web3 forums

web3 and ethereum community forums



    Posted by JBMaclemore.eth on April 30, 2023 at 1:17 pm

    This was originally posted under my JBMai account to the /r/ETHFi subreddit on April 30, 2023. It was removed by a moderator (SuperPhiz) or a Reddit admin. Both are up to some shady shit, IMO. YOU HAVE ALSO LIKELY BEEN HACKED!

    ‘Sup ETHFi homies, I lost access to my other account so I’m postin’ through here.

    *John, you moron! Are your brains leaking again!? How in the tarnation did you lose access to your account!?*

    Welp, I was gettin to that, but since you asked I’ll tell you anyway. For the second time in 2 years I have been targeted and hacked by a sophisticated hacking group. This time the attackers hacked my WiFi access point, my wife’s Apple bluetooth keyboard, installed [xNGO](https://www.forbes.com/sites/thomasbrewster/2023/04/18/nso-hacks-apple-find-my-iphone/?sh=958731c567c7) style spyware on my and her iPhone 13’s. They listened to my private calls, and into my home by remotely activating the mic and camera’s without any indication it was happening. They used my iPhone to activate the mic in my car via bluetooth so they could listen to my private conversations even with my phone in my pocket. To make matters worse, they used my phone to hack my Macbook M1, and iMac Pro 27! Using Bluetooth LE and WiFi.

    Busted all the way through the [T2](https://9to5mac.com/2022/02/17/t2-mac-security-vulnerability-passware/) “secure enclave” and accessed the “secure” keychain. That gave them access to my password manager, iCloud account, iMessage and storage encryption keys and more! All thanks to an unpatchable flaw in the radio baseband firmware of newer iPhones, M1 Macs and Intel Macs equipped with the “secure enclave!” It can’t be fixed with software either! You can’t even trade that infected thing in, throw it in the trash! *Hahaha!* What’s really fucking crazy is that once a phone is infected, even just by visiting a website, it will infect other vulnerable iDevices and Wifi routers / APs and bluetooth devices in the nearby vicinity. Yep, all those cheap ass Chinese Wifi/Bluetooth connected peripherals. Infected. Hidden wifi networks. So now my whole neighborhood is infected now too.

    Thanks to Apple’s “Airtag” [network](https://appleinsider.com/articles/21/05/12/researchers-successfully-use-airtag-network-to-send-messages) and “always-on-even-when-you-turn-it-off” Findmy and vertical integration, infected iDevices can [relay](https://www.securityweek.com/researchers-devise-new-type-bluetooth-le-relay-attacks/) data to each other until it can find a WiFi AP to transmit the stolen data. You could even hide an infected iPhone somewhere and have it relay data using people walking by. Maybe even steal a bunch of them and hide them all over. You don’t even have to turn them on, or [activate](https://www.usatoday.com/story/news/nation/2023/04/07/apple-store-robbed-half-million-washington-mall/11622949002/) them or anything. Just stick one near a busy area or in a crack in the cement… *gawd they’re so thin!* Bingo bango you got yourself a self updating, replicating, mesh, exploit and surveillance network. Finally, it also transmits itself [via](https://www.techradar.com/news/ultrasonic-waves-could-be-used-to-hijack-your-phone-heres-how-to-protect-yourself) ultrasonic signals, that other vulnerable iDevices in the nearby vicinity can hear, but we can’t. Using these signals they can infect other iDevices nearby or even ones that you call! *Hi Mom!* Just listening to a voicemail on speaker could infect other devices within earshot.

    Here’s the real crazy part though, now that they have this network installed in my neighborhood they can pinpoint and track my phone using 5G technology. Even if I change my phone number they can tell exactly which phone numbers are emanating from my home with precise accuracy. Changing providers, phone numbers, nothing works. As soon as an exploit is found in my device or in my home Wifi AP they can update their network and hack my phone or WiFi from afar again. Really fucked up man.

