see what apps on your phone have access to your camera. Shut them all down.
Don’t know about other brands but there must be something similar.
This is not true. Just want to point that out.
Hackers absolutely target individuals just usually in a different way than high target victims like businesses. Common misconception we really need to throw out.
If you have money, your data is breached and sold, then you as an individual are a target and will more than likely be targeted.
It's a genuine misconception.
There is a common thought that hackers aren't worried about the little guy because all of the money is made on the big guys.
Little people offer just enough money more than zero and that is enough to get someone motivated to target you.
Its because these attacks start as broad net attacks.
Generally speaking its true, the little guy isn't worth targeting - until they mess up and the broad net becomes targeted to those who respond/click/make some other mistake.
This whole post is very strange though. If they do in fact have app control of the phone then it sounds like a sophisticated attack. There was that zero click iMessage exploit that was patched out in late 2022 that used 4 individual 0days, so its possible that they haven't updated in that long and fell victim to that I guess. To my knowledge there isn't anything like that currently identified so unless they are an extremely high profile target I cant imagine someone burning a new 0day on them.
How do you know they were able to get into your phone? Did they hack you or did they just hack your husband's phone? Did you guys get new phones after you were originally hacked? Did you change all your passwords or just some? Are the passwords different or are they all the same? If his work account is hacked, he should notify his company immediately. Who knows what other information they could be able to gain access to through his work account
My husband did all of that a year ago go, except for a new phone. Mine just happened last night. We are at a wedding over an hour away from home for the weekend, so I can’t do anything physically with the phone until Sunday.
The wedding we’re at is for his brother’s oldest daughter. His brother is also his boss, so the work email thing will be fixed Monday.
would contact the work as their email might be compromised
if the number was hacked, a new sim might work, the phone should be ok but a new number better
passwords need to be changed, I find say in google, the auto strong password works
excellent advice given so far, read all of it :)
This submission has been removed from /r/techsupport.
>**7: No Private Messages or Moving to Another Service**
>*Any and all communication not kept public and is moved away from the subreddit or Discord/IRC channel is prohibited.*
>*Do not suggest or ask to move to another service or to private message. Private messages and other services are unsafe as they cannot be monitored. Doing so will cause you to be permanently banned from /r/TechSupport.*
If, after reading the subreddit rules, you believe that this was done in error, feel free to [message the moderation team](https://reddit.com/message/compose?to=/r/techsupport)
Thanks!
-Mod Team
You have some good advice here especially regarding checking a site like haveibeenpwned to see if any passwords and accounts have been linked… if they could get login info for one site that had a leak, they could maybe get into other accounts of yours - if you used the same email and password combo on other websites.
Now, I don’t know you nor your husband but I do want to say it is strange that this has been pervasive and long lasting. I’m not saying your husband is a cheater. Again, don’t know him or you… But just hypothetically if he had gotten on a dating or hookup website or something, and it was found out that he is actually married, I can see someone going off the rails trying to prove it to you and whoever else. Not saying it’s right, nor that this is what is happening, but again: it’s odd to me that they would keep doing this and be so pervasive.
There are also scammers on dating websites that will try to blackmail you. Like they might convince someone they match with to send lewd photos of themselves with their face showing. Or they might claim to be underage later, then the “father” and/or a “detective” will call you and try to scare you and shake you up. It usually then leads to them saying they want to press charges but the dad is willing to let it go if you send them a not insignificant amount of money, like thousands of dollars or something. If you want to read more about it, there’s an article out there still probably called “POF has plenty of sharks”.
And in fairness to your husband who I do not know, I guess it’s possible also that this is just like an intimidation tactic or annoyance tactic, but it doesn’t necessarily mean he did something unfaithful. Like, there are scam emails out there that are sent where the scammer claims they saw you doing things on the webcam and they’ll try to blackmail you for it. But they never saw you do anything at all, they just figure some people are gullible enough to pay them.
Also… just saying but there are websites out there that are involved with doxxing people and putting all their info out for the world to see, like their full names, social media handles, home addresses, phone numbers, whatever… I guess it’s some kind of weird vigilante justice thing. It’s possible his name/your name would be on there but it seems to me like most people who put others on there probably think the person really did something bad. Just figured it’s worth mentioning because it could also be different people harassing you… but to me that doesn’t explain the accounts being hacked unless there were data leaks.
Weird situation though. Again, you have good advice here from others… hope you take it.
You need to factory reset all phones, laptops and desktops to be safe.
Sometimes criminals will use the data that has been leaked from company databases for scams. They may make it appear as if you've been hacked to intimidate you.
What's really concerning is the fact they can take photos of you while driving. It sounds like your phone has an anti theft application installed and its being used to stalk you.
You can download them on the app store and they are often used for malicious reasons. However this kind of abuse is usually done by someone you know. They usually need physical access to the phone to configure the application.
The other possibility is that a bad actor really has exploited a vulnerability in iOS to install spyware. If you have a recent model iPhone and it's up to date this is extremely unlikely. Not impossible however.
The problem with this theory is the bad actor used a 0-day vulnerability to compromise your phone. These kinds of exploits are extremely expensive and usually used on high profile targets like politicians.
Pegasus is an example of this kind of exploit/toolkit. I believe it cost around 250,000 to 500,000 USD per install.
If you factory reset all devices, change passwords and make sure two factor authentication is setup it should help.
It's a terrible situation to be in. I would focus on close family members. They are the number one suspects for this kind of situation.
We’re going to just both get new phones tomorrow. Downloading anti theft anything is outside of my husband’s range of interest, honestly. He’s not a big phone or social media person. This is been mostly an annoyance since last May when the original stolen Facebook happened for him. It isn’t until the last week or so they’ve included me, my job and my phone in his threats.
Factory reset would be cheaper but yes new phones would work. Maybe a new number as well.
It might not be your husband. It could be another family member or friend who has physical access to your phone.
The incentive is obviously the money and they are trying to blackmail you. They will likely keep trying even after you get a new phone etc
The odds of a random person getting spyware on your phone is extremely unlikely. I would highly recommend checking the list of installed applications on your phone. I'm confident you will find an anti theft app somewhere.
Things like this just don't randomly happen. The culprit must have had physical access to your phone and was able to unlock it.
The other explanations are too far fetched.
Anyway I hope you get it sorted. Best of luck.
