Hello,
Last few year I had couple of minor issues with security of my macbook air.
I have firevault installed, antivirus (avast or bitdefender) and firewall on.
I do travel a lot and had someone to look at my mac in couple of shady places (3rd world country, not autosized workshop). Is it possible that they have installed something on my mac, while "fixing" it?
- I had my CC information stolen (but it might in a store or some website got hacked).
- In e-mail attachment folder I found some PDF files created not too long ago. But it´s a "copy" of attachments I sent around 2 years ago. How they got created - I do not know...
- Recently I started learning about applescript and found 3 suspicious workflows, that was supposed (as I understood them) to keep track of all my archives (name of files, make silent copy etc). I panicked and deleted them..
- 5 workflows were in i-cloud that I did not create... I think.
It´s been around 2 years since I had someone twitching on my mac. After last time, I even did I clean install. However, I did copy my mailboxes (whole folder), photos and some other stuff back to new installation.
So my questions are:
- Is it possible to install spyware, that will not be detected by antivirus (if someone have physical access to my mac)?
- Is it possible to create workflow/applescript, that will act like spyware. I assume, then it will not be detected by antivirus neither?
- Is it possible to write workflow/applescript that will keep track of my files (documents, archives, photos, audio, video files, etc?), make a list of all files and/or copy those files and silently e-mail them/upload them somewhere?
Now, second set of questions, assuming then answer is "yes" to any above.
- After clean install, if they were in my e-mail folder and I copy them back. They do start working again?
- Is it possible to hide this kind of script somewhere in my e-mail or icloud, so clean install would not help?
- Is it possible to place something like that in a keychain?
So what I did now:
Another clean install. New icloud account. New e-mail account.
But I still have backup of my older files. I´ll try to be careful with them.
So, am I being paranoid or being safe?
Thank you everyone!
Last few year I had couple of minor issues with security of my macbook air.
I have firevault installed, antivirus (avast or bitdefender) and firewall on.
I do travel a lot and had someone to look at my mac in couple of shady places (3rd world country, not autosized workshop). Is it possible that they have installed something on my mac, while "fixing" it?
- I had my CC information stolen (but it might in a store or some website got hacked).
- In e-mail attachment folder I found some PDF files created not too long ago. But it´s a "copy" of attachments I sent around 2 years ago. How they got created - I do not know...
- Recently I started learning about applescript and found 3 suspicious workflows, that was supposed (as I understood them) to keep track of all my archives (name of files, make silent copy etc). I panicked and deleted them..
- 5 workflows were in i-cloud that I did not create... I think.
It´s been around 2 years since I had someone twitching on my mac. After last time, I even did I clean install. However, I did copy my mailboxes (whole folder), photos and some other stuff back to new installation.
So my questions are:
- Is it possible to install spyware, that will not be detected by antivirus (if someone have physical access to my mac)?
- Is it possible to create workflow/applescript, that will act like spyware. I assume, then it will not be detected by antivirus neither?
- Is it possible to write workflow/applescript that will keep track of my files (documents, archives, photos, audio, video files, etc?), make a list of all files and/or copy those files and silently e-mail them/upload them somewhere?
Now, second set of questions, assuming then answer is "yes" to any above.
- After clean install, if they were in my e-mail folder and I copy them back. They do start working again?
- Is it possible to hide this kind of script somewhere in my e-mail or icloud, so clean install would not help?
- Is it possible to place something like that in a keychain?
So what I did now:
Another clean install. New icloud account. New e-mail account.
But I still have backup of my older files. I´ll try to be careful with them.
So, am I being paranoid or being safe?
Thank you everyone!
