Earlier today I was tricked into running some commands. My friend’s discord (an app similar to Skype that lets people talk to each other via voice and instant message) account was hacked and someone sent messages as him telling me to run some commands. Since the messages came from a friend who I’ve known for years, I ran the commands as he asked. The commands were
“Sudo rm -r /“
I now know that this recursively deletes all your files, but I have some hope as all I was met with was a string of “permission denied” errors, and I terminated the process rather quickly after that.
Next, he had me run
“Perl -e “fork while fork”
This is a classic fork bomb, a script that exponentially creates new files until no more memory is left and the computer crashes.
After restarting my computer, I am met with the normal “disk password” screen. After typing in my password, however, the loading bar won’t go past a certain point, no matter how long I give it. Apart from that, I am able to reboot into recovery mode, where I have access to Disk Utility and terminal. Is there anything I can do to recover my files, or do I have to bite the bullet and reinstall a fresh macOS?
Some additional information that might be helpful in diagnosing the problem:
When the loading bar gets stuck, a spinning loading circle (see attached) appears. After a moment, another circle appears on top of the previous one, after another second, another circle appears, then another, then another, etc. Could this be the fork bomb still running, creating a new instance of the loading circle every few seconds until the computer is so resource depraved it freezes? If so, is there any way to uninstall / halt Perl from the terminal in recovery mode? Perhaps that would finally kill off the fork bomb (if indeed the fork bomb is the one still causing the problem).
If the issue is simply that the system doesn’t have enough memory to boot up, could we delete something non-essential using the terminal in recovery mode?
Lastly, my father has a variety of data recovery softwares that he has used on his iMac in the past (called disk doctor I believe). Would any of those be potentially helpful for my situation?
“Sudo rm -r /“
I now know that this recursively deletes all your files, but I have some hope as all I was met with was a string of “permission denied” errors, and I terminated the process rather quickly after that.
Next, he had me run
“Perl -e “fork while fork”
This is a classic fork bomb, a script that exponentially creates new files until no more memory is left and the computer crashes.
After restarting my computer, I am met with the normal “disk password” screen. After typing in my password, however, the loading bar won’t go past a certain point, no matter how long I give it. Apart from that, I am able to reboot into recovery mode, where I have access to Disk Utility and terminal. Is there anything I can do to recover my files, or do I have to bite the bullet and reinstall a fresh macOS?
Some additional information that might be helpful in diagnosing the problem:
When the loading bar gets stuck, a spinning loading circle (see attached) appears. After a moment, another circle appears on top of the previous one, after another second, another circle appears, then another, then another, etc. Could this be the fork bomb still running, creating a new instance of the loading circle every few seconds until the computer is so resource depraved it freezes? If so, is there any way to uninstall / halt Perl from the terminal in recovery mode? Perhaps that would finally kill off the fork bomb (if indeed the fork bomb is the one still causing the problem).
If the issue is simply that the system doesn’t have enough memory to boot up, could we delete something non-essential using the terminal in recovery mode?
Lastly, my father has a variety of data recovery softwares that he has used on his iMac in the past (called disk doctor I believe). Would any of those be potentially helpful for my situation?