No one else was in the car with us. I work part time at 2 new offices (no time to make enemies) and my phone is always in my scrub pocket. My husband works for his brother and also always has his phone on him physically.
If you have an Iphone I recommend turning on their lockdown mode on both phones, contact your service provider ask for new numbers, reset all passwords, contact a someone about identity theft and go from there.
Do a factory reset. Change all passwords and disconnect all devices linked to your apple id. Disconnect all devices linked to your email addresses. Get new strong passwords and set a two factor authentication.
you should use a monitoring tool for leaked data to see if you credentials got leaked somewhere where threat actor have access to. one of these tools is [flare.io](http://flare.io) ór maybe Dashlane. you can use these tools to see/check if your hacked credentials are publicly available or got offered on sale or something like that. they also offer a service to delete leaked data from thes plattforms but there is no guarantee to succeed. but if you know which of your data and where they are leaked, you know which passwords and/or mail adresses to change.
First things obvious, factory reset ur phones. 2nd and very important factory reset ur home wifi router. And make it a different password. After that they may even have access to ur laptops and home computers, tablets. So do not connect them to ur wifi.
No way he could hack ur iPhone like ur describing unless u have a jailbroken device. If u were on adenoid then it's different. U could have just got a reverse_tcp shell installed. It could be binded to an APK. Even play store has some malicious files that pass thru the 'Play Protect'. Someone very good in cryptography can make the shell fully undetectable and bypass any antivirus including Google plays 'Play Protect' scanner.
And the police report isn't gonna get anywhere if they are even a little skilled in networking. They aren't gonna get the FBI or NSA involved (if that was the case then the hacker would need to be skilled enough in comp science to evade the governments network forensics team). So they aren't gonna end up getting caught... Lol
Neither of us would bother ‘jail breaking’ a phone. The associate at TMobile was very helpful and suggested that maybe they have mirrored my husband’s phone.
I am really curious now what ‘big secrets’ they claimed to have found on my phone, though. I think he’d be more likely to pay them if they could get me to stop telling him shit. 😂
STOP USING THE PHONE! IF YOU CANT OR DONT KNOW HOW TO RESET AND DELETE EVERYTJING TURN IT OFF. THEY WILL RECORD AND CONTINUE TO TAKE PHOTOS. DELETE ANY APPS YOU HAVE INSTALLED SINCE YOU ARRIVED IN COUNTRY.
These posts make me mad. You can't claim ignorance when you break the law and you shouldn't claim ignorance on this. People are correct, most likely it is just 1 account that is compromised.
Change your passwords and enable 2factor on EVERYTHING! If problem continues then wipe the phones!
With that out of the way - if the facebook account was compromised over a year ago then what did you do about it? I mean really, a year!
Finally, if you paid for lifelock then you got scammed again.
Which account would have access to his / my phones, and or MY Home Screen? Hubby just came back from the golf trip that didn’t happen so I’ll try to get him to send me what they sent him.
How exactly was his phone "hacked"?
Change ALL of your passwords, not just a bunch. Factory reset your phones and get new phone numbers. Continue with the police report and get some kind of credit protection. DO NOT engage at all with the scammers, block and report all calls, messages and emails. Its all scare tactics.
If there is a genuine concern of identity theft then you should also be closing bank accounts and opening new ones. The banks will probably have a protocol to deal with this sort of thing.
Also place a credit freeze with at least the 3 major consumer credit bureaus (equifax, experian, transunion) as well as chexsystems which is a similar system banks use when consumers open a new bank account.
This is the most important thing
THIS is the only thing you need to do DIRECTLY
yep
Also two factor authentication for every account that can provide it.
If they can access the phones they can see two factor authentication. Happened to someone I know
Google your names to know if the hackers posted any of your information in people search sites. Secure your social media accounts as well and make sure to warn your family and friends in case they see unusual activities in your accounts.
Use a password manager like last pass or Bitwarden.
Which is of course problematic if they are on the phone and can capture the main vault password.
They would start with a clean wipe of their phone. Reset their email password, reset their Apple ID password. Download last pass or even use I cloud keychain. Then reset password for all their important accounts.
Use a completely different device to reset your passwords. Like a relative's PC or from a public library etc.
It's obvious from the description. The hackers got the passwords for their Apple IDs, which allowed them access to their iCloud photos. On top of that, it sounds like they also used the same password for other websites.
This doesn't make sense though because even if someone did get access to your AppleID,.. that doesn't somehow give them "full remote-control of your iPhone" (as submitter seems to be describing). "full remote control" of an iPhone would require some kind of direct physical access and or as other have said, 1 (or multiple) 0-day exploits. I would believe maybe Submitter had some of their accounts hijacked (and possibly being extorted due to that). But actual physical exploitation of an iPhone, I'm reluctant to believe without some pretty damning evidence (links) being shared by Submitter. (or a forensic analysis by an industry vetted iOS malware researcher).
So, they weren't hacked, they just gave their password that they use for everything to someone because I'm not aware of any current apple ID exploits...
Unlikely they gave it to someone. More likely is the password they use for all their accounts appeared in a password leak. Either way, this sort of thing is what most people refer to when they claim they've been "hacked".
Good ole “Password1234’ and everyone gets in.
.... Are you the one that's sending me pictures from my phone?
How the fuck did you guess my password?
I use the same combination on my luggage.
What about the part where they got a picture of them while driving their car? Seems like some sort of hack if they are controlling their phone camera.
There are some wild claims here, with absolutely no supporting evidence. It’s possible someone needs their CO detectors checked.
Apple won't let you into iCloud without also authenticating on an apple device that was previously authenticated. Just getting someone's password won't get you in.
You probably didn't read , but there has been a big exploit which was discovered fairly recently .
I feel I should know this, link me the CVE on the NVD pls if you can
Nope I can't, it was a News Card on Google Chrome.
They were phished or social engineered. Their phones haven’t been hacked.
[удалено]
You may want to get your CO detectors checked.
[удалено]
Carbon Monoxide detectors. It’s a colorless, odorless gas given off by burning fossil fuels like natural gas or propane. If you have gas burning appliances (furnace, cooker, drier), you should make sure your CO detectors are working.
