I Believe Im being victm of ramsoware attack, all my devices, mobile, MacBook, and even VM on cloud are with much suspicious logs
MacBook Pro 14″, macOS 14.0
Ransomware will demand money to unlock your computer.
If that's not happening, you don't have ransomware. It's named "ransom" because the perpetrator is holding your computer hostage until you pay up.
Theres something more weird, ive never installed Chrome, but have an com.apple.passwordmanager pointing to a google Chrome folder.
{
"name": "com.apple.passwordmanager",
"description": "PasswordManagerBrowserExtensionHelper",
"path": "/System/Cryptexes/App/System/Library/CoreServices/PasswordManagerBrowserExtensionHelper.app/Contents/MacOS/PasswordManagerBrowserExtensionHelper",
"type": "stdio",
"allowed_origins": [
"chrome-extension://pejdijmoenmkgeppbflobdenhhabjlaj/",
"chrome-extension://mfbcdcnpokpoajjciilocoachedjkima/"
]
√
And a los of attemptions to Lock or log in my Mac.
Unless you are highly skilled developer, looking at log entries is a complete waste of your time. Even Apple uses a proprietary app to turn that mess into something a human can make sense of.
Thats not the point, Ive all my work and family content, on iCloud and iPhone, including my 6 years old Son, memories, IF privacy isn’t important for you, That’s your opinion.
Forget delving into system logs. The information you posted is not indicative of any intrusive event nor can they be used for that purpose.
Instead, read and follow Apple's recommendations, here: If you think your Apple ID has been compromised - Apple Support
Reading system logs without a specific target in mind is the path to Madness.
There is so much junk in there, you could use those logs to prove ANYTHING, and also the prove the reverse of the previous assertion.
if you have Gross symptoms, please tell us about your symptoms.
MacOS now uses a separate locked, signed system volume that is un-writeable and crypto-locked. Any changes to it are detected within seconds. it is extremely difficult to hack. Applications are all signed and sand-boxed when they execute.
There is no threat from ordinary hackers, Unless you are an international activist, or major political figure. If you are, Nation-state level attacks cannot be ruled out.
Persistent Ramsomware attack
