HACKED! Someone just took control of my cursor while I was on the Internet! They started to open files and search through stuff but I immediately shut down my computer! I have been hacked and I need to know how to fix my problem???

Yea, that's how the Blackhole Exploit Kit works, it draws users to illegal TV/content sites and once Javascript is running it sniffs the History, browser, plugins etc and tailors a payload to compromise the machine.

Doesn't need root if it's just after a users files.

https://en.wikipedia.org/wiki/Blackhole_exploit_kit

Amarae24 wrote:

I had screen sharing on and remote login etc.

I do stream illegal Tv-Shows online and download music torrents

Could be anything, I suggest you backup only user files you know, can verify and manually drag to a external drive. (no TimeMachine, backup software or bootable clones) then erase and install the operating system.

Run a ClamXav scan on the user files before returning to the machine. Erase all other drives, clones, TimeMachines etc.

Erase, formatting, OS X installs on Mac's

There are several possible causes for this issue. Take each of the following steps until it's resolved.

1. Follow the instructions in this support article.

2. Reset the System Management Controller.

3. If you're using a Bluetooth trackpad, investigate potential sources of interference, including USB 3 devices.

4. A swollen battery in a MacBook Pro or Air can impinge on the trackpad from below and cause erratic behavior. If you have trouble clicking the trackpad, this is likely the reason. The battery must be replaced.

5. There's a report that a (possibly defective) Thunderbolt Ethernet adapter can cause the built in trackpad of a MacBook to behave erratically. If you're using such an adapter, disconnect it and test.

6. There's also a report of erratic cursor movements caused by an external display that was connected but not turned on.

7. If none of the above applies, or if you have good reason to think your computer is being controlled remotely, remove it from the network by turning off Wi-Fi, disconnecting from a Bluetooth network link, and unplugging the Ethernet cable or USB modem, whichever is applicable. If the cursor movements stop immediately, you should suspect an intrusion.

Amarae24 wrote:

I was watching a YouTube video when my cursor suddenly started to control itself. I had screen sharing on and remote login etc. but I have disabled all of them!

Screen Sharing would be my top pick as it could immediately cause the the behaviour observed. What restrictions did you have configured? Remote login would take more work.

If you had your OS X Firewall turned on, then there could be entries in the /var/log/appfirewall.log about it. Another would be /var/log/secure.log.

Disinfecting may not be necessary if they just came through the open door, but too soon to say until you've done a scan or two.

Amarae

If it helps I will inform you that I do stream illegal Tv-Shows online and download music torrents,

Good luck with that. You've opened up your Mac to a myriad of catastrophes. I'm honestly not trying to be critical, but what you've done with Torrents, is just like lying down on railroad tracks, and then being confused and upset about being hit by a train. All the best.

Do you really think all this: ”Someone just took control of my cursor while I was on the Internet! They started to open files and search through stuff but I immediately shut down my computer!” would have happened if it was just some erratic cursor behaviour?

I'm still baffeled, but it seems someone just remote controleld my computer too… I realise now I should't have interupted so soon (and instead wait and see what would have happen), but I did and now I guess well never know if it actually was a human behind it (unless someone can find something in the logs – i did run a ”sysdiagnose” about 10 minutes after the occurance).

Martin --

Look at the dates these were posted. You did not interrupt the thread, as it's been dormant for 7 months.

If you're having problems, please start your own new topic. Include the year of your MBP, and which OS are you using.

Also, have you tried any of the solutions offered above? Please do, and report results.

Yes, I see the dates. Didn't think it was that long ago. And thought why not just continue here since my issue was somewhat similar. But sure I can start a new topic...

The thing is, I know you high level guys probably think most people posting here are computer illiterate n00bs, but I'm not one of them. 😉 While I'm far from any sort of OS X master (I have a lot to learn still) I've been using Macs on a regular basis since my mother got her first Mac in 1989 and I have been an OS X user supporter and system administrator and consultant for soon over a decade. Also worked at the Apple call center on Ireland for a year (not that it necessarily means much when it comes to knowledge, but anyway…) With that said I don't feel the need to do some of the troubleshooting the general might get suggested to try. Of course I co

Anyway, I was really surprised to see the app switcher get activated and the mouse cursor moving when it happened and though I might had put something on the keyboard. But no, and then it happened again.

MacBook Pro 2010 running OS X 10.9.1 in ”clamshell mode” (display closed) connected to Apple Cinema 23" display.

What I can say too is that I have been running this computer since August last year and the system on it was not installed by me, but my colleague at work (IT department). I was just supposed to have it temporarily at first, therefore I decided not to do a fresh install. But the only admin account on it is mine and I've changed it to something only I know.