    *Jesus John, are your meds ok!? You have lost your damn mind man!*

    Indeed I have. I’ve lost much much more than that. These two events have cost me tens of thousands of dollars in damaged hardware, hundreds of hours of lost time, and has created a substantial strain on my businesses and finances. More importantly though, it’s negatively affected my marriage. When I reflect back, my life has only gotten significantly worse since the launch of the EVMavericks NFT, and while I do not think it’s the exclusive cause of my misfortune, I do believe it has contributed substantially to it. So a few days ago, with a heavy heart and tears in my eyes, I sold my EVM. I needed to recoup some of the money I have wasted trying to defend myself. It’s a pittance in comparison to what I have spent, but after some soul searching, I feel it’s best to cut my losses and move on at this point.

    I really wanted this community to grow and flourish but I feel that the people in the DAO are too busy or too apathetic to accomplish any real public goods in my lifetime. It lacks leadership, communication, coordination, and financing. I also believe there are certain people within the EVM community that are using the sub and discord to provide bad advice, and fake testimonials in order to doxx people and steal crypto from community members. I also believe certain members may be involved in some of the crypto scams you see pop up on slashRslashEthereum. I don’t have any proof of this, but it’s just how I feel, so I’m out of here.

    *Are you fucking serious rn John!? What about Caches?*

    *sigh* Yeah… man… that’s the hardest part, it’s no longer in the budget either. It will be liquidated and any remaining assets will be absorbed into the “Personal Life” division. The manager there is a ruthless dick, so unless ETH hits 100k real soon, it’s getting tossed in shitter. Now don’t cry my ‘lil sweetcheeks, it’s for your own good. These limp dicked keyboard peckers will just follow me around everywhere anyway. They’ll never leave me alone, so I’d just be dragging everyone here into my mess and you’d get hacked and all your money would be stolen and you’ll blame me and I’d feel terrible about it even though it’s not *really* my fault. I don’t need that rn tbh. I have enough emotional baggage, fr. I’m sure they’ve already infected it anyway. All the bills are paid until 6/21, so I can promise it will be up until at least then. My sincerest and deepest apologies to everyone that contributed. To /u/bob-rossi /u/wolfparking /u/rooftopportapotty , /u/696_eth and everyone else that believed in me and contributed, thank you. I hope I’ve given you enough time to save what you’ve shared so far. If you need help you can reach me there under the “CachesAdmin” account and I will help you with whatever you need.

    *What the fuck!? What the hell are you gonna do now!?*

    Continued in replies…

    Honestly, I’m going to simplify my life, then I’m going to go back to work doing what I do best, extracting value from people for my own personal gain. Legally of course, however likely ethically suspect. I did better when I didn’t care about the ramifications of my actions anyway. I genuinely tried to do it your way. I tried to be nice, tried to collaborate, help out, be a shitty friend, build a community, but I just got taken advantage of repeatedly. Ah well, *no good deed goes unpunished.* Once I can consider a joke at my expense, but again at this level of invasion? Nah. Fuck all y’all, Phiz and his WuTang wet noodle gang. I’m gonna go back to keepin my thoughts in my own head again. I always end up worse off when I don’t. Why can’t I seem to learn that lesson? Buncha fucking dick noses out there man.

    The saddest part of all of this is, I don’t have a lot of ETH. I don’t even have a lot of money. I’m frugal. I grew up poor in a house with black mold growing on the ceiling. I’ve worked hard and struggled for everything I have. It’s been repeatedly stolen from me throughout my life by corporations, banks, the government, there’s little left at this point. Like most people here from back in the day, I gambled some away on shitcoins, I sold some to pay off some debt and I’ve lost some to Phiz’s scam contracts. *They’re marking your wallets with Popes so the pope contracts know what and who, and how much to steal from you! Popes are the devil!* I stupidly gave most of my remaining ETH to that fuckwit mhotdemnot… to screw with me I guess.

