Alex53135

Q: My iMessage has been hacked

I went into the messages app on my computer recently and found out that more than 20 messages had been sent. The messages were all to Chinese numbers, and the messages in Chinese. Screen Shot 2016-03-07 at 23.36.11.png

 

Has anyone experienced the same? is my account hacked?

MacBook Air, OS X El Capitan (10.11.3)

Posted on Mar 7, 2016 2:39 PM

Close

Q: My iMessage has been hacked

  • All replies
  • Helpful answers

first Previous Page 12 of 12
  • by DanMcNulty,

    DanMcNulty DanMcNulty Oct 19, 2016 5:02 AM in response to iZian
    Level 1 (4 points)
    Oct 19, 2016 5:02 AM in response to iZian

    Hmm, seems like we could be onto something then. They could be obtaining passwords another way, but it looks like this MySpace DB is at least one strong possibility. Thanks for the reply btw.

  • by DanMcNulty,

    DanMcNulty DanMcNulty Oct 19, 2016 5:17 AM in response to perr_mike
    Level 1 (4 points)
    Oct 19, 2016 5:17 AM in response to perr_mike

    Probably. There have been more major data leaks like this. LinkedIn took a big (similar) hit and, again, all passwords were stored hashed with SHA1, which is never recommended. The increasing confidence I have is from the fact that both victims I spoke to only appeared in the MySpace DB (according to (potentially outdated) leaked source search engines). It'd be impossible for me to guess what else they're using.

  • by inaveed,

    inaveed inaveed Oct 19, 2016 11:20 AM in response to JohnyGluebag
    Level 1 (4 points)
    Oct 19, 2016 11:20 AM in response to JohnyGluebag

    The imessage hack sending casino advertisement happened to me today.

  • by CADIVA69,

    CADIVA69 CADIVA69 Oct 20, 2016 8:38 PM in response to Big mike givens
    Level 1 (8 points)
    Mac OS X
    Oct 20, 2016 8:38 PM in response to Big mike givens

    and I chatted with a tech today and his only suggestion was to update but I don't have the newest version available yet. Dude was not helpful at all. I told him about the Chinese texts and he said he's aware of this and the engineers are working to fix it. I let ATT know so they can waive my international fees!

  • by mommycott,

    mommycott mommycott Oct 20, 2016 8:41 PM in response to CADIVA69
    Level 1 (4 points)
    Oct 20, 2016 8:41 PM in response to CADIVA69

    That's too bad you got somewhat unhelpful advice there. Considering someone used your password to sign in a device in another country and send out Messages from your account, updating your own device at home would be unlikely to have any affect on that.  Secure your account instead. Try two-factor authentication.  Now if you're devices aren't yet updated to support two-factor, you might want to do that.

  • by CADIVA69,

    CADIVA69 CADIVA69 Oct 20, 2016 8:49 PM in response to mommycott
    Level 1 (8 points)
    Mac OS X
    Oct 20, 2016 8:49 PM in response to mommycott

    Thanks. I just found that on my own and activated it. But I'd like to know how to get my language back to Chinese and remove that losers email address from my apps!

     

    The tech should have advised me to use the 2 facto authentication

  • by iZian,

    iZian iZian Oct 20, 2016 11:29 PM in response to CADIVA69
    Level 1 (94 points)
    iPhone
    Oct 20, 2016 11:29 PM in response to CADIVA69

    ssorry but no. Cadiva69; if you enable 2FA after you are hacked (actually sometimes you can if account changes) then you are done for, cooked, you've handed over control.

    APples 2FA will not challenge an already authenticated device. So the moment that happens they can use a device that they're signed in on to change your password, add phone numbers to your 2FA, remove your email address and lock out your other devices.

    HOw do I know? When I enabled 2FA I wasn't asked to challenge or auth my Mac or iPad. Not until I changed my password and signed them out.

    ENabling 2FA when you're already hacked could be a suicide pill

  • by mommycott,

    mommycott mommycott Oct 21, 2016 12:49 AM in response to iZian
    Level 1 (4 points)
    Oct 21, 2016 12:49 AM in response to iZian

    The first step is obviously to change your password. That challenges your messages registration for all devices and locks the hackers out. That's what I meant about "secure your account" in my above answer. However, to prevent people from guessing your password in the future and going through all of this again, you can turn on 2FA. Someone else then wouldn't be able to sign into your account and add a new device to messages without access to one of your existing trusted devices.

  • by iZian,

    iZian iZian Oct 21, 2016 1:42 AM in response to mommycott
    Level 1 (94 points)
    iPhone
    Oct 21, 2016 1:42 AM in response to mommycott

    I misunderstood. Changing your password locks you out of 2FA for 3 days though I think. That what happened to my partner; first thing she did was change password (even though no evidence account was compromised) and then we were not allowed 2FA for 72 hours. To stop hijack

first Previous Page 12 of 12