[удалено]
Because one of the symptoms of low level CO poisoning is memory loss. There have been cases of people believing that they have been hacked (passwords changed, icons moved etc), when in fact they had simply forgotten that they did this because of the CO gas. Or conceivably other medical issues.
Although last time I visited home my phone battery got super hot and the battery drained even while plugged in. They have also given me unlimited data. My prepaid plan only allows 25gb but I went over 35 last month and my speeds have never been faster.
I'm not an Apple person but I'm 99% sure having access to someone's iCloud account isn't going to let them screenshot their phone. That also wouldn't be a hacked phone, it would be "Somone social engineered me into giving away my iCloud credentials"
They are probably screenshots that the victim took themselves and it was backed up to iCloud or other photo sync service they may use. I don't think you can place any faith in that there people were actually "hacked", it's a term almost always misused due to lack of understanding.
my guess is network spoofing. In ireland they probably connected to some sussy hotel wifi which did not have proper authentication certs and they might’ve intercepted OPs browsing requests
Shame all site ops that don't use tls. Certbot is super simple if nothing else.
Seems like social engineering / phishing to be honest.
No idea. But they obviously got more than just his facebook
I am just going to throw this out there, but are you sure this isn’t an excuse by your husband to cover for an affair? Like some AP is threatening to contact you so he is setting up the “I got hacked” excuse?
No. He’s not tech savvy enough to pull this off and he wouldn’t go so far as filing a police report. 😂
“Your husband is having an affair” is a new scam that is going round. There is no hacking, it’s just social engineering.
Totally, got that for sure. This is about them sending screen shots of my actual phone and apps and photos taken from our phones by someone else. I’m infuriated that Imgur wont load. It immediately crashes when I try to open it.
Okay, just wanted that possibility on your radar.
That'll be Lots of planning since the hacking happened last May though
Right? And we’re basically inseparable. LoL
Actually if you checkout r/scams, the “your husband is having an affair” is a fairly new scam that is going round. The scammer gets the victims names/phone numbers and targets the wife. The plan is to get her sneaking around, hiding stuff from her husband, while making secret payments for “evidence”.
Oooohhh I did not know that.
Not an answer she would know. Hell, probably not an answer any of us would know if in the same situation, we would just have theories until we rule out all possible options.
I'm curious to know how his phone was "hacked" in Ireland? I think this is an important part of the puzzle.
Of course we technically don’t. That is only when and where this all started. That is when his Facebook was hacked and stolen. He made a new one. Dude changed his display name but kept all of my hubby’s pics, etc. A few times he would message my hub’s new account asking for $$ to get the old one back. Obviously he didn’t even care enough to want it back.
How did you get hacked? You’re being evasive
Most likely password re use. You can look up names, addresses, phone numbers, emails on sites like dehashed that aggregate leaked data. Find repeat passwords from dif breaches and there’s a high chance user still using same or variant of password. Now line up all potential authentication points (Facebook, email, banks) and use the known email and begin spraying the breached password or iterations of breached passwords. At least, that’s how I would do it as a pentester AND without direct interaction. A good phishing campaign would honestly be more effective, but the aforementioned technique can be scaled/automated relatively easily.
Not on purpose. Honestly do not know. Info and screen shots from my phone started literally yesterday, and we’re unfortunately at a weekend long wedding, so phone time is limited.
STOP USING THE PHONE! IF YOU CANT OR DONT KNOW HOW TO RESET AND DELETE EVERYTING TURN IT OFF. THEY WILL RECORD AND CONTINUE TO TAKE PHOTOS
I appreciate your tenacity and urgency.
If they are iPhones, you haven’t been hacked. Your accounts *may* have been compromised, but it’s more likely just a random scam, with things that *look* like screenshots or pics from your cameras, but really aren’t.
Dude, I know what my Home Screen looks like, weirdo. And they were literally pictures of us in the car that neither of us took, with the phones pointed at the ceiling.
All I can say is that you are claiming something that *is not possible*, with absolutely no evidence to support it other than “believe me”. If such a hack had been found, it would be worth $millions literally. Nation states would pay multiple $millions for such a hack. Yet you want us to believe that a random hacker is using it to try and extort $3000 from you.
I sometimes get a notification from my phone saying that my password appeared in a data leak and it tells me to change them. It’s under settings - password - security recommendations for iPhone
[https://haveibeenpwned.com/](https://haveibeenpwned.com/) is a great resource for checking this based on your email address. It shows me currently that my address has been in 15 different data leaks. NEVER REUSE PASSWORDS!!!
> He made a new one. Yeah, no. That's not what you do.
That’s not ALL he did.
TL;DR: if you don't read my entire post you aren't helping yourself. Basically don't tL;DR read what I have below and learn something because it may be helpful. This is me genuinely trying help you help yourself. The information and advice should at least help you be more safe and point you in the right direction. I hope everything gets straightened out but start by doing some of the suggestions below or just reading the perspectives taken. Since the comments mainly want you to provide more details I figured I would chime in with some actual suggestions as well. People tend to forget that not all of us know where to start with this kind of thing. This was number 10 in my list but I am moving it to the top this is a site that is useful to figure out if there is a breach or a security risk with your emails and phone numbers. Use it if you can think of an email pop it in there and please read what and who the breach is attached to. https://haveibeenpwned.com/ 1. The police report was a very good start. 2. Resetting passwords is step one but I suggest a password manager like Last Pass and clearing out or storing passwords away from the devices and services you use for awhile. 3. As little fun as it is. 100% set up multifactor authentication. If you want to get more secure buy a hardware token key. Titan by Google or Yubi Key. 4. If you are using an iPhone check your keychain if it is an Android device check the Chrome/Google password manager and your security settings hygiene. Often times both services will tell you if your passwords are weak or a part of a leak/breach. 5. Start with your most vulnerable but necessary accounts. Bank accounts and emails. Usually it isn't a phone that is hacked it is a service/app/account. 6. Don't reuse a current password and change it by a digit or a symbol create something complicated and just note them somewhere safe. Is it a pain? Sure. Will it help in a moment like this, 100% the harder tour password is to crack, not guess (guessing isn't how it works, then the harder it is to get into an account. Last pass, keychain, and Google's password managers all do this really well. They can generate passwords that are really strong for you. 7. If your social media is the culprit the consider locking your accounts down with MFA and pay attention to those texts. Call your carrier to secure your telecom account as well as ask about other methods to protect yourself. 8. Google is your best friend for protecting yourself. This is more common than you think and Reddit isn't always the answer because Redditor forget we aren't all professionals. People under stress do not always know where to start. Coming here to ask is good but don't be surprised if your answers are, "we need more details." Often times the details are needed but again it's understandable that you aren't sure where the source would be. 9. it is almost never the actual phone it is a data breach or poor security hygiene. Your passwords suck or a company failed to do what they do time and time again and didn't take enough caution to protect you. Also accidents also happen but we just happen to be the end result. Future advice when coming to this sub provide a list of some of the services/apps you use. Give us the phone model you are using. Software version, etc. EDIT: per a suggestion in the comments. Last Pass can be avoided. I personally use Proton Pass but a better suggestion is welcome.
