First a hack, now Network?

[Mowaze]

The displays on our devices speed up (abnormally) in an erratic, herky-jerky fashion, almost anticipating cursor moves. It occurs only when online and primarily during work hours on our home network. This happens to any of several Apple devices, iPhone, iPads, MBAs.

I’m concerned the router or server upline may otherwise be compromised. Or maybe it’s a new dynamic rolled out by ISP (Comcast)? Otherwise, it feels like I’m reinstalling a virus infection, even AFTER having reformatted disks and gotten new accounts. Is there is a hacker accessing our network at will?‍ Any ideas, please?

 

[maw_walker]

Normally, if your network has been compromised, you won't know in the way you are describing. Cyber criminals don't show off in this way; they either leverage a network or host(s) to accomplish something else or steal data. Are there other devices (non Apple) on your network and do they behave in this way? Is this a business or home network?

 

[Mowaze]

Firstly, thanks for your thoughts. I understand your point and it makes sense, i.e. if I were a criminal, etc… .

We were definitely hacked ~4 months ago - and I think (?) it was fixed by the usual methods, reformatting drives, clean installs, new accounts etc. While I don’t see actual evidence or ‘footprints’ of a current hack the fast movements online began at the time of the hack - and have continued since. BTW, there are odd times of day when it doesn’t occur, usually beyond work hours in USA, EDT.

I’ve watched several YouTube videos but have not found these specific symptoms. The closest matchup is the Pegasus spyware symptoms, perhaps an unauthorized copy? The then hackers could manipulate cursor, change text on screen in real time! It was a nightmare.

I am left miffed, constantly uptight and worried about criminals attached to my home network. Is there a way to confirm or deny this without the time and expense of forensics? What could otherwise explain this ongoing phenomenon?

 

[maw_walker]

So this is your home network then I assume. How do know you were "hacked" and how so? Virus installed by a user maybe? Home networks rarely get hacked because there is nothing to gain. Not saying that doesn't happen but a cyber criminal other than a "script kiddie" is not going to bother with a home network unless you are the CEO of Amazon, etc.

What is your network infrastructure and are you running any services, like a web server, etc. Most home networks have a router/firewall in place. But, if a user on your network installed malware, then all bets are off.

What systems are on your network, Macs only or a mix of Windows and Mac?

 

[Mowaze]

Normally, if your network has been compromised, you won't know in the way you are describing. Cyber criminals don't show off in this way; they either leverage a network or host(s) to accomplish something else or steal data. Are there other devices (non Apple) on your network and do they behave in this way? Is this a business or home network?

Firstly, thanks for your thoughts. I understand your point and it makes sense, i.e.’ if I were a criminal, etc… .’

We were definitely hacked ~4 months ago - and I think (?) it was fixed by the usual methods, reformatting drives, clean installs, new accounts etc. While I don’t see actual evidence or ‘footprints’ of a current hack the fast movements
I’ve described occurred at the time of the hack - and has continued since.

I’ve watched several YouTube videos but have not found these specific symptoms. The closest matchup is the Pegasus spyware symptoms, perhaps an unauthorized copy? The then hackers could manipulate cursor, change text on screen in real time! It was a nightmare.

I am left miffed, constantly uptight and worried about criminals attached to my home network. Is there a way to confirm or deny this without the time and expense of forensics? What could otherwise explain this ongoing phenomenon?

 

[Mowaze]

So this is your home network then I assume. How do know you were "hacked" and how so? Virus installed by a user maybe? Home networks rarely get hacked because there is nothing to gain. Not saying that doesn't happen but a cyber criminal other than a "script kiddie" is not going to bother with a home network unless you are the CEO of Amazon, etc.

What is your network infrastructure and are you running any services, like a web server, etc. Most home networks have a router/firewall in place. But, if a user on your network installed malware, then all bets are off.

What systems are on your network, Macs only or a mix of Windows and Mac?

Re hack: text on a text message (IM) being changed in real time, sic as I type; when I found porno over my name on Reddit (not mine), and I get email notices that orders are pending from shopping sites that I did not place, photos and a month of email is removed, etc… .
Malware was definitely on. Apple then issued IOS vs 14.8 to block Pegasus. I simply don’t know if I cleaned hackers out. I hired two consult firms but not much help.

I’m long time experienced Apple user, degreed but not in tech or IT. NW is mine, in house that evolved over the years. Macs only on NW. Simple use of ISP, Comcast. ‘Basic security, firewall turned on and only wife and I use it. Oh, not CEO of Amazon…maybe GM,-)

 

[maw_walker]

So, malware does not equal "hacked"; those are 2 completely different things. If you have malware, you need to get rid of that first by using MacOS/OSX malware removal software. I am not an expert in that area.

Being "hacked" means a human has penetrated your network and is actively stealing data or whatever their goal is. This is highly unlikely on a home network but not impossible. From what you are describing, it seems you have had or have malware somewhere on a client in your network.

 

[Mowaze]

Actually, I thought both, malware AND network since adding a new device and it gets infected! It’s circular, in that I clean devices, supposedly and the said symptoms restart. Not being deep tech proficient that’s why I began exploring the network.

I wish I knew a critical path to resolve, i.e. who to call next. Maybe move this thread to software? You appear knowledgeable and I do appreciate your pursuing what’s going on. If you have any further ideas please post. Thanks and regards from Atlanta, GA.

 

[maw_walker]

I enjoy helping people and I have been in the cybersecurity industry for about 15 years. Currently a pen tester, read that as white hat hacker and I specialize in web applications.

You really have to narrow down what specific malware this is or if it is malware. I would try something like Malwarebytes to scan with and determine if you have malware, then where it is.

Based on your initial post, it is hard for me to visualize what this could be, especially since you describe display issues. You mentioned Pegasus, with is spyware, but that malware targets specific individuals (journalists and activists) and has specific symptoms, none of which involve display "speed up", which I am not sure what that describes.

Scan with some sort of anti virus to determine first if you have malware.