User profile for user: The_Logo
The_Logo Author
User level: Level 1
5 points

Someone is manipulating my iPhone

Someone is using advanced software to monitor and manipulate my device. Please help



[Re-Titled by Moderator]


iPhone 14 Pro Max, iOS 17

Posted on Nov 3, 2023 9:03 AM

Reply
Question marked as Top-ranking reply
User profile for user: MrHoffman
MrHoffman
User level: Level 10
147,049 points

Posted on Nov 3, 2023 11:36 AM

Nothing seemingly wrong with that iPhone. The analytics look normal. Well, other than that the Xfinity app appears to be very busy or malfunctioning, and the presence of a first-few-hops VPN.


First-few-hops VPN services too often provide little or no benefit over the existing TLS and private relay support, and too many of the add-on VPN clients have collected personally-identified metadata (even when claiming not to collect).


Here, I’d wonder if the add-on VPN app is causing issues for the Xfinity app, as well. Remove that VPN app, run with the default end-to-end encryption, and enable private relay from iCloud+ for privacy, and see if that works better.


If what you state is true that “Someone is using advanced software to monitor and manipulate my device. Please help” (and you will know your exposures and risks best, though I’m usually skeptical about these espionage-level tooling claims), you will fundamentally need to acquire security assistance specifically tailored to your case, your risks, and your exposures.


No one here can provide the sort of tailored advice necessary for those very few people that are targeted by espionage-level tooling.


Nothing in what is shown indicates any exploits. If you are having particular issues, you’ll want to state those, and not post what amount to random screenshots of telemetry data. Telemetry is intended for developers and for Apple, and is too often filled with scarily- and ominously-worded and utterly benign messages.


View in context

Similar questions

20 replies
Question marked as Top-ranking reply
User profile for user: MrHoffman
MrHoffman
User level: Level 10
147,049 points

Nov 3, 2023 11:36 AM in response to The_Logo

Nothing seemingly wrong with that iPhone. The analytics look normal. Well, other than that the Xfinity app appears to be very busy or malfunctioning, and the presence of a first-few-hops VPN.


First-few-hops VPN services too often provide little or no benefit over the existing TLS and private relay support, and too many of the add-on VPN clients have collected personally-identified metadata (even when claiming not to collect).


Here, I’d wonder if the add-on VPN app is causing issues for the Xfinity app, as well. Remove that VPN app, run with the default end-to-end encryption, and enable private relay from iCloud+ for privacy, and see if that works better.


If what you state is true that “Someone is using advanced software to monitor and manipulate my device. Please help” (and you will know your exposures and risks best, though I’m usually skeptical about these espionage-level tooling claims), you will fundamentally need to acquire security assistance specifically tailored to your case, your risks, and your exposures.


No one here can provide the sort of tailored advice necessary for those very few people that are targeted by espionage-level tooling.


Nothing in what is shown indicates any exploits. If you are having particular issues, you’ll want to state those, and not post what amount to random screenshots of telemetry data. Telemetry is intended for developers and for Apple, and is too often filled with scarily- and ominously-worded and utterly benign messages.


Reply
User profile for user: Mac Jim ID
Mac Jim ID
User level: Level 9
64,154 points

Nov 3, 2023 2:16 PM in response to The_Logo

Just a couple of things to ease your concern:

  • You were suspicious of the logs showing "15,3" thinking that this meant iOS 15.3. This only means the model of your iPhone which translates to the iPhone 14 Max. I assume this is the device that you are using.
  • You were also concerned and showed a screen shot with Cellular being turned off, but still showing bars next to AT&T. This is normal behavior and shutting Cellular off in the Control Panel is only shutting Cellular Data off. You will continue to see the signal strength.
  • You wrote: "Additionally when cellular is on it’s not with AT&T network, it’s with AT&T WiFi, except it’s a network not a WiFi". All that means is you have WiFi calling turned on, to turn it off, go to Settings > Cellular > Wifi Calling.


Those are 3 examples that give other users the reason to claim that you are jumping to conclusions for no reason at all. You will not be able to solve any problem by viewing Analytics Data. I do have a couple of questions for you.