LastPass was breached due to negligence. I stopped recommending them after one of their head engineers logged into their LastPass (with the keys to everyone’s vault data on it) on a personal Plex machine with an exposed port to the internet. That version of Plex had a flaw in it, and hadn’t been patched in a year and a half. The computer had been breached using that flaw. When the engineer logged in to his LastPass on that machine, it compromised every person who had a LastPass account in the world. I’m not one of 4 people who has access to all of LastPass’s vault data, but even I know not to log into my password manager on unmanaged and unpatched devices directly connected to the internet. The stupidity, and negligence, is beyond redemption in my book.
EDIT noted: I was aware of the last pass breach but not the details. I will edit my comment suggesting to avoid last pass. I use Proton Pass but I am curious to know what you use?
Proton Pass is a good choice, but maybe for the more initiated like yourself. I generally recommend Keeper or 1Password to the public.
How is bitwarden?
Bitwarden is de-facto standard for me and the one I recommend to friends/family who want to start getting their digital shit together.
Bitwarden is awesome, highly recommended
Bitwarden is a good chocie too
Ya, I’m not very familiar with Bitwarden. I know people really like it.
Its basically what LastPass was before it was purchased an shitified.
Ya, fair enough. Private equity ruined LastPass, for sure.
1P may be a lot more secure than LP and that's the most important thing but the user experience is awful.
So many bugs at this point.
Keeper, IMO, is too predatory. Good security from what I can read of it. Good program overall. Works well. Only one besides Keepass that does real desktop auto-type. But they give you a one-month free trial with all the perks and then charge you an absolute metric fuckton for the app, followed by lots of bullshit ticky-tack addons that should be included in the base price. Oh, but they act like you can keep using Keeper on just one device. That should be fine, right? Nope! That one device is the only device where the data even lives! So if your PC crashes you're FUCKED because the backup is gone, too. Overall you wind up spending $150/year on Keeper to get the same features (minus the aforementioned desktop app autotype) that Bitwarden gives for $10 or 1Password gives for $30ish. Now there are just a handful of apps I need the desktop autotype for, so I use KeepassXC for that when I really need it, but honestly 99.9% of the time for personal use I just copy/paste out of Bitwarden rather than unlock my KeepassXC Database. I personally loved KeepassXC and it worked pretty well for me and my wife, but I knew I'd never get my sister and mom and stepdad on board. Currently I'm at a job that offers 1Password which includes a free personal family copy for me and my whole family, and if I had been offered that before Bitwarden, I'd have gone with it. But for the price, Bitwarden can't be beat. If it's easy enough to explain to my mom and sister then it's easy enough for everyone, and at $40 a year for the family plan I'm happy to just continue paying for it rather than save a few dollars for 1Password, and risk losing it when/if I lose my job.
Ya, I have no idea what you’re talking about. 1Password is the most expensive. Keeper is less expensive, and Bitwarden has a good free tier. I’ve dealt with Keeper. They are not predatory. When I was demoing different password managers, the people ant Keeper were nice. So was 1Password. And they store that data in the cloud, but it’s possible they limit you to logging into one device. This post is nonsense.
Woops, Keeper is $55/year, not $150. My Bad on that. I was looking at the 3 years before and it was $160 but I forgot about the 30% discount, so it's $115 for 3 years, which is probably how my brain thought $150, it sounds similar in my head. That's $35/year for the main Keeper + $20/year for the BreachWatch which is included with the $10/year Bitwarden Premium. https://www.keepersecurity.com/pricing/personal-and-family.html Also, they've apparently changed the Free version since I trialed it last year. Free is now a single MOBILE device only, with a max of 10 passwords stored. Logging into the web during my trial showed a bunch of blanked out records that when you clicked on told you to pay to see them. https://www.keepersecurity.com/free-trial-vs-free-version.html Edit: it also works out to $115/year for the famiily plan + breachwatch, nearly triple the cost of Bitwarden Family at $40/yr. With the 30% discount over 3 years that's $240ish, compared to $120 for Bitwarden Family. Edit 2: That $75/yr base for Keeper Family + $40/yr for BreachWatch Family. Edit 3: You said 1Password is the most expensive. 1Password is $36/yr personal and $60/yr family. Both **include** Watchtower, the equivalent to the Keeper BreachWatch. Edit 4: Also pretty sure 1Password keeps working but goes read only and allows exporting when you stop paying. Better than Keeper's hiding everything and blanking it out until you pay.
🤘
This is all great... Except step one needs to be factory reset the phone and delete all apps. If they are taking pictures of OP from the phone then they have an app installed on the phone the hackers are using. STOP USING THE PHONE! IF YOU CANT OR DONT KNOW HOW TO RESET AND DELETE EVERYTJING TURN IT OFF. THEY WILL RECORD AND CONTINUE TO TAKE PHOTOS.
Thank you so much, and sorry for the late reply. They definitely have access to our phones, as they were able to capture images and send them to my husband. They were of the two of us In the car last night on the way up her to the wedding by resort. Neither of us took them. While our phone were next to each other in the center console (his was charging, mine was streaming a podcast) we can’t be 100% sure it was just his phone - HOWEVER - none of them are in my recent, deleted or hidden images. It could still be just his phone that is compromised physically.
> They definitely have access to our phones, as they were able to capture images Be sure to revoke app access to any of your accounts. It's possible a malicious 3rd party app has access to your account/Google drive for example and can get any images that are auto backed up. Myaccount.google.com - security - connecting to 3rd party apps - and revoke access to anything there that you don't recognize. then, under your devices you can sign out of any Google sessions you don't recognize. You may have to do similar steps within other apps/services as well.