    The remaining 1.2ETH is in Coinbase. They made it easy for me to lock my account, and really hard for me to unlock my account. I want it to be hard to get access to my money. Not easy like following my cell phone around because of some stupid flaw in Apple’s proprietary firmware. Also … hey … it’s JBM. You think after the first time, I keep anything of value here anymore? You think I would even have radios installed in my validator boxes? You think I would ever take my cell phone or “connected” car to visit them or my cold storage? You really think I don’t know what a Trust is? Bunch of fucking amateurs!

    Finality, to my coward ass attackers:
    All this for an Amazon link? You idiots can’t tell the difference between a copy/pasted link from my Amazon app and an affiliate link? You really believe I’m so stupid that I would shit where I eat? I’m not even an Amazon affiliate, I signed up 100 years ago but the commissions blew donkey peen so I never sold a single thing. Fuck me, for being so smart you guys sure are fucking stupid. No attention to detail, no communication, shitty “tough love” method of teaching. Fucking children! Well sers, I hope you enjoyed the show. My wife and I should win a grammy for our performances. You know … one great thing about where I live is that I’m allowed to be heavily armed … everywhere I go! It really helps with paranoia when someone does a shitty job of trying to make you and your wife feel threatened. I don’t even need cameras, it’s a pocket device with a simple point’n’click interface. It can also reach air gapped systems too! I sleep well because I’m on a first name basis with the local police and I bought my home from the Mayor of my city. You can stop posting bait links in the comments of my tech sites too, I stopped reading them a week ago. Also… let me be clear … if you keep following me around and flying by with that skytractor you call an aircraft, I’ll meet you at the muni airport for some words. Good bless Texas y’all!

    Welp, that’s about it. I was just going to slip out for a pack of smokes and never come back but it didn’t feel right not saying bye one last time. Thanks for all the love and laughs over the years friends! Aight, I’m gonna reach out to the FBI and then get my life in order. Stay safe, and I hope you all manage to have a prosperous life! Catch you on the flip side.

    Always with much love and respect,
    JBM 👊🏻

    JBMaclemore.eth replied 2 weeks, 4 days ago 2 Members · 5 Replies
  • 5 Replies
  • wolfparking

    May 2, 2023 at 2:16 pm
    strata level 2 icon L2: Probably A Person

    Holy shit man. Im definitely at a loss for words, horrified by the events that have occurred, and saddened by the effects it has had on your life and well-being. Please let me know if there is anything I can do to help you out in any way. Know that I’ve appreciated your input, contributions, friendship and camaraderie at every turn. You will be greatly missed!

    • JBMaclemore.eth

      May 5, 2023 at 3:15 pm
      layer0 holder L0
      strata level 4 rank icon L4: Noob

      Thanks man, it’s really crazy.

  • JBMaclemore.eth

    May 16, 2023 at 12:51 pm
    layer0 holder L0
    strata level 4 rank icon L4: Noob

    Alright, here’s some more evidence to back up some of my claims that may make me seem crazy. As you know, I was hacked. Here’s what I believe happened, although I could be missing pieces or have them in the wrong order.

    About one year ago I was hacked. Maybe you remember? The hackers got access to everything, including all my online accounts and session keys. I went through the process of changing all my passwords, revoked session keys where I could find them, and then I tossed out all my equipment and purchased new stuff. Or so I thought. I don’t believe I revoked all the session keys however, primarily my Amazon account. I ordered all new TP-Link brand (TRASH!) networking hardware through Amazon. This gave my attackers the exact make and model of my new gear. Knowing which websites I visit regularly and what I was interested in, they were able to place a link in a story that they knew I would click. Using browser fingerprinting, they used a script on that website to run through a database of known & unknown browser exploits to find a vulnerability in my web browser and install browser malware on my Mac.

    Since this malware was ONLY delivered to my browser, it went undetected. From there, knowing exactly what make and model of WiFi access point I used, they had an unknown exploit ready to launch using their browser malware, and used it to get access to my WiFi access point. They setup a hidden network (photo below) to send out thousands of “Beacons” a second to flood my wifi in order to DoS attack it, causing it to randomly disconnect or hang up. Each time I disconnected and reconnected, they captured the packets so they could eventually crack my WiFi password. This took a long time, at least a year for them to grab enough packets to crack the password, but they did it without me ever knowing what was going on. It just seemed like the WiFi was flaky, and after I disconnected and reconnected it worked… until the next morning. My wife and I did this every morning for a year.