Maybe there is some malware or ”hole” in the system but this is the first time I noticed something like this on it. It could absolutely be a coincidence, but the last software I used on it was this (just for fun): https://www.macupdate.com/app/mac/50261/asppppp

But, it wasn't running when ”ghost control” happened. But maybe it started a background process or something…? Too early to say. We'll see if I can figure something out tomorrow at work.

Martin Bergstrom wrote:

thought why not just continue here since my issue was somewhat simmilar. But sure I can start a new topic...

There are several advantages in starting a new topic.

We can see right away what your setup is if your profile is up-to-date without having to go to a new screen and see if we can figure out what you have going for you.

There are many instances of individuals believing that the OP's situation is identical to there's but we learn later after having to ask a lot of questions about the new user's issue is that it isn't the same at all due to some small differences that were not initially apparent.

Most important is that you will attract the immediate attention of folks who are actively watching the forum at the time who may have more up-to-date information on your problem instead of relying on only the small group who participated back in March.

MacBook Pro 2010 running OS X 10.9.1 in ”clamshell mode” (display closed) connected to Apple Cinema 23" display.

Then I'll just make a quick comment here that fully 90% of the times we run across erratic behavior of the cursor with a laptop, it ends up being pressure from under the trackpad caused by a swollen battery. I can guess that would be even higher for one in "clamshell mode". See My mouse keeps moving around on its own, as if someone is remotely controlling my Mac!.

Sure thing. I see your point. The thing is I just wanted to wait until I investigated my issue more. And just now a few minutes ago I came to think there might have been a natural explanation for my "ghost". I think I have (without thinking about it) connected a USB hub when I came back from a meeting today, and that probably have a mouse connected! But it was hidden under a bunch of cables and other stuff on my desk, so it moved when I temporarily put a big CD sleeve on top of it (hiding the mouse and cables even more).

So, seems it was my bad this time! Need to clean my desk... 🙂

Anyone knows how the thread starter's story ended?

Agreed it's great. 🙂 And also shows one (well, I at least) still can make basic mistakes after all these years. Even if this was quite good at disguising itself. ..

By the way, both of you will get a like since I awoken this zombie thread and wasted your time with a non-issue.

🙂

Thanks. The funny thing is I was sitting at home (not at work) and tried to be rational and think things through and then I came to think about the USB hub with the mouse connected… Now at work and have confirmed it was what like I suspected.

I guess I can at least partialy blame my easiy deceived brain being the way it is since I have a 7 months old kid at home that some nights keep me awake. So I'm not the exactly the sharpest mind currently… 😊

PROBLEM SOLVED!

Thank the Lord! My mouse cursor was moving erratically, seemed to be opening tabs, maybe doing the equivalent of holding shift and dragging, minimized windows, etc. Pretty much the same problems I see on other's posts.

I tried dissonnecting WI-FI, then shutting off Bluetooth, Disconnected and Turned off my Bluetooth Mouse, disconnected my wireless keyboard nub from the USB port, tried shutting off my Macbook and restrarting. I even shut the lid of my Macbook and worked off my second monitor in clamshell mode. NOTHING WORKED.

I thought I was hacked or had some type of Malware for sure, but it was a simple fix that I found on another help board.

I clean my Mac, keyboard and mouse regularly and had just got done wiping everything with a cloth with a mixture of warm water and rubbing alcohol (recommended)

I saw on another board that someone fixed their problem by moving their trackpad (gently) to the right, since the trackpad seemed to be too snug on the left side of the macbook body edge it sits in.

I moved the trackpad over and it took care of my problem immediately.

It was comforting to learn that Malware on a Mac is in fact still rare and that it is unlikely that someone would hack into your computer to 'remote control' your machine and be obvious about it.

No ghost in the machine. Trackpad is incredibly sensiitive I've learned.

Share the knowledge!

Blessings!

That's one that's worth filing away in the brain for future use, thanks!

And just to add a light note to this interesting thread, the whole thing takes me back a few years when i was filling in for another teacher in the media lab of my school. I'd recently learned that I could check their desktops with Remote Desktop, just to make sure none of them was using the lab for **** research or playing poker or anything else that shouldn't have been going on in school time. And then I started reading an essay one boy was checking over. It was really interesting. Unfortunately my reading was faster than his. When I got to the bottom of the page I started scrolling to find out what he was going to say next.

Suddely I was awoken from my concentration: there was a commotion going on in the room. "My computer's controlling itself! Someone's moving my mouse!!!" This boy was seriously freaked out! And then I realised - yes, it was me. A greater teacher would have come clean. I didn't. I stifled my giggles, calmed him down and made him get on with his essay. But the incident still makes me laugh!