Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

iPad iPad Security on home network

K

Kathsr

macrumors regular
Original poster
Jan 21, 2019
109
61
Maryland
Without going into too much detail about how I know, my network has been breached remotely and so much strange stuff has gone on with my Macbook Pro over The last couple of years that I finally moved all my documents off of it and shut it down until I can upgrade it. It’s from 2011. I suspect a keylogger and unauthorized Remote Desktop access. I’ve run three different malware programs with no luck in finding anything And even wiped the hard drive and reinstalled everything. I’ve checked all the usual privacy features in my router. Someone is actually taking screenshots of my financial spreadsheets. In the meantime I’m using my iPad 6th generation to access the internet and print. How secure is my iPad screen and keyboard on the same network? I actually logged into my network yesterday and the site said someone else was already logged into my account. I live alone and no one else is supposed to have my login credentials. Any recommendations for a,router and modem? I have a 700 sq. ft. apt. and 8 devices, no gaming. Thanks for any and all input!
 
Last edited:
First step is to change your wifi security to WPA2 and password. Update the firmware of your existing router if possible.

Second, you can try going into your router's setting to see if all devices it is serving IP addresses are your devices. Check the mac addresses of the devices listed. This is to see if there's an actual intrusion into your network. Also disable any remote administering/access on your router.

Lastly, check all your devices connecting to your network to see if they're all secure. Are there any Windows laptops mistakenly configured to be a server? Do you have any apps like logmein/teamviewer mistakenly/unknowingly installed?

Last but not least, do not share your wifi password to anyone. I don't even share mine to guests. I created a separate wifi SSID for guests.
 
  • Like
Reactions: secretk
Thank you for the replies. I would never abandon my beloved MBP unless I had taken all the suggested steps, more than once. I don’t know if the problem is with the computer or network or both. The perpetrator now lives in another state but at one time had access to both. On Sunday I left a financial spreadsheet open on my MBP screen for about an hour and when I came back to it the sheet had blue page break lines on it that weren’t there before and the printer had an error message that said it couldn’t print because it wasn’t connected. I hadn’t been trying to print anything. Remote management is disabled. There is no setting in the MBP that would allow anyone access to any part of the computer or the network. If there is malware in the network changing the network name and password wouldn’t help, and it hasn’t. At this point I just want to make sure that what I type into my iPad and iPhone and what I print from them is 100% private. If I buy a new router and modem and type new credentials into my iPad will they be secure?
 
Last edited:
If there's an actual malware within one of your machines (you said you have 8 devices), then anything transmitted within the network can still be captured.

This is what I would do if I were in your shoes.
First, regardless, I would change the network password first. I would want the locks to my doors changed first (the network password). Secure the router first by disabling any remote access, changing the password and also the admin password, etc.

Second, I would take note all my devices' MAC addresses and IP addresses. I would then cross check these with what's on the router setting to see if there are any unknown devices attached to my network. If there's an extra unknown device that is not on my list, I would see if I can remove that device from my router. I would also try to refresh the DMCP server or reboot my router to refresh the assigned IP address. After the change in Wifi password, there shouldn't be any other foreign device connecting anymore.

Third, I would then check my devices one by one. If it's a computer (Mac or PC), I would start backing up my data, disconnect them from the network (eg turn off the wifi), and do a complete reformat and reinstall of the OS from scratch. Of course, some preparations would be needed (eg. downloading Windows 10 ISO, downloading full installer of macOS). But I'd do this to ensure whatever malware in those devices would be gone.

Fourth, can your printer do a direct wifi connection? If it can, you might be able to print straight from your iPad to the printer without even needing a router. Or, I would disconnect all devices from your network and only have your iPad and printer connected to the router.
 
  • Like
Reactions: secretk and ckoerner
What I gather is someone you used to live with has your passwords.

Change them, problem goes away. You should change your password periodically anyway. To KNOW someone has your password and not change it doesn't make sense.

My wife and I don't even share passwords. We know where to find the masters in the safe, but if there is no reason to EVER share a password.

It appears this is not a security problem at all.
 
  • Like
Reactions: hg.wells
Did you not read the part where a I said I changed my passwords several times and the problem persists? I’m sorry but I find your post quite condescending and insulting.
 
  • Haha
Reactions: Caviar_X
Kathsr said:
Did you not read the part where a I said I changed my passwords several times and the problem persists? I’m sorry but I find your post quite condescending and insulting.
Click to expand...
Wow! This guy lays it all out step by step of what to do to correct your problem and you belittle him for it? SMH!!!
 