    Once the WPA2 password was cracked, they started a Man In The Middle attack and started modifying my search results, and the actual news stories I saw on my favorite websites. If they didn’t have a “fake” version of the site to display to me, because I had never visited it before, they would put up an unclosable popup or paywall to prevent me from viewing it. From there, they were able to use the microprocessor in my Access point to hack my Macbook, iMac and iPhone using, what I believe to be, an undisclosed vulnerability present in the baseband firmware of all of them. Why? Because they all use the same EFI processor, the T2 “secure enclave” chip to handle everything.

    Once they gained access to the T2 chip in my Macbook, which is equivalent to an iPhone A11 processor in power, they launched an attack against the rest of my devices. This took them very little time (minutes), after which they used the combined processing and radio power of all my iDevices to launch an attack against my neighbors routers, access points, hotspots, vehicles, iDevices and counterfeit or hacked Airtags. Now they’re all infected with malware and they’re all outputting hidden networks and fake access points, just like mine was.

    Using this “mesh network malware” they were able to use the combined processing power and the radios in everyone’s AP/Routers/Cars/Ring Doorbells to hack the LTE cell phone encryption to listen in on my phone calls, intercept my text messages, and follow me around. I also believe they used flaws in the cell phone networking equipment at the cell tower that sits about 500, as the crow flies, yards behind my house in order to locate me again after I changed both my cell phone number, and even cell phone provider. As well as using it to launch remote attacks against my new phone.

    Before I became aware of the hack, I plugged my phone into my car to use Apple Carplay. Since my phone was infected, they used that to hack the “Connected Car/Satellite Radio” features present in just about all new vehicles to listen into my car using the microphone, and track it using the built in GPS. I also suspect that they placed a camera in the rafters of the RV storage facility behind my home that views directly into my fenced back yard. A few days before I became aware of the hack I saw a man standing on top of his RV installing something into the rafters, but I didn’t think anything of it, but now that I think about, and look again, I can see a cable dangling from the rafters that leads down into the RV itself.

    This story has many more other oddities which I won’t get into now, but just know, everything can be hacked. Everything. These people are trying to dismantle my life and get information they can use to steal from me, or blackmail/coerce me into doing their bidding. If you have any secrets, they will find them and use them against you. Even if you don’t, they’ll use you, without you ever knowing to get to one of your friends, or your boss, or … brick by brick.

  • JBMaclemore.eth

    May 16, 2023 at 1:10 pm
    layer0 holder L0
    strata level 4 rank icon L4: Noob

    More Stuff:

    I’ve attached 2 files. This is a scan of the WiFi networks that my little laptop could pick up. In my vicinity there are 3 hidden networks. One of which is spitting out “beacons” at rate of several per second. I believe the “KWH-RV” access point is infected as it is also sending out beacons. I also believe this is how the malware is communicating to the other “nodes” in the mesh network. At the bottom of both photos you can see some devices attempt to connect to a SSID named “TMOBILE” … this is the SSID for a wifi network I created and left running for 12 hours, then shut off. Even 2 full days later this malware is looking for that SSID in an attempt to hack it.

  • JBMaclemore.eth

    May 17, 2023 at 6:31 pm
    layer0 holder L0
    strata level 4 rank icon L4: Noob

    Oh man, I’m not crazy. It looks like I wasn’t alone in this attack. It also looks like I wasn’t targeted specifically, just caught up in it. I have some infected Access points here, 3 of them. I’m not sure how to go about safely hacking these things to investigate them. If there are any security researchers that want to take a crack at this, I’ll give you one for free. Please reach out.





    Also, according to the article it’s setup to infect other brands, not just TP-Link. I would agree. So far it seems that only the Netgear branded routers in my neighborhood are unaffected. TP-Link, Microtik, Ubiquiti, and the AT&T whitelabel ones appear to be infected.