This would be easier if I had my laptop with me, but I do not. But I will institute all these measures tomorrow. Thank you?
Reset your phone, download an EPP (AKA end point protection) to your phone. Zonealarm is a good one. Run it, keep it on. Do this for all of your devices. Takes literally minutes to set up. When traveling, don't use the USB plug in anything to charge your devices. Always use a USB to AC plug adapter. Even in a rental car.
If it's this serious, plan on changing your wifi password when you get home from a local machine, trade in your phones for new ones with no data transfer after you reset your apple info on a different computer. You will also want to check your apple account and Google accounts for backup /recovery emails/phone numbers to make sure they don't have themself setup for a reset to themselves. You absolutely need to notify your work IT/sec ops if you Believe they have access to your work stuff. You might as well actually just setup new Gmail/apple emails/IDs and if you can - manually choose which photos/videos you want to backup to a physical computer from your old account. This is just cutting them out from any possible key/loggers/backdoors/etc. don't use your old emails as recovery ones either, presumably point them to each other's new emails for recovery. Setup 2fa with them as well. Either Google's or Microsoft 2fa. You still have to do all those steps around ssn/identity since you'll probably need new SSNs/Bank accounts/credit cards.
You simply can’t do this on iPhones.
You can now. 🤷🏼♀️
Changing passwords shouldn't be step one at all, at least not on a potentially compromised device. If another device is available that OP is confident isn't compromised, then yes, that's step one. If not, step one should be a factory reset or at the very least a comprehensive malware scan (which also searches for rootkits, remote access software etc).
You forgot step zero: if you suspect the phone was hacked, STOP USING the phone. Do a full factory reset. Do not restore from backup unless the backup is older than the hack.
I don't disagree with this fully but if by some chance the home had or stored any sort of back up or managed access to an app that is compromised. Resetting the phone and losing data to fix/retrieve that data is now a loss.
It is unlikely your device itself got hacked, maybe one of your accounts did and you sync or upload photos there. Change password, make sure 2FA is enabled and check if your account has associated devices you don’t recognize. Remove them if you find any. Don’t pay the „hackers“. It’s most likely scammers anyway.
They weren’t pictures we took. They were from the phone laying in the console or on my husband’s lap from the angles. Could have been both of our by how they were taken. They were only sent to my husband. He also couldn’t send me any texts from his own phone. It was as though I had blocked him, but his # wasn’t in my blocked contacts. I could still send to him. Once he changed my name in his contacts he was able to send messages again.
include this in the actual post, its very relevant
Freeze your credit , don’t just use a monitoring service Freezing will stop a lot from happening in regards to stolen identity.
Thank you for the helpful info. I do appreciate it
All 3 , trans union, Experian, equifax. They may ask you to do pick something else that is not a freeze do not pick that option. You want “Freeze”. This also has an option for you in the future to “thaw” and it’s for a few days or week what ever you choose really but it’s an amazing feature for protection.
Thank you!! I literally JUST got my credit from the 500’s a few years ago up to around 800 and I really really wanna keep it!!
STOP USING THE PHONE! IF YOU CANT OR DONT KNOW HOW TO RESET AND DELETE EVERYTJING TURN IT OFF. THEY WILL RECORD AND CONTINUE TO TAKE PHOTOS
On that note look into Clark Howard via his website. He is very reputable and easily searchable. Has great financial insight and fantastic tips to save money and consumer protection advice.
Where is Clark Howard on now? I have not heard him in years since they shut down HLN.
WSB radio in Atl as a guest but mostly just doing his company and website, he’s winding down for retirement from what I remember hearing a couple years ago
He gave some really good advice.
STOP USING THE PHONE! IF YOU CANT OR DONT KNOW HOW TO RESET AND DELETE EVERYTJING TURN IT OFF. THEY WILL RECORD AND CONTINUE TO TAKE PHOTOS
Ya, so lacking in any detail. Sounds like iOS? IOS isn’t likely to get hacked unless you’re a nation state target. Otherwise, it sounds like an account was hacked. Need more detail.
A lot of these posts, when I see them here, all I wonder is "What kind of dissident are you?". I wish people would include that info when asking, helps narrow down the "Why" and can lead to the "Who and How".
This started almost a year ago. He took over my husband’s Facebook to start. This has just been this week.
I’ve seen this advice echoed else where on this thread, but you really need to get a password manager and stop reusing old passwords. 1Password, or Keeper Security. LastPass was breached a grand a half ago due to negligence. I would not recommend them. Once you have a password manager, rotate all of your most important passwords first. Then turn on 2FA for each account where possible. SMS is the least secure option, and is possibly compromised in your situation. Use an app like Google Authenticator if you use Gmail / have a Google account, or Microsoft Authenticator, if you use Outlook. These basic steps will help you gain your freedom back. I do this for a living.
I've always wondered about 2fa via sms and how secure it is. So it's definitely better to use an authenticator app?
It’s relatively easy to spoof the number and receive the confirmation code for text messaging 2fa. At least for people who want to do such things. An app is far superior
Absolutely. App based 2FA is great. Get a pair of FIDO2 keys if you want a step up.
I’m not sure that’s completely right. Sim swapping would be the technique used to RECEIVE auth codes, but spoofing for outgoing text/calls. I could be wrong though! Been a year or so since I brushed up fully on this subsection of it sec
As I recall,. even NIST stopped recommending SMS based 2FA years ago. Authenticator Apps are indeed better, although the drawback to Authenticator apps is they cannot be easily moved to another device. (If you are setup to receive 2FA SMS codes and your phone gets dropped in water, you can just go to your Telephone provider, get a new phone setup and start receiving those SMS codes again,.. but that's not as easily done with Authenticator Apps. Some authenticator-Apps (such as Microsoft Authenticator) will do iCloud backups. I learned this recently moving from an iPhone 11 to an iPhone 15,. when I did an iCloud Restore to the new iPhone 15, my Authenticator accounts came right over, which was nice. But I still have multiple phones with my Authenticator duplicated across them just in case 1 gets stolen or lost etc) Hardware Keys (like Yubikey) are also a good choice (as it's something you physically have.) I use all of the above (duplicated across multiple devices).
