You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: AgentDragonfly
AgentDragonfly Author
User level: Level 1
40 points

MDM on personal iPhone - Businesses, unauthorized developer activity HELP!

I am a personal 'User' I have cycled through many hours and days with support. No one knows what is going on. Most likely because I am never able to speak with someone that understands the Enterprise platform. I feel this is happening via my carrier- but Fraud sent me to Tech support. Tech support told me my phone is hacked and to file a police report.

In combination I suspect that MDM is a gateway for an external developer to access my phone via various methods: webkit, Xcode, Apple Store Connect, SDK

I am about 99.99% sure I know why, but that is something that I will not disclose because most likely all of my activity is monitored; despite the very strict privacy settings I try to maintain.


Symptoms:

  1. My apps will sometimes tell me they did not come from the App Store (Maps, FindMyiPhone, etc..)
  2. When I make an attempt to chat with Apple support I receive a message to Use Messages to Connect with Business. When I have my iPhone in LOCKDOWN mode I receive a message that I cannot use Messages for Business when my device is locked down.
  3. I only have one device. However, I am sharing across devices- many times or I have the option to. The choice is not grayed out.
  4. I am unable to perform an Emergency Reset because I am usually sharing something - Notes, Home, Health, Books....
  5. I do not use iCloud Drive due to multiple security concerns. Almost every time that I double check those settings apps show that they are using iCloud Drive. (Game Center, Health or Fitness, Notes, Books, Apple Support, Wallet) While clicking to turn OFF syncing I have had a battle with it changing right back before my eyes. (I have screen recordings)
  6. Game Center will come on even though I have strict Screen Time settings.
  7. I am generally either sharing, or my phone is gathering data from Health; even though that privacy option is supposed to keep that from happening.
  8. Sometimes I am unable to even sign out of my phone due to 'restrictions'.
  9. I have 'Share with Family' sometimes

*Those are only a few symptoms. That is minus the horror I see from the extraction of information I backed up into Kali Linux

As I have mentioned I have spent many many many hours with Support. One Senior Director did spend time Googling the services that show up in my Analytics. I have even uploaded screen shots and documents, but I never heard back.

I REALLY REALLY need help here.

I will add attachments. They won't be nearly the amount I have. I am begging!!!


Services in Analytics


iPhone 13, iOS 16

Posted on Apr 2, 2023 2:32 PM

Reply
Question marked as Top-ranking reply
User profile for user: Community User
Community User

Posted on Apr 3, 2023 6:45 AM

Sadly, there doesn't seem to be any help and the ones that will respond, will tell you you are either crazy or you can't be hacked unless you have your device to someone.


For what it is worth I have been dealing with this and here is what I have learned; you need to delete your old apple id's and confirm that they are deleted. You may not be logged in to any (neither was I) but it has something programmed into the IOKIT boot so you cannot reset the NVRAM properly, leaving find my process to look as if the activation lock is on.


Make appointments for each apple product to have a firmware/software update through DFU mode and make sure it is DFU because a factory restore will not remove the cache that is lingering in the files. This should all be done at the same time otherwise it will talk to the other device and reestablish itself.


The factor reset you are doing doesn't work because it does not empty the trash and it seemingly blocks any terminal command to do so as well.


Before you boot up your computer(s) & phone(s) delete and confirm you have deleted all of your previous apple id's. Write down the code it provided to delete the id because chances are you will have to call to

confirm its deletion.


If you have a google ID, check to see if you are enrolled in any trial based workspace or fire base programs. Workspace allows device control as well.


I have changed our TV's and printers but it still seems to latch on to any printer so now we do not print. Debilitating to say the least.


I believe that there are enough of us out there to confirm that this problem exists but apple will not respond until they have fixed it. I know it sucks. Two factor everything and I wouldn't suggest any external usb or thunderbolt security keys.


I also would not suggest any products other than apple. That will only make your situation worse.. even the keyboards because it will load a generic driver onto your device. Only use apple wires as well. I am definitely not an apple advocate, only sharing what I have come to accept and learn.


You may have to go line by line in settings on your iPhone to turn off everything that you do not use and if there is an arrow on it, click to make sure there is not an opportunity to bypass your defaults. The Mac computer is the same and there are probably about 100 Plists that will try to alter your default settings so do not take anything for granted until you have clicked through it all. Plists are just preference and apple will tell you that it does not mean that they are being used. That is absolutely correct but the Plists I have seen start with NVRAM and a fmm (find my

mac activation) which is huge problem.


for whatever reason it uses nfc and mdm BUT mdm does get removed later on during the process. It keeps respawning. So it isn't necessarily MDM as much as it is trying to be so I presume that there is some detail in the MDM program that helps it get what it needs.


The shared cache you are seeing is at best guess, all of the info it has collected on you and will keep looping together. This is just a guess but I have been watching it on mine as well. I could 100 percent be wrong but I believe the cache is what keeps this process communicating between devices.


