IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New You almost certainly have not been compromised.
Points:

1. Stop looking at system logs. They're of no help to 99% of people 99% of the time. Worked example: you.

2. Change all your passwords to strong ones. Turn on 2FA wherever possible.

3. If you are still unconvinced, nuke and pave from known-good install media.

4. None of your evidence is evidence of compromise. See (1).

5. Glad to see you back.
New Additional: If you have been compromised...
...it's probably not about you.

Most compromised individual users have been compromised to use their computers as part of botnets for attacks on high-value targets, not to harvest personal data or credit cards.

(Those are harvested by large companies legally :P )
Ceterum autem censeo pars Republican esse delendam.
New So what you're saying is he's not worthy?
Welcome back.
New I'd say I have a life...
...but I don't. I just don't have any free time.
Ceterum autem censeo pars Republican esse delendam.
New one 1.
As someone who reviews java puke and linux log files on a daily basis for a living they are not for the faint of heart and are very difficult to splain slow to folks without hardware and programming backgrounds (need both). So unless one wants an un-needed description of how sausage is both made and excreted they are best left alone.
"Science is the belief in the ignorance of the experts" – Richard Feynman
New +5.
IOW, System logs are useful only if you are looking for something very very specific. Like most logs, in fact.

Wade.
New With you there..
My 'dossier' zeroes in on just that and it's chock-full of actual names of a variety of Tools as comprise this particular Tool KIt ... granularity; included within the sub-sets you see: when yo rotate that tiny triangle "for more info".
Fun stuff, sleuthing--if you really try to do its Right. And succeed.

Boolean has its Uses ... even in real-Science, where Logic Rules {too}.

Tally Ho --->

(Response to above, on Console--immediately after above part of post

3/10/21 1:04:44.247 AM cdpd[1043]: Calling SOSCCView for view Passwords reported device is NOT A MEMBER - (error: (null))
3/10/21 1:04:44.248 AM com.apple.iCloudHelper[76611]: User-visible keychain sync status is DISABLED


..and so it ---> Goes, still, despite recent small repairs.

Semper Fi, y'all.
Expand Edited by Ashton March 10, 2021, 04:12:49 AM EST
New What toolkit?
You've run an intrusion detection tool such as MalwareBytes, and it's given you a name, right?
New Made me look...
Calling SOSCCView for view Passwords reported device is NOT A MEMBER


Hmm... Discussions.Apple:

Unless you are having problems with your computer, Console messages can be ignored.


Ok, that's not a very helpful answer. Let's see...

MacRumors:

Oh, and forgot to add, to rule out third party software issues, try Safe Booting and running the machine. Compare that to what it does currently. If it behaves differently, that's a big clue that software is the culprit.

For further non-destructive troubleshooting, try making a new test user account. Log into that account, and run some apps. Compare performance to your regular account. If it is noticeably better, that points to a user-space issue. Helps to rule out (or confirm) system-wide issues...either hardware or software.


HTH a little. Good luck!

And let us know if MalwareBytes finds anything, please. Thanks.

Cheers,
Scott.
New Though, if you don't know what you're looking for...
... or even if you're looking in the right place, then you do have to be prepared to admit when you're looking at 100% useless shit.

I work with apps that need logging but it frequently gets mixed in with logging from libraries my app is including so am very familiar with swimming through the shit in search of gold.

Wade.
New You still with us?
Ashton, haven't heard from you since this. Have you been touching grass?
--

Drew
New Beats pushing.
     Hola, Me Droogies: a not-quite ex post facto Solution might happen ..but not quite yet. - (Ashton) - (21)
         Hola! - (Another Scott) - (1)
             I fear I may have slandered malwarebytes - (rcareaga)
         You almost certainly have not been compromised. - (pwhysall) - (11)
             Additional: If you have been compromised... - (InThane) - (2)
                 So what you're saying is he's not worthy? - (crazy) - (1)
                     I'd say I have a life... - (InThane)
             one 1. - (boxley) - (7)
                 +5. - (static) - (6)
                     With you there.. - (Ashton) - (5)
                         What toolkit? - (pwhysall)
                         Made me look... - (Another Scott)
                         Though, if you don't know what you're looking for... - (static)
                         You still with us? - (drook) - (1)
                             Beats pushing. -NT - (CRConrad)
         Welcome back, Ashton! -NT - (a6l6e6x)
         Добро пожаловать обратно, товарищ! -NT - (mmoffitt) - (1)
             Спасибо..! -NT - (Ashton)
         Whan I have a demonstrably-secured keyboard, I have some responses to below.. - (Ashton) - (1)
             Get a wired keyboard. - (pwhysall)
         A tad belated, but welcome back! -NT - (scoenye)
         "Define, please: the exact meaning of [Pwned] ‘K?" - (CRConrad)

What. He. Said.
100 ms