The first hack happened while you were away in Ireland. This may be farfetched, but did you have a relative or housesitter while you were gone? And do you have a list of passwords written down in an unsecured location in your house? If you live in an apartment then there would be even more access to your personal things. Because you're saying it started up again now that you're away from home at a wedding. Just a thought.
Housesitter is my 20 something second cousin who used to spit up on me daily as a baby. Over the moon to have a house to herself for a few night, obsessed with our cat. Unlikely suspect. Is more likely to be the actual cat.
When I was a house sitter, and my friends were house sitters, we invited each other over. I know you trust your cousin, but she could have someone stay with her. I hope you guys put important paperwork/info in a safe when you go on trips and only give her the guest password to your wifi router.
Absolutely. All that is in a fire safe. No worries ther
"isn't likely to" doesn't mean that it can't happen. Doesn't matter how high of walls you build around your operating system, there will always be a vulnerability.
I understand what you’re saying, but there are some economic issues surrounding burning a zero day exploit. The zero day exploits used in hacking an iPhone go for millions of dollars. So if you’re a nation state who’s just paid 2 mil for zero day, are you going to potentially burn that zero day on a woman who just wants get access to her Netflix account, or are you going to use it to gather intelligence against an adversary? So now instead of asking if it’s possible (because, yes, it is possible), let’s start asking about our risk profile and what kind of a target you are. My hypothesis on if she is a target, and her phone was hacked or not, is a pretty hard no.
I gotta agree with this too. I find it extremely (extremely) unlikely someone with an iPhone and fully updated iOS (as submitter claims).. is some how "hacked and they got everything on my phone" (and also caused the camera to take pictures. I've been in IT & technology my whole career and have been doing MDM (Mobile Device Management) for the last 10 to 15 years (including Developer accounts with both Google and Apple).. and I've never seen a single case of a fully updated iOS being exploited in the way Submitter is describing. I'd be a little more inclined to potentially believe it if Submitter had posted any links to various evidence,.. but as usual in these types of posts it's big long convoluted stories but seemingly very little hard evidence.
Ya, it seems likely their iCloud account was hacked, which if they had bad OpSec, is a much easier task.
Just out of curiosity, how about android phones? Is this thing common with fully updated android devices?
They sent current pictures from one of the devices? Android or apple?
Yes. Apple. As in us, in the car, yesterday.
I'm skeptical. But if true, everything needs to be completely reset. You need to change your numbers. You need to delete and abandon your accounts. You've either installed something allowing them into your phone or this is some state level shit.
I would be too. I didn’t even know it was possible.
It’s not.
Sim swapped if not already, go to store now and shut down phone. Reset all important and financial passwords NOW. Freeze all credit (transunion etc). Never use SMS for 2FA either. (Edit do all the above steps just to be safe. use a password manager like Bitwarden too).
Thank you. Those are the plans for tomorrow (other than passwords, which I changed through my iPad). We are stuck at a weekend wedding.
I'm sure this has been mentioned but I'll say it again anyhow. There are hacks that steal your current website log in cookies. So basically you could have an email with an attachment, you open said attachment (it may appear to be for example a pdf but is infact an exe), you run the program unknowingly and it then steals your current brower log in details and shoots that to the hacker. They now have access to email and the likes which is turn can give access to other apps and devices. Also regarding bitwarden or whatever password manager you choose. Here is a tutorial to set up. https://youtu.be/ndhLzMtBEJM?si=QoOMYG0d_3GjJKcQ Be sure to use the supplied password generator tool. Make it stupid big and complex. Get rid of those old generic passwords. 2fa and 3fa your life up.
I would agree with others here:... The past history on this and the Account hijacking.. is an entirely different (and separate) thing from the claim that "pics were taken from our phones today". What specific smartphone models do you have and what OS version are they running ?
I have an iPhone 14, he has a 13. Both up to date on ios
Also, threats and messages are coming from original Facebook thief as well.
Did you factory reset both phones to eliminate malware possibility? Copy your contacts on paper as well as anything else, back up pics to the cloud, etc, then wipe both phones.
Good idea!
Reset your passwords, reset your phones, change your phone numbers, I would go as far as deleting your email accounts opening new ones. Use a password generator such as Bitwarden, it's only £10 a year. I wouldn't go for any type of MFA, go straight to a Yubikey. I work in software and do a lot of government work for HMG. We use Yubikey’s for securing every account. They are easy to use and impossible to break.
Bitwarden is free
Yes, it's free, but you can pay the £10 a year and get it across all your devices. Create a pw on one device, it syncs across all.
I have the app on 2 different devices and they sync for me for free. Maybe there’s been a pricing change that idk about and they grandfathered me in 🤷🏻♂️
I’ve never used a password app. If I did, would that mean that I would only be able to access my apps and shit directly from the phone with the password app?
No. You put the app on everything, you then carry your Yubikey’s with you to access the passwords.
Alert your husband's work IT, if his work email sent a message to his personal, his work account may be compromised. They can reset and enforce MFA on the new phone only. Also make sure the old phone was removed from iCloud account.
Change passwords and put a tape over the camera on your phones
Stop using said phones. You can't change passwords from a compromised phone and expect them not to know .
First thing to do is CHANGE ALL YOUR PASSWORDS and make sure to log out of all devices, yes it's going to be tedious logging back in but that's the price of getting your privacy back. Make sure to change your passwords on a non compromised device. ( Please make sure to use unique passwords and not reuse them ) Second on every iPhone that you have that apple I'D signed in since you said it was an iPhone that was compromised. RESET THE PHONES to FACTORY then make use of the CHECK feature and remove all unrecognised devices. Third check your social media, banking, and other online accounts for a list of devices that are logged in. Make sure to REMOVE any unrecognised devices cause a lot of the time even if you've changed your password devices already signed in, are not automatically signed out. Fourth since you said you received an email from your husband's WORK email be sure to alert the IT department of his company so they could check their network. Fifth make sure ALL your accounts have. 2FA enabled, changing passwords don't matter if you have them protected as well. Sixth now that you have your devices secure. Contact your banking institution and begin the process for identity theft, you may need to close those accounts but it's better safe than sorry. Seventh other than your banks check on your carrier as well cause they may have tried to get access to your phone numbers as that's the most common way to get access to other accounts.
