troubleshooting Question

Victim of complex, clever APT going on 13 months, cannot secure any device or domain or email, or phone or anything, including new purchases, instantly compromised. Thinking of suicide now...

Avatar of Richard Sanders
Richard Sanders asked on
Linux* Advanced Persistent ThreatsVirtualizationWindows OSRansomware
25 Comments7 Solutions770 ViewsLast Modified:
Hello. I am the unfortunate victim of a very clever APT that has led to me having to close down my charity law firm for the poor, and as no one would help me, I then spent all my equity and savings and even debt and borrowed so much it is impossible to recover, in my alone effort to learn about networks and use toolbox Kali and Tails and lots of microsoft and any secureity tools I could find, and always with compromised devices, instantly, and so it has been a horrible education where I fight and discover with broken tools, and I have discovered and learned a lot these 13 months, but also have gone from wealthy to closing 3 of my 4 businesses, including all charity projects, and the last of my businesses is dying, and I cannot produce economically in this compromised state, and am victim of much financial fraud and it is too much to even try to catch up and audit and notice, and I have been hospitalized multiple times this year and probably because I have been sleeping only every other day and in constant stress over this and the fact I cannot get even one device to be exclusively mine and secure and I have root control. None. Even if I go and buy one. And I did that many times, many ways, every tactic I could think of, and exhausted my cleverness, and my ideas, and have copies and lots of digital evidence, and even probably most of the malicious code---none was easy to obtain or find, but I have, and I have I am sure plenty of logs, code, and so on, that someone who knew these technologies and jargon professionally could definitely understand how this horrible awful, shockingly persistent and perfectly targetted at me hackerware hell works and maybe could create a countermeasure. I cannot. And I feel pain in my chest and heart, and I am only 31 and was before this a champion swimmer and a charity lawyer and now I am in ruins, and have nothiing, and I am just as imprisoned and cyber raped by day and night, and alienated socially as friends and relatives do not believe such malicious malware or cyber attack possible, but I have proven 95% of my claimed observed syptoms, which replicate always the same, and in same ways, and if anyone actually used this, or experienced it, they would know how terrible it is. And I lost everyone, and everything, and I have never worked harder, nor longer, nor had to be more clever, nor toiledmore, nor been more desperate any year of my life, and I gained lots of knowledge, lots of hackerware code and evidence and specific evidence, and mor, and logs and logs, and discovered emebedded strings and malicious code in unlikely files, like pictures, and scripts and desktop.ini is a negative value and it seems to be in every folder, and near any folder will not let me in unless I get clever about taking ownership, and /or using a live distro like tails can give me a more honest glimpse of the file system but even it and my linux laptop is deviant, and permissions changed, devices that were private now take policy, every time i install windows or buy a windows laptop I see in the GUI that the IIS is not enabled buut in fact 100% of the time it is, along with some folder wwwroot, and the whole experience of the OS feels so limited and I said once it was as though I live in a docker container, or else it is a snapshot that is virtualized and replicates, and later found evidence of both happening. Also, you don't need wireshark and ettercap to note the mutating urls as php and sql from god knows where always injects, but I tested and confirmed. And so I will list the primary areas that are always compromised and you then may understand how and why it has been impossible for me--and attorney who had no prior technical kowledge, but could write the blue and red field manuals from memeory now and can BASH with anybody, and knows every tool in Kali and a bit of some others, and a lot now about configurations and deployments and enterprises and the panther files especially the setup act log is very much clearly in plain language obvious it deploys in this same wretched specific very customized way, including modifying or creating some 30,000 entries in the registry, every single cert ca store is wrong and with asinine certificates and the only revocation list says from 1994 and in fact does not revoke anything, it adds more trusts, and some sloppiness the certificates if able to be seen, occasionally will have an active link on the "statement" of publisher and will have a verisign root that has a statment from an entirely separate company or a known alleged CA publisher will have a misspelling of name, or whatevr, but what is key is that a lot of services that nobody would want in this combination, except a malicious remote controlling unknown hostile truly mean person, and each service has its own store set, and all are insane and irrevocable crazy certificates, a 3rd level, minor certificate upon close inspection will have actually more power than god, and can