You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: Beckstein
Beckstein Author
User level: Level 1
8 points

Compromised Macbook Pro

A scammer gained remote access to my MacBook through Any Desk, a third party application. I have already deleted the app and install anti virus software. How else can I clean up my Mac?


[Re-Titled by Moderator]

Posted on Jun 1, 2021 4:18 PM

Reply
Question marked as Top-ranking reply
User profile for user: MrHoffman
MrHoffman
Community+ 2024
User level: Level 10
124,393 points

Posted on Jun 1, 2021 4:25 PM

Go change all of your passwords. All of them. Including the passwords on your password-reset paths; on your email accounts used for password recovery. Restore your Mac from backups created prior to the breach. If your credit card info was on the system, either carefully watch your financial accounts, or notify the financial providers. Enable two-factor if not already in use. Remove that anti-virus app, too.

View in context

Similar questions

7 replies
Question marked as Top-ranking reply
User profile for user: MrHoffman
MrHoffman
Community+ 2024
User level: Level 10
124,393 points

Jun 1, 2021 4:25 PM in response to Beckstein

Go change all of your passwords. All of them. Including the passwords on your password-reset paths; on your email accounts used for password recovery. Restore your Mac from backups created prior to the breach. If your credit card info was on the system, either carefully watch your financial accounts, or notify the financial providers. Enable two-factor if not already in use. Remove that anti-virus app, too.

Reply
User profile for user: sea116
sea116
User level: Level 4
1,585 points

Jun 1, 2021 4:33 PM in response to Beckstein

Erase your Mac and restore from a backup made before this event. If someone has gained remote access to your Mac, then it is possible that they have made changes that cannot be easily reversed or cleaned-up. If you don’t have a backup, you need to make a backup with important data and then erase your Mac. Do not underestimate what the scammer may have done, or put off erasing your Mac. It needs to be done as soon as possible.

Reply
User profile for user: MrHoffman
MrHoffman
Community+ 2024
User level: Level 10
124,393 points

Jun 1, 2021 6:12 PM in response to Beckstein

Backups have to happen before the disaster, yes.


No backups means adding a re-installation to the task list, installing macOS and apps from known-good installs, and transferring over just your documents. And even that’s not without risk.


Getting two-factor authentication enabled and getting the passwords reset is a priority, as those can provide substantial access and value to the scammer if the passwords have been uploaded.

Reply

Compromised Macbook Pro

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up