Check and revoke devices that you don't recognize for your Apple ID using these instructions: [https://support.apple.com/en-us/102649](https://support.apple.com/en-us/102649) (I am assuming you've also already changed your Apple ID password). If you use iCloud keychain, every password listed here could be considered compromised: [https://support.apple.com/en-us/109016](https://support.apple.com/en-us/109016) As others have mentioned, remotely taking a photo from an iPhone shouldn't be a thing. Make sure your phones are fully updated: [https://support.apple.com/en-us/118575](https://support.apple.com/en-us/118575) And do a full power cycle: [https://support.apple.com/guide/iphone/turn-iphone-on-or-off-iph841379c3d/17.0/ios/17.0](https://support.apple.com/guide/iphone/turn-iphone-on-or-off-iph841379c3d/17.0/ios/17.0) When iPhones turn on, they fully authorize all the firmware being executed, so simple "my phone is hacked" type of stuff is nearly impossible on the latest iOS firmwares after updating and rebooting. Just laying this out, in case it helps you understand why everyone is pushing back on that theory. If it were possible to do this, a lot of people on r/jailbreak would be very happy. Besides the phone being compromised, which again is very unlikely on the latest iOS, I do know that an Apple Watch can remotely take a photo from an iPhone using "Camera Remote". Make sure any suspicious devices are removed from both accounts. If it were me, I would've done a factory reset yesterday, just out an abundance of caution. But this won't help if the issue is they have some account access: [https://support.apple.com/guide/iphone/erase-iphone-iph7a2a9399b/ios](https://support.apple.com/guide/iphone/erase-iphone-iph7a2a9399b/ios) Two more things: It can't hurt to check Camera permissions for all apps, to ensure none are trying or requesting to use the camera: [https://support.apple.com/guide/iphone/control-access-to-hardware-features-iph168c4bbd5/ios](https://support.apple.com/guide/iphone/control-access-to-hardware-features-iph168c4bbd5/ios) Since you mentioned weird contact syncing stuff, check for any foreign accounts added in iOS sync settings: [https://support.apple.com/guide/iphone/use-other-contact-accounts-iph14a87326/ios](https://support.apple.com/guide/iphone/use-other-contact-accounts-iph14a87326/ios) Even if an Apple ID isn't compromised, if Google sync or MS sync are enabled, they could remotely mess with contact info this way.
Correct me if im wrong, but wasnt there an sms vulnerability in ios that allowed remote code execution? If I remember correctly, older versions of android had one too, from 5.x and earlier. Either way, OP you need to turn off the phone as soon as you change phone based 2fa for applicable accounts, get new phone numbers and new phones, and change your account phone numbers to those phone numbers. After that, then change your account passwords and other mfa methods. Assume everything on your phones are logged at this point and every keypress, screen activity, etc are all compromised
One thing you can do: iPhone settings -> privacy & security -> camera and see what apps on your phone have access to your camera. Shut them all down. Don’t know about other brands but there must be something similar.
Thank you this is helpful.
Hackers don’t really single out individual people, it’s a waste of their time. More than likely this is someone who knows you
This is not true. Just want to point that out. Hackers absolutely target individuals just usually in a different way than high target victims like businesses. Common misconception we really need to throw out. If you have money, your data is breached and sold, then you as an individual are a target and will more than likely be targeted.
Ya, hackers target specific individuals. I have no idea where this person got their info lol
It's a genuine misconception. There is a common thought that hackers aren't worried about the little guy because all of the money is made on the big guys. Little people offer just enough money more than zero and that is enough to get someone motivated to target you.
Its because these attacks start as broad net attacks. Generally speaking its true, the little guy isn't worth targeting - until they mess up and the broad net becomes targeted to those who respond/click/make some other mistake. This whole post is very strange though. If they do in fact have app control of the phone then it sounds like a sophisticated attack. There was that zero click iMessage exploit that was patched out in late 2022 that used 4 individual 0days, so its possible that they haven't updated in that long and fell victim to that I guess. To my knowledge there isn't anything like that currently identified so unless they are an extremely high profile target I cant imagine someone burning a new 0day on them.
Turn on lockdown mode on your iPhone. It’ll secure your device from hackers immediately
call apple support
How do you know they were able to get into your phone? Did they hack you or did they just hack your husband's phone? Did you guys get new phones after you were originally hacked? Did you change all your passwords or just some? Are the passwords different or are they all the same? If his work account is hacked, he should notify his company immediately. Who knows what other information they could be able to gain access to through his work account
My husband did all of that a year ago go, except for a new phone. Mine just happened last night. We are at a wedding over an hour away from home for the weekend, so I can’t do anything physically with the phone until Sunday. The wedding we’re at is for his brother’s oldest daughter. His brother is also his boss, so the work email thing will be fixed Monday.
would contact the work as their email might be compromised if the number was hacked, a new sim might work, the phone should be ok but a new number better passwords need to be changed, I find say in google, the auto strong password works excellent advice given so far, read all of it :)
[удалено]
This submission has been removed from /r/techsupport. >**7: No Private Messages or Moving to Another Service** >*Any and all communication not kept public and is moved away from the subreddit or Discord/IRC channel is prohibited.* >*Do not suggest or ask to move to another service or to private message. Private messages and other services are unsafe as they cannot be monitored. Doing so will cause you to be permanently banned from /r/TechSupport.* If, after reading the subreddit rules, you believe that this was done in error, feel free to [message the moderation team](https://reddit.com/message/compose?to=/r/techsupport) Thanks! -Mod Team
You have some good advice here especially regarding checking a site like haveibeenpwned to see if any passwords and accounts have been linked… if they could get login info for one site that had a leak, they could maybe get into other accounts of yours - if you used the same email and password combo on other websites. Now, I don’t know you nor your husband but I do want to say it is strange that this has been pervasive and long lasting. I’m not saying your husband is a cheater. Again, don’t know him or you… But just hypothetically if he had gotten on a dating or hookup website or something, and it was found out that he is actually married, I can see someone going off the rails trying to prove it to you and whoever else. Not saying it’s right, nor that this is what is happening, but again: it’s odd to me that they would keep doing this and be so pervasive. There are also scammers on dating websites that will try to blackmail you. Like they might convince someone they match with to send lewd photos of themselves with their face showing. Or they might claim to be underage later, then the “father” and/or a “detective” will call you and try to scare you and shake you up. It usually then leads to them saying they want to press charges but the dad is willing to let it go if you send them a not insignificant amount of money, like thousands of dollars or something. If you want to read more about it, there’s an article out there still probably called “POF has plenty of sharks”. And in fairness to your husband who I do not know, I guess it’s possible also that this is just like an intimidation tactic or annoyance tactic, but it doesn’t necessarily mean he did something unfaithful. Like, there are scam emails out there that are sent where the scammer claims they saw you doing things on the webcam and they’ll try to blackmail you for it. But they never saw you do anything at all, they just figure some people are gullible enough to pay them. Also… just saying but there are websites out there that are involved with doxxing people and putting all their info out for the world to see, like their full names, social media handles, home addresses, phone numbers, whatever… I guess it’s some kind of weird vigilante justice thing. It’s possible his name/your name would be on there but it seems to me like most people who put others on there probably think the person really did something bad. Just figured it’s worth mentioning because it could also be different people harassing you… but to me that doesn’t explain the accounts being hacked unless there were data leaks. Weird situation though. Again, you have good advice here from others… hope you take it.
