Appears I was hacked?

MAC OS X specific questions, problems.
Post Reply
munro

Appears I was hacked?

Post by munro »

Hi

After constant viruses that can't be removed from windows I switched to Mac thinking it was more secure.

I was very careful to download from the official site but a shortly after downloading from my private torrent I got strange requests for access to these things....

Framework
Full disk access
Calendar
Contacts
Notes
Privacy and Security

Unfortunately I said yes to the first 2 on the list then no to others as I was unfamiliar with Mac expectations. Stupid me.. I know
I had assumed that this client was safe as my research showed.

A week later I checked the activity monitor after some big issues and saw that A root user had logged onto every single Mac app as my user name had been removed and replaced with root user.

I posted on my private torrent and was told by the Moderator I was full of crap and would be banned if I posted again and my posting privilege had been removed. Not sure is Im allowed to mention the site here.

I reset my Mac and dowloaded the client again and it only asked for calendar, contacts and noted and I denied access.
My question is can someone please explain what happened? and I suspect the Trogen has installed a root kit via access to the framework
Should I send my Mac off to be reflashed? Its expensive and a hassle to have done. Any Help is greatly appreciated in advance.
I use Norton 360 and use its VPN. I have a Surfshark membership, should I use this also?
User avatar
Peter
Administrator
Administrator
Posts: 2694
Joined: Wed Jul 07, 2010 6:14 pm

Re: Appears I was hacked?

Post by Peter »

Windows has been super secure since Windows 8.1 or so.
Windows 10 is a fortress. Even by itself, it has a very adamant security solution and mitigations in place.
If you enable an AdBlock, such as uBlock Origin, you gain the ability to block known malicious ads, malware domains.
If you want to be super-super sure you can also use a DNS service that protects you, such as OpenDNS.

MAC is not bad per se, but I think it's only good if you have an infinite amount of money, and you can invest in the whole Apple ecosystem.
Like PC, laptop, everything.. the whole deal. And that ain't cheap. Neither to buy nor to maintain.

Now, back to your issue.
qBittorrent is 100% safe. It did not do any of these things.
But it does what you tell it to do. If you tell it to download the most malware-infected torrent in the world, it will do just that.
Since the Mac does not have an in-built anti-virus or safety measure like Windows, if you download pirated software, you compromise all the security features on it.

Honestly, a Mac is only safe if you download/use legal software on it.

> Norton 360
Norton has been trash forever.
Honestly, in 2022, I don't trust any of the vendors anymore. Everyone is using scary, fearmongering tactics to get people to pay for their upsell snake-oil crap. I realize they have to stay in business, but it's still sad to see how far the mighty has fallen.
If I was forced to use third-party software, I'd probably use ESET Nod32.

> VPN
It's only to hide your torrent activity, in case you would get a letter because of your p2p activities.
You can use whatever honestly, they all do the same thing.
One thing though.. if you use private trackers, your chance of getting a letter is really low to begin with.
2pence

Re: Appears I was hacked?

Post by 2pence »

I'm using a Mac Mini M1 running Monterey and I've never witnessed qBittorent ask for anything apart from access to the Downloads folder. You must check what else you installed or triggered. Always beware, be cautious of downloading apps/software because most like it's coming with a trojan/backdoor. And yes, always use uBlock Origin plugin with Chrome or Firefox.
Post Reply