  • You talk about your IT department at work and them taking your laptop, is this a work provided iPhone or have you given them the device to set up MDM software? Many businesses do that and they don't all show on your device in the VPN Device Management section of settings.
  • Can you post a pic of all your apps at Settings > General > Background Refresh?
  • You said you did a Factory Reset of the device and the problem still persists. When you did that did you restore from iCloud? If so, the Factory Reset would have no effect, as your device would be in the exact same state as it was before the Factory Reset.
  • Is your device Jailbroken?
Reply
User profile for user: The_Logo
The_Logo Author
User level: Level 1
5 points

Nov 3, 2023 9:27 AM in response to The_Logo

What’s the iOS 15.3 identified in the logs? And the roots planted? And I continually have security settings removed from my device entirely, am unable to turn off certain settings. Regularly receive notifications of my iCloud being accessed and updated randomly, when signing in to sites I’ll be redirected to an android version of that sign in page. I even obtained a windat copy of their access tool that they hid in my Gmail contacts and saved it to a thumb drive. IT at work got a copy of it and reported it to the FBI as the breach was undetectable until I showed them that tool. Problem is now for my personal privacy I still need to break away. Any time I attempt to create any new secure account for anything, password reset settings will disappear along with most other security settings as if they’re not even part of the application and I’ll receive emails of info being updated with no way for me to change it….

Reply
User profile for user: The_Logo
The_Logo Author
User level: Level 1
5 points

Nov 3, 2023 9:40 AM in response to The_Logo

Sometimes when they’re sync’d I’ll have flashes of their device. Randomly getting glimpses of things from their screen such as Apple ID, battery life as it will show two batteries and service bars like a dual sim, or even just imagery of a phone call taking place that’s been going for some time despite the fact that I’m not on my phone and call logs shows nothing recently. Trust me yo

Reply
User profile for user: The_Logo
The_Logo Author
User level: Level 1
5 points

Nov 3, 2023 11:52 AM in response to MrHoffman

I’m attempting to speak with engineering on apple support and every time I get through they disconnect the call. They only have control when my cellular is on so I turn it off and use WiFi calling but they turn cellular back on and disconnect me. Additionally when cellular is on it’s not with AT&T network, it’s with AT&T WiFi, except it’s a network not a WiFi

Reply
User profile for user: The_Logo
The_Logo Author
User level: Level 1
5 points

Nov 3, 2023 12:40 PM in response to KiltedTim

And fyi, there’s most definitely something in that analytics they don’t want anyone to see. When apple support would send me the link to upload the evidence, they would high jack the link, modify and freeze the email app and browser so I couldn’t upload it. I tried all your remedial suggestions. They drained my battery from 60% to 0 in about 30 minutes and somehow stopped my phone from being able to charge until it died. Once it restarted my contacts app was no longer on my phone so they had something in there. Additionally, all that analytics data I took screenshots of, well, those are all gone off my phone, so they wiped that, as well as the hidden private file I discovered, also gone, as well as the analytics data. Stop thinking you’re so smart that you can just determine at a glance that people are tripping

Reply
User profile for user: The_Logo
The_Logo Author
User level: Level 1
5 points

Nov 3, 2023 12:52 PM in response to MrHoffman

For the last time dude, there is no freaking vpn, at least not a visible one. And nobody here has the resources or capacity to determine the issue and simply tell me I need software engineers capable of digging into these analytics. And my device should not be managed by anyone, I bought it brand new and did a fully factory reset at apple store and problems persisted

Reply
User profile for user: The_Logo
The_Logo Author
User level: Level 1
5 points

Nov 3, 2023 2:02 PM in response to KiltedTim

I’ve followed that line of reasoning. I didn’t see a bug and decide I’m being hacked. This has been a 6 week long process of elimination. My IT department had to take my laptop and revoke my work credentials bc I reverse hacked someone through my work laptop and gained access through the window where I could see my email from their side with full permissions and discovered a secret Windat file in the labels section of my google contacts which was sophisticated enough that my work felt the need to report it the FBI cybersecurity.


[Edited by Moderator]

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Someone is manipulating my iPhone

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up