do anything anywhere, cotntrol encryption, encrypt dom0, control tpm, anything. And so the devices are taking olicy and orders and so on, and even in sysprep which I cannot even make it do, but I can get it into audit mode (but by then sysprep has run eenough times the damage is there, present, and irreparable) and I cannot be secure online either as I am, I discovered, not just subject to constant injection and bad roots of trust on all devices, and provisioning and more and worse, but I am also under attack by any web applications and/or APIs and I admit I am not even expert enough to say th difeerence, but I can tell you from testing, and observation, and lots of pain and hell and torment and struggle, that many many APIs are NOT kind to me, including the OAuth2 which does identify me, and of course, it is used, and abused, and so are many many other APIs and I am not a programmer nor a developer, it is a lucky thing I can use BASH and pre-made modules in Kali or else I would not have found most of what I have found. But here I am, now more than a year later, lost most anybody in my life that I valued, and lost essentially 4 startups, including 2 charities, I made and were succeessful and I was proud, but now 3 are dead and 1 on life support and likely to be bankrupt and close also, and myself I went from having a good life style and comfortable income from my many enterprising efforts to the depths of poverty with so much debt and in fcat creditors and alleged debts in numbers you cannot imagine which I havenever used, nor heard of, and between all APIs and online threats, and the law email I had was stolen and google never gave it back, and it to this day is now a "service account" and I am always told by google who does not care a bit that sensitive information is in there, including about children, as I was helping families dealing with divorce, and myself recently abandoned then and divorced, anyways so that information which needed protection, and I had protected it, but then, one day, all my financial accounts, my publishing accounts, my domains, my emails, everything, taken. And I got some back. But not that one. And I even begged and threated lawsuit (that I have no time or means or ability to even file as I am now so destitute) beggeding and demanding they either give it back or else destroy it, because children are vulnerable and google does not respond and does not care, and any person if I ever can get anyone to talk to me, just says to use the go/recover or whatever it is, but I have copies of injection and code from "temp files" that, are anything but, coookies,  and APIs and whatnot httponly get json token and I do not know the client secret not have any ability to take or asert control, and so some companies gave me my accounts back over months of process, but some have not. And I hate that after I have essentially done everything possible I could think of and spent and sacrificed so much, and aged probably 30 years, and in fact... if it went away today... I don't even know if I have the health or energy, and certainly no longer the financial ability, to even recover. And... I had been so hopeful and tries so very hard. Just want to be free. Even on one damned device. From that maybe I could fight back and take back. But no, always deprived of me. or any affor that seems to be working ends up undone by replication or by being this separate, parralel memory state or something, like fake, and I am at the end of my rope. And I can feel it in my body that I am not in good health, and I have nothing, and everyone I valued in my life is gone, and my clients I was helping pro bono all of them suffered when I was forced to withdraw the cases, and I think one or two may even have died. And ... I ... I think, if a year ago, I knew I would still be here a year later, except having given and spent and tried everything and been broken and unsuccessful and lost so much.... I ... would rather have died. By any means. Drawn and quartered, anything would be better than this year...

I am not here seeking pity. I am wondering every day why not put a .45 hollowpoint in my brain stem, (which I am sure would be the best way, if that was how I was going to go) or otherwise just hook up some callibration hydrogen and a rebreather mask, or a damn shopping bag and just , inhale pure nitrogen and pass out and peace finally. Peace. My god. ... But I won't. I hope. ANd I think I was at that feeling as long ago as February and... I tried getting help from the state authorities and one had trouble talking to me as at that time I was having a MitM issue with both the browser and the device which I thought was my router and had my router's name, but turned out to be a hiden hotspot stuffed in the case of one of my desktops and was branded T-Mobile...

I have changed geography, devices, ISP, VPNs, and more, and tried everything. I promise you I was never free for even one second. Always contained. Always imprisoned. And unable to just even work in peace and try and rebuild a new business or save one of mine, but no... too much to ask. And now I am alone. Literally. And have nothing.
Join our community to see this answer!
Unlock 7 Answers and 25 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 7 Answers and 25 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros