I see faint traces of another mouse cursor. Hacked??

[theramajor]

I'm on a MacBook Pro connected to a docking station. I've got dual monitors and a fresh install of the latest MacOS, no TimeMachine backup.

Sometimes I'll see a faint trace of another mouse or a faint screen screen for just a second and it disappears.

Does this mean I'm hacked?

 

[EmmEff]

How on earth do you come to the conclusion this has anything to do with being hacked?

Does it happen with no external monitors connected?

Did you check your cable connections to make sure they’re snug?

 

[theramajor]

How on earth do you come to the conclusion this has anything to do with being hacked?

Does it happen with no external monitors connected?

Did you check your cable connections to make sure they’re snug?

Because I had someone building a VoIP PBX server for me, they asked to remote in w/ TeamViewer and said it didn't work. I told them I want some voicemails left by callers to go to my email. He told me he needed a google account to authenticate the emails and asked me to verify a code in my google authenticator app.

He's on a linux and noticed he switched back the modifier keys. Oh and he also got into my investing account and changed a phone number.

I would get a weird popup on my Mac saying "Pasting from authenticator app"

 

[theramajor]

How on earth do you come to the conclusion this has anything to do with being hacked?

Does it happen with no external monitors connected?

Did you check your cable connections to make sure they’re snug?

Yeah, everything is snug. I mostly use the monitors and haven't seen it just on the Mac. I don't see what else it could be if its a fresh OS install

 

[rafark]

No idea but you could try using the Mac without an internet connection just to see if you’re still getting the second mouse.

 

[mick2]

The traces you're seeing are not a sign that you've been hacked. Hacking doesnt work like that, outside of Hollywood.

The other stuff, however, is anyone's guess, and tbh sounds outside the scope of this forum. At the very least, I'd recommend changing your google etc passwords as a precaution and removing / securing Teamviewer if you still have it installed.

 

[theramajor]

My firewall tried to connect to fraudjs dot io wtf.....

 

[mick2]

...9 posts starting in June 2019...every single one speculating about a possible 'hack' of their Mac...ok, I think I see what's going on here...

 

[richmlow]

Because I had someone building a VoIP PBX server for me, they asked to remote in w/ TeamViewer and said it didn't work. I told them I want some voicemails left by callers to go to my email. He told me he needed a google account to authenticate the emails and asked me to verify a code in my google authenticator app.

He's on a linux and noticed he switched back the modifier keys. Oh and he also got into my investing account and changed a phone number.

I would get a weird popup on my Mac saying "Pasting from authenticator app"

Hello theramajor,


I don't mean to sound alarmist.....

If I were you, I would back up your critical data on your machine, reinitialize the hard drive / SSD, and reinstall a clean macOS. Then, have SOMEONE else set up your server for you.

There is no reason why someone should have "remote access" to your machine. Red flags which jump out at me include:

1. Someone accessing your investment accounts. THIS IS ESPECIALLY WORRISOME.
2. Weird popups: "Pasting from authenticator app."
3. Firewall trying to connect to fraudjs dot io

I'm being totally serious about this....no exaggeration!

Your situation is exactly the reason why NOBODY touches my computer system (except me).


Good luck.


richmlow