  • Like
Reactions: haruhiko
Kathsr said:
Did you not read the part where a I said I changed my passwords several times and the problem persists? I’m sorry but I find your post quite condescending and insulting.
Click to expand...
I used to work in tech support, what people say and do can be two completely different things.

What raises flags about passwords is that you said you wiped your Mac and did a fresh install. If you did a fresh install the only way someone would get on your system was if they knew the passwords to the system or your network.

I would be really shocked if an average user installed something on your home networks router.

If you are 100% it’s not passwords and that someone has remote access to your network, call your ISP and ask them to replace your router.

We are trying to help and make sure you covered all bases.
 
  • Like
Reactions: haruhiko, ckoerner and secretk
OP,
What you have described does not add up as being possible, especially remotely accessing your MBP etc.

It sounds like you had a bad break up and now having a lot of anxiety and fear over the situation.

Unless you added someone as an authorized user with admin status on your internet account, there is no way someone from a different state would be able to access your account.
 
  • Like
Reactions: haruhiko, ckoerner, AutomaticApple and 2 others
mikiee said:
Wow! This guy lays it all out step by step of what to do to correct your problem and you belittle him for it? SMH!!!
Click to expand...
Take a look at the replies again. I referring to Zazoh who was speaking to me as though I am some kind of idiot who would never think of changing my passwords as a first line of defense. Everyone else has been hugely helpful.
 
Kathsr said:
Take a look at the replies again. I referring to Zazoh who was speaking to me as though I am some kind of idiot who would never think of changing my passwords as a first line of defense. Everyone else has been hugely helpful.
Click to expand...
How would Zazoh know you did that already? Unless I missed it somewhere, you didn't state you had changed all the passwords.
 
  • Like
Reactions: Zazoh
hg.wells said:
I used to work in tech support, what people say and do can be two completely different things.

What raises flags about passwords is that you said you wiped your Mac and did a fresh install. If you did a fresh install the only way someone would get on your system was if they knew the passwords to the system or your network.

I would be really shocked if an average user installed something on your home networks router.

If you are 100% it’s not passwords and that someone has remote access to your network, call your ISP and ask them to replace your router.

We are trying to help and make sure you covered all bases.
Click to expand...
This is not an average user. This is an IT and networking expert with about 20 Microsoft certificates just for starters. He knows how to back door and remotely access anything. The damage was done with a USB drive and a homemade CD before we moved to separate states. There is malware including keyloggers that will withstand even a wipe and clean install. A keylogger will record passwords and other login credentials on any site including the router login page. I’ve just been trying to ignore it. Now I’m sick of it. This is not a bad breakup, this is a family member who feels he has a right to my financial data. Two days ago I left a spreadsheet open and the printer started trying to print it all by itself. I was across the room at the time. I lose control of my trackpad, cursor and desktop when working on anything concerning money. The missing and corrupt files etc. only occurs with my financial data. I keep no paper, I scan my entire life into my MBP. I’ve only been able to retain it lately by backing it up immediately after finishing with it. I use only my own equipment and I will be replacing the router and modem tomorrow. I just can‘t afford a new MBP right now and that’s still a problem. My original question was about the security of my iPad and iPhone for entering new credentials for the new network. Thank you all for your time and patience.
 
Last edited:
Apple_Robert said:
How would Zazoh know you did that already? Unless I missed it somewhere, you didn't state you had changed all the passwords.
Click to expand...
I mentioned in my second post that I had already performed all the suggested steps which included changing passwords.
 
Kathsr said:
Take a look at the replies again. I referring to Zazoh who was speaking to me as though I am some kind of idiot who would never think of changing my passwords as a first line of defense. Everyone else has been hugely helpful.
Click to expand...

Chill out. I was the second responder to this thread.

Credentials, I’ve been doing this since 1979. If you go into your router and block Mac addresses and change network passwords it can’t happen.

Also call your bank and have them change account numbers. If you don’t like me go up to my profile and tap Ignore.

You came here looking for help. I won’t offer to you anymore.
 
Last edited:
  • Like
Reactions: haruhiko
Kathsr said:
This is not an average user. This is an IT and networking expert with about 20 Microsoft certificates just for starters. He knows how to back door and remotely access anything. The damage was done with a USB drive and a homemade CD before we moved to separate states. There is malware including keyloggers that will withstand even a wipe and clean install. A keylogger will record passwords and other login credentials on any site including the router login page. I’ve just been trying to ignore it. Now I’m sick of it. This is not a bad breakup, this is a family member who feels he has a right to my financial data. Two days ago I left a spreadsheet open and the printer started trying to print it all by itself. I was across the room at the time. I lose control of my trackpad, cursor and desktop when working on anything concerning money. The missing and corrupt files etc. only occurs with my financial data. I keep no paper, I scan my entire life into my MBP. I’ve only been able to retain it lately by backing it up immediately after finishing with it. I use only my own equipment and I will be replacing the router and modem tomorrow. I just can‘t afford a new MBP right now and that’s still a problem. My original question was about the security of my iPad and iPhone for entering new credentials for the new network. Thank you all for your time and patience.
Click to expand...