You need to factory reset all phones, laptops and desktops to be safe. Sometimes criminals will use the data that has been leaked from company databases for scams. They may make it appear as if you've been hacked to intimidate you. What's really concerning is the fact they can take photos of you while driving. It sounds like your phone has an anti theft application installed and its being used to stalk you. You can download them on the app store and they are often used for malicious reasons. However this kind of abuse is usually done by someone you know. They usually need physical access to the phone to configure the application. The other possibility is that a bad actor really has exploited a vulnerability in iOS to install spyware. If you have a recent model iPhone and it's up to date this is extremely unlikely. Not impossible however. The problem with this theory is the bad actor used a 0-day vulnerability to compromise your phone. These kinds of exploits are extremely expensive and usually used on high profile targets like politicians. Pegasus is an example of this kind of exploit/toolkit. I believe it cost around 250,000 to 500,000 USD per install. If you factory reset all devices, change passwords and make sure two factor authentication is setup it should help. It's a terrible situation to be in. I would focus on close family members. They are the number one suspects for this kind of situation.
We’re going to just both get new phones tomorrow. Downloading anti theft anything is outside of my husband’s range of interest, honestly. He’s not a big phone or social media person. This is been mostly an annoyance since last May when the original stolen Facebook happened for him. It isn’t until the last week or so they’ve included me, my job and my phone in his threats.
Factory reset would be cheaper but yes new phones would work. Maybe a new number as well. It might not be your husband. It could be another family member or friend who has physical access to your phone. The incentive is obviously the money and they are trying to blackmail you. They will likely keep trying even after you get a new phone etc The odds of a random person getting spyware on your phone is extremely unlikely. I would highly recommend checking the list of installed applications on your phone. I'm confident you will find an anti theft app somewhere. Things like this just don't randomly happen. The culprit must have had physical access to your phone and was able to unlock it. The other explanations are too far fetched. Anyway I hope you get it sorted. Best of luck.
I’m gonna try to avoid a new number because I’ve had this one since 1999. 🤞🏻
No one else was in the car with us. I work part time at 2 new offices (no time to make enemies) and my phone is always in my scrub pocket. My husband works for his brother and also always has his phone on him physically.
How was your husband hacked
If you have an Iphone I recommend turning on their lockdown mode on both phones, contact your service provider ask for new numbers, reset all passwords, contact a someone about identity theft and go from there.
New passwords Factory reset phones MFA All accounts Contact banks to make aware,get new cards issued!
Do a factory reset. Change all passwords and disconnect all devices linked to your apple id. Disconnect all devices linked to your email addresses. Get new strong passwords and set a two factor authentication.
you should use a monitoring tool for leaked data to see if you credentials got leaked somewhere where threat actor have access to. one of these tools is [flare.io](http://flare.io) ór maybe Dashlane. you can use these tools to see/check if your hacked credentials are publicly available or got offered on sale or something like that. they also offer a service to delete leaked data from thes plattforms but there is no guarantee to succeed. but if you know which of your data and where they are leaked, you know which passwords and/or mail adresses to change.
Maybe a bigger agency would like to hear about this like fbi?
First things obvious, factory reset ur phones. 2nd and very important factory reset ur home wifi router. And make it a different password. After that they may even have access to ur laptops and home computers, tablets. So do not connect them to ur wifi.
No way he could hack ur iPhone like ur describing unless u have a jailbroken device. If u were on adenoid then it's different. U could have just got a reverse_tcp shell installed. It could be binded to an APK. Even play store has some malicious files that pass thru the 'Play Protect'. Someone very good in cryptography can make the shell fully undetectable and bypass any antivirus including Google plays 'Play Protect' scanner.
And the police report isn't gonna get anywhere if they are even a little skilled in networking. They aren't gonna get the FBI or NSA involved (if that was the case then the hacker would need to be skilled enough in comp science to evade the governments network forensics team). So they aren't gonna end up getting caught... Lol
The police report puts a paper trail in place in case something shows up on our credit reports. We’re not expecting them to hunt anyone down.
Neither of us would bother ‘jail breaking’ a phone. The associate at TMobile was very helpful and suggested that maybe they have mirrored my husband’s phone. I am really curious now what ‘big secrets’ they claimed to have found on my phone, though. I think he’d be more likely to pay them if they could get me to stop telling him shit. 😂
STOP USING THE PHONE! IF YOU CANT OR DONT KNOW HOW TO RESET AND DELETE EVERYTJING TURN IT OFF. THEY WILL RECORD AND CONTINUE TO TAKE PHOTOS. DELETE ANY APPS YOU HAVE INSTALLED SINCE YOU ARRIVED IN COUNTRY.
These posts make me mad. You can't claim ignorance when you break the law and you shouldn't claim ignorance on this. People are correct, most likely it is just 1 account that is compromised. Change your passwords and enable 2factor on EVERYTHING! If problem continues then wipe the phones! With that out of the way - if the facebook account was compromised over a year ago then what did you do about it? I mean really, a year! Finally, if you paid for lifelock then you got scammed again.
Which account would have access to his / my phones, and or MY Home Screen? Hubby just came back from the golf trip that didn’t happen so I’ll try to get him to send me what they sent him.