There are enough of us out there with this problem. I am sure that we have a common thread but I have no idea what it could be. I just know that no one is going to help me or my family and I am just going to have to do my best to keep my kids safe.


I could bring a new computer into this house and within ten minutes watch it try to harvest my old apple ids, while Bluetooth sniffing and try to connect to something nonstop. Eventually, it gets back in and the new id becomes corrupt, I delete it and start again hoping the last apple update resolved this issue. Two years later and I am headed back to the Apple Store today to pick up a couple of devices.


I wish someone had better news for the both of us but this is the best advice I can give you.

View in context

Similar questions

160 replies
User profile for user: Park3rr
Park3rr
User level: Level 1
8 points

Nov 3, 2023 3:31 PM in response to AgentDragonfly

I can no longer hard reset my device


"os_version":"iPhone OS 17.1 (21B74)","bug_type":"115","timestamp":"2023-10-29 18:29:44.00 -0700","name":"Reset count","roots_installed":0,"incident_id":"4B3A5FFD-BAA0-4EEE-87FB-A1D72D079C69"}

Incident Identifier: 4B3A5FFD-BAA0-4EEE-87FB-A1D72D079C69

CrashReporter Key: 775e3868796172cdd4d7cb3a41ddc37822cbd28e

Date: 2023-10-29 18:29:44.21 -0700

Reset count: 0

Boot failure count: 1

Boot faults: rst btn_rst,btn_seq_reset timeout,dblclick_timeout

Boot stage: 0x40

Boot app: 2681261667

socId: 8110

socRevision: 11



the low battery log shows keep alive processes that run after it “dies”



Date: 2023-10-31 22:38:40.304 -0700

OS Version: iPhone OS 17.1 (21B74)


SpringBoard: BacklightServices.backlightActiveOn SystemIsActive == 255, held for 00:44:53

runningboardd: osservice<com.apple.SpringBoard>32-33-136672:FBSystemApp-PreventIdleSleep SystemIsActive == 255, held for 00:44:53


Foreground Applications: com.apple.Preferences

Screen Brightness: 0.218507

Hardware Model: D64AP

Awake Time: 09:49:17 (35356)

Standby Time: 12:04:02 (43441)

Partial Charge: 1

Capacity: 1

Voltage: 3192 mV

Voltage Droop Time: 0

Voltage Droop Transitions: 0

CPMS has keys:

Reply
User profile for user: Katefromouterspace
Katefromouterspace
User level: Level 1
8 points

Feb 17, 2024 7:56 AM in response to AgentDragonfly

I was hacked and the police told me to get a new phone. So I bought a brand new iphone, brand new internet connection. I created a brand new Apple ID and was unable to access my 2 factor ID/Apple security key within hours of bringing the home.

Hours With Apple support, including an escalation supervisor and 10 months later I have no control over my personally digital identity.

It is upsetting & frustrating.

I’ve tried to fix it on my own and it’s just a loop of password resets and bogus captchas.

I am beginning to think it’s more so related to my house than the actual phone


Do any of you know of a digital identification management software company that is reliable?


[Edited by Moderator]

Reply
User profile for user: stud179
stud179
User level: Level 1
8 points

Feb 29, 2024 3:34 PM in response to AgentDragonfly

well my ojibwa either hacked or a developer is controlling it multiple issues for last 5 years nothings being done apple device i just bought few weeks back says it's being managed shows up in google search somebody keeps changing password on me support hangs up after i start telling them the issue 2 senior support guys hung up on me yesterday alone this been going on for 5 years and has shut down 5 iphones an ipad and now this new iphone already having issues all have warranty all new all bad insurance but been denied to use it every time not at all happy with support yesterday i asked for apple corporate phone number to register a complaint they gave me a bogus number .ibe talked with 168 techs 70 supervisors and spent over 700 hrs online with them trying to fix issue and 5 years later 6 new iphones and ipad all keep getting locked up and bank accounts hacked and here i still am 🙈

Reply
User profile for user: ooohlalabee
ooohlalabee
User level: Level 1
37 points

May 27, 2024 5:01 AM in response to ooohlalabee

Oh and “Siri”, who I’ve never set up or used once is always using “Home App” to make requests. Never used home app either.


And all of my support emails are being intercepted by “Zendesk.” I have done my research & it is def a large company but surely almost every company I contact is using them to handle their support tickets. Sometimes I’ll have two email threads going one from the actual company and one through Zendesk.


Not only my support tickets being intercepted, but I believe most of my promotional emails are all phishing attempts. I just got a new email address and paid close attention to the sending address and iCloud has had 3 different addresses, going from @icloud to iCloud@email.apple.com

Reply

MDM on personal iPhone - Businesses, unauthorized developer activity HELP!

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up