To be honest I am confused with your posts. If I understood you correctly you wiped out your hard drive and did fresh install on your MBP and you say that you changed your WIFI passwords.

I get that the person can install something on your laptop (not a moral thing to do but people do ****) but I do not see how this malware would still exists on your machine if you have wiped everything and re-installed as new.

There is no way to go through the steps of wiping out and starting from scratch from your all devices and changing WIFI passwords and to still have the malware available and working against you.

It just does not add up and it is highly doubtful. I am sorry and I understand that you need help but please do provide step by step on what you did and in what order because if you really did what I explained above there is no way the problem to still exist for you.
 
  • Like
Reactions: Caviar_X, haruhiko, ckoerner and 3 others
Kathsr said:
This is not an average user. This is an IT and networking expert with about 20 Microsoft certificates just for starters. He knows how to back door and remotely access anything. The damage was done with a USB drive and a homemade CD before we moved to separate states. There is malware including keyloggers that will withstand even a wipe and clean install. A keylogger will record passwords and other login credentials on any site including the router login page. I’ve just been trying to ignore it. Now I’m sick of it. This is not a bad breakup, this is a family member who feels he has a right to my financial data. Two days ago I left a spreadsheet open and the printer started trying to print it all by itself. I was across the room at the time. I lose control of my trackpad, cursor and desktop when working on anything concerning money. The missing and corrupt files etc. only occurs with my financial data. I keep no paper, I scan my entire life into my MBP. I’ve only been able to retain it lately by backing it up immediately after finishing with it. I use only my own equipment and I will be replacing the router and modem tomorrow. I just can‘t afford a new MBP right now and that’s still a problem. My original question was about the security of my iPad and iPhone for entering new credentials for the new network. Thank you all for your time and patience.
Click to expand...

I don't know what router you have but first step I would have done is download the latest firmware for the router (via cellphone on cellular connection), disconnect all devices, take the router offline, factory reset, install firmware and setup with new credentials while it's still offline (assuming the router allows offline setup).

To be honest, unless it's somehow managed to infect the BIOS/UEFI, I don't know how a keylogger would be able to survive a complete wipe and OS reinstall.

What are the 8 devices on the network? The re-infection vector could be coming from those.
 
Last edited:
  • Like
Reactions: haruhiko, ckoerner, AutomaticApple and 4 others
I am not sure if the suspected person is really the problem.

First of all, in your case, I would not necessarily buy a new router, as it should not be the true problem. If it still has the original firmware (for some routers you can install alternative firmware, have you checked for this?) So given the case the firmware is original, then a factory reset would be enough to keep it secure.

The next step would be to secure your Apple ID with 2FA in your security settings. If you use the normal profile for private users, this will secure your account and devices from logins by third parties, if they don't have physical access to your mobile. You can look in your iPhone if there are profiles set. If you don't find any under settings, there are none, because the profiles are just shown if there have been installations of those. If you find profiles, you should be able to erase them, which solves the problem.

Same goes for your MacBook. In your settings you should be the only administrator and there should not be any users you don't know. If there are any, erase them.

So, given the fact that your iPhone is without profiles and that 2FA was enabled, you could change your Apple ID Password once more. That should make secure that nobody can log into your Apple account, also not into your computer.

Ok, now you log in into your router and make a factory reset (or flash the original firmware from the manufacturer, the how to should be on their website). You should be able to do this with your iPhone using Safari accessing your routers web interface.

After that you reset the router and gave it a new password, you can use your iPhone to connect with your WiFi. That should send the login data to all your devices who use your personal ID. Even if the suspected guy has your Apple password, he will not have it now, cause of 2FA. He can't have the router password, because you reset it and gave it a new password. In your Apple devices settings turn off connecting with public WiFi's

That's about your personal Apple devices. The only entry point he could have is the other devices you spoke from, and only if you allowed them to connect with your Apple devices. If you never allowed any device after the procedure above, he really would have to have physical contact with your Apple devices to compromise those.

Further steps would be to change passwords for any online service you use, like cloud services (if you just use the Apple cloud, you don't need to change anything, as you already did this). Use 2FA whenever it is offered by a service you use.
 
  • Like
Reactions: secretk
Call the police and report a cybercrime. As it is now across state lines maybe that’s the realm of the FBI?
 
Last edited:
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back