Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I made a thread that I ditched just recently due to sharing too much information which just rendered disbelief and questionining and demand of proofs rather than help
So I have been bothered by this remote hijacking for a month now, judging file date he has been thee since november last year.
It is the first time i use linux, almost impossible for me to run windows. It is also the first time im aware of a uefi setup possibility, which explains how he can return so easily and has hijacked me even harder than i initially thought
PLease, how can i reclaim my bios, my computer etc? Formatting doesnt do anything, not even the lowest level. dban wont do anything because it doent touch HPA.
I am seriously in need to get rid of this hacker, he has also done similar to two of my android phones now.
Here are screenshots , a lot of googling led me to this info and the use of rescuezilla loaded into the ram, otherwise i cant have peace for more than 15 minutes before he messes me up
I dont know when he notices me or finds a way to mess me up while im hiding in the ram, so its kind of urgent, i usually dont get a second chance, he always counters me if i try another of the same rescue cd or similar (gone through them all)
Ill happily answer all other questions once ive reclaimed my devices
I was hoping it would be enough to do sometihng, if not, at least tell me what you need in terms of information. Isnt it somewhat sufficient that I say any sort of low level formatting wont help?
And its based on virtualization, remoting, plus using some virtual hotspots or wifi spots in some way i have no clue, but im getting super strong reception from like 4 wifis that is like the same as my router when i have it on, just a few metres further away, not sure how accurate it is but was using some android app built in when being network developer, of course its the hijackers kernel so it can be anything
And also answer those questions (in the other thread). And I still don't understand why did you post those images?
(not to mention that whoever is doing this to your devices is much smarter than us)
If this is on the same company computer take it to company
If this is on your personal computer take it to the CyberCrime unit at your Police Dept
If this is to get help here for this crime, (again), you are in the WRONG place, read the two lines above ^
Your issues have to do with Win$ install compromised not a Linux install
Your questions are in the wrong forum,
Hint try Windows forums . . .
Ill happily answer all other questions once ive reclaimed my devices
I was hoping it would be enough to do sometihng, if not, at least tell me what you need in terms of information. Isnt it somewhat sufficient that I say any sort of low level formatting wont help?
No, because we don't know the details, exactly what did you format and how, what did you install and how and how do you know your devices are infected. How did you detect and what?
We can't treat it if we don't know the problem. http://catb.org/~esr/faqs/smart-ques...html#beprecise
Quote:
Originally Posted by Mikez77
And its based on virtualization, remoting, plus using some virtual hotspots or wifi spots in some way i have no clue, but im getting super strong reception from like 4 wifis that is like the same as my router when i have it on, just a few metres further away, not sure how accurate it is but was using some android app built in when being network developer, of course its the hijackers kernel so it can be anything
How do you know the kernel is hijacked on your phone?
Remember, we need facts, not your opinion.
No, because we don't know the details, exactly what did you format and how, what did you install and how and how do you know your devices are infected. How did you detect and what?
We can't treat it if we don't know the problem. http://catb.org/~esr/faqs/smart-ques...html#beprecise
How do you know the kernel is hijacked on your phone?
Remember, we need facts, not your opinion.
Its enough with that link, every issue is individual, ask the questions instead. If youre going to need proof, i dont have time or energy, assume its true, i will let you know if im uncertain, but im not. You are free to not reply or help, but I wont entertain yours or anyones curiosity, clowning or trolling. You are doing nothing but spamming a link and questioning so far, so please refrain from replying unless you are actually asking questions that will enable you to help me, or post suggestions with what you know. You obviously have to assume im telling the truth because the opposite would be ridiculous to spend even a minute on helping
After a bit reading up, i did this on my main drive which isnt the one im using now (powering it off since it was in frozen state) https://imgur.com/juzWyfz.png
My screen is flashing black again
You also cant seem to respect the fact that its urgent based on your replies.
I managed to shut down all wifi stuff, virtual and real, only one adaper on and thats the one im using now, so that should give me some peace. Im not shutting down my computer though, worried about what he could have done realizing im powering off stuff, like the main HDD
Second, there is malware that affects the pc EFI partition, and the UEFI Bios. Google MoonBounce and BlackLotus for starters. There's also some vulnerability being exploited in Lenovos that writes to the normally blank partition. It's comparatively trivial to infect phones, but I don't even know if they are Apple or Android. If you boot from a live usb key made on a clean machine and get symptoms, that's your problem.
The solution to the pc virus issuse is to reprogram the BIOS out of circuit. It's a major deal, and a new motherboard might be the cheapest option.
As for the phones, best to hire a repairman to root them, wipe them, and install a Fresh OS. Perhaps Lineage?
Lastly Repair yourself. Change where you hang out on the web, because you must be lingering in some dodgy places to attract that kind of trouble.
Second, there is malware that affects the pc EFI partition, and the UEFI Bios. Google MoonBounce and BlackLotus for starters. There's also some vulnerability being exploited in Lenovos that writes to the normally blank partition. It's comparatively trivial to infect phones, but I don't even know if they are Apple or Android. If you boot from a live usb key made on a clean machine and get symptoms, that's your problem.
The solution to the pc virus issuse is to reprogram the BIOS out of circuit. It's a major deal, and a new motherboard might be the cheapest option.
As for the phones, best to hire a repairman to root them, wipe them, and install a Fresh OS. Perhaps Lineage?
Lastly Repair yourself. Change where you hang out on the web, because you must be lingering in some dodgy places to attract that kind of trouble.
Thanks for the advice. Im not sure it will require that drastic methods, but yes. My phones are just getting rooted so I can clean from there, its a big advantage having them physically, he should not be able to beat that to he point where I Have to buy new equipment.
So I definitely need to remove this cdrom device from the kernel, he boots the "real" bios he has hijaced from CDrom, i dont even have a cdrom on the laptop. Im worried when it comes to messing with kernels though from what Ive read.
I think powering down the main HDD/UEFI bios HDD and disabling virtual wifis bought me a lot of time
Also, if you knew even a percent of whats behind this, youd know i dont care in the slightest bit for how stupid my thread is or about any silly rules on how to post, in particular when 99% of the time ive been able to have online access in peace for 20 minutes on average before i have to reinstall windows again. I literally googled "linux questions forum" and clicked the first link asap and popped in here.
I do appreciate your concrete information though, the lifeadvice I appreciate the concern more, it is sweet if anything. If i get this overwith you will realize why I say that if i post the whole story
A small fun fact, i have like 15 USBs i use and i bought one more expensive with physical write lock on that has done wonders. But its insane because if im burning a bootable to a usb, then 80% of the time im booting up is something completely different/something old trashy i burned. Its like my entire online/network activity in my home is a matrix and virtualized where he just plays god and switches things around as he pleases
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.