Hijack for mac?

SimpleSimon

SimpleSimon

New Member
My wife has been having trouble with her computer lately. She has to change up her hotmail and now mail.com pw's at least once a week. We have a good feeling that someone is hacking into them....obviously....and we aren't sure if there could be something on her computer? Do they have hijack for mac or more importantly would it work?

Also does anyone know if there is a way to check to see where your hotmail has last been checked? Via ISP or anything? Thanks in advance!
 
No, there is no hijack this for mac. However, I can help you out but need to know some more information.

What OS version?

What browser and version?

What mail sites?

What kind of computer is it? Is it a laptop?
 
It's not the OS that just came out, it's the one right before it...don't know the name of it...sorry :(
Firefox for mac
hotmail and mail.com
It's a mac notebook, so yes, laptop.
 
So, its OS X 10.4 tiger, and I will assume it is up to date 10.4.11?

Well, there are several ways this could have happened. I suspect a key logger if they are getting her passwords, anyone with physical access can do this, and if its a laptop I will also assume it travels.

So, someone is accessing her email? I would suggest only running webmail in https and perhaps look into doing an archive an install of the OS.

However we can try a few things. Lets first see what your path reads, this is a very common method of exploiting a *nix machine.

Open up terminal and type this code

Code: 
echo $PATH

Copy and paste results here.
 
No it can't work
Click to expand...

What? I am not sure what that means...

Your $PATH is correct. A lot of times if someone has exploited something they will edit your $PATH so when certain things execute scripts can run in the background, something like a keystroke logger.

there could also be something in your ~/.bash_history that could perhaps show something weird. I would also remove this directory to the trash, you can restore it later on but it ultimately only is for preferences. Drag the ~/Library/Preferences directory to the trash. ~/ refers to your wife's home directory, then in terminal do this.

Code: 
cat ~/.bash_history

Then copy/paste the results.
 
erin-turtles-computer:~ erinturtle$ cat ~/.bash_history
echo $path
echo $PATH
echo $PATH
echo$PATH
echo $PATH
??
run
search
echo
echo $
echo path
echo $path
echo $PATH
what is that?
d**n itwhat is that?
hdfjads;
erin-turtles-computer:~ erinturtle$

lol, those were random things I had typed :P
 
hahaha

OK that looks fine. Not sure what exactly it is, perhaps phising on the web end. You may want to back up and reload the OS. It is too hard to say what is happening. I would definitely back up your data first.

Are you sure someone is hijacking your web mail?
 
I thought it might be phising as well. I gave her the whole drill about passwords and turns out she was using similar ones for just about everything. We are going to try to just switch a couple of them around a bit and see if that helps. Thanks anyways for all your help :)
 
You must log in or register to reply here.
Back
Top