Unauthorized MDM

You could try to contact Hexnode, they have a web site. If you can get it removed, there would very likely be other programs installed.

DarkIbis wrote:

So how do I stop this? I first discovered unauthorized MDM on my iPhone 11 in 2019 (the Apple Store manager looked at the analytics) saw HExNoDE MDM was interacting with my phone and MacBook. I’ve switched phones, computers phone numbers, iCloud’s EVERYTHING. They all kept ending up with device management. I have the tech notes to prove this. On one computer, it had two operating systems on the same partition.

Anyway, I bought the 15 pro. IMMEDIATELY put it in lockdown mode. Created a NEW iCloud. No other device should be in my iCloud but ME. All of a sudden my keychain is wiped out. The whole phone goes crazy. I have apps I didn’t download on my phone. Locked out of apps. I can’t turn off Game Center or it now freezes the phone. I check the business side and it says my iCloud is already in use for a work email. The front side never shows the profile, because it’s always hidden.

1) no one is holding my phone BUT me

2) the phone is in lockdown mode from the second I bought it

3) I know who is involved

4) no other device should be in my iCloud

5) I buy my devices. Not a company.

How do I figure out what company I’m enrolled to? Unenroll it? Stop this from happening? Is it someone at Apple compromising me? The cellular company only has my imei not serial number. The guy who is doing this is a threat to my life. I didn’t date him. He was a former friend turned stalker. He works in cybersecurity. So I don’t know how to stop this from happening. It’s year FIVE. I want to move on. Someone has to know how he’s getting the device serial number or capable of autoenrolling my devices under his company even past lockdown mode.

Report the issue to your local authority if this has been going on for the last 5 years, hire an attorney..

The serial number is on more places than you know, could be on receipt (email), on box, on device, and I think a program called UDID will find it. I’m having the same issues. It moves laterally once installed, and from what I’ve read no required authentication. I’ve tried contacting the companies of the MDMs, no help there. Once the MDM is on one device, it installs on everything, geofencing! In my case, it disables device scanning. It’s possible if the person has been in your home, they could have installed a Wi-Fi device, or IoT. There have been many posts on here about this problem. MDM also allow side loading, or installation of otherwise unauthorized by Apple programs. I’ve found that reformatting or buying new devices does not help. As soon as I bring a device in my house, it’s compromised. Keep an eye on your bank and credit cards. It sends out “beacons” that others could see and exploit! I’m just hoping it gets fixed.

I’ve attached a reply from a user in 2022 that thread conveniently has been closed however, theres countless others that post reads…

Beepbopjd

They do it through Microsoft on sync AD All that is needed is your phone number. Forward the confirmation text and boom! All devices linked to the Apple ID is theirs. This is a nightmare and apple knows it.

I am thoroughly versed on the subject and I’m willing to go out on the limb here I am suspecting millions, if not, a large percentage of Apple users are compromised in this manner. They just don’t know it or have swallowed the pink Kool-Aid and are of the thought that mac OS or Apple iOS cannot be hacked. Setting aside terminology ie hacked, compromised, etc. what is going on especially in my case but I’m willing to guess in most of these cases I read is their systems are compromised through active/open directory, and there is a network domain admin or enterprise admin, that is controlling their devices. Apple has developed these programs i.e. MDM and Apple classroom which if you haven’t yet, I would suggest you read on the abilities a network or enterprise admin has with Apple classroom is utterly chilling and gives me the creeps. Turn your microphone on or screen share without a yellow indicator light absolutely of course they can…cant you think of all reasons why that’s even necessary lol. It’s frankly stupid and if someone needs that type of control over a computer, they have no business giving that person a computer in the first place, what is this kindergarten or a device for a convict and if so, why is it intertwined into the operating system of the folks sitting at the adult table, chewing with her mouth closed, saying please and thank you? I have spent a few years now fighting this and the more I have fought against it the more these network domains or Admins flex back and show me their abilities. Which is let’s be really clear here they are the admin of the computer, they are SUDO! Where it stands today with my device, and I’m willing to guess most others is an apple keychain that cannot be erased that contains RSA keys and logins for the domain admin that once you’ve erased and reinstalled is waiting at the front door for you to walk in their house! Microphones are all on and I have recorded them just as they are recording me and I am so sick of hearing the hushing and the shhhh in the background which brings me to this and I’m being serious as a heart attack anyone here that would like to chime in and say that this isn’t possible, etc. I would say put their money where their mouth is, and I have a brand new MacBook Air M3, lightly used MacBook Air M1, two Mac mini M2‘s, iPad mini six, in the latest iPad and for each person that would like to make that comment pick anyone of those devices I will personally next day air them to your home for you to keep under one condition you put the device on your home network and give us all an update in a few weeks on the security of your network and devices. Is that fair because right now I can hear the footstep scurrying away from these comments of how things aren’t possible! That offer stands if anyone would like to take me up on it please with all due respect reach out to me. This has been a constantly evolving never-ending situation and I like many as I read these different posts have had the pleasure at one point or another to share the same issues from a child account and screen time being employed and other miscellaneous parental controls to outright locking me out my own system. At the moment and I don’t wanna share too much as to give any grand ideas to these geniuses, but in the regular user environment, the Mac HD hard drive is dismounted and it appears there’s two complete operating systems running, as I mentioned the keychain which I cannot make any changes to and other miscellaneous issues that expand to my phones, iPads, and computers, and anything else thats attached to my network, ie CCTV, etc. which brings me to my last point I would urge people to not discourage themselves by calling Apple and thinking that they’re going to help that’s not what they’re in the business of doing their in the business of selling devices but I’ve been contacted in the past in regards to a class action lawsuit and I want to bring that back up for conversation and anyone that would like to explore these options, please contact me and we can see how many people are of interest. That’s really the only thing that’s going to stop any of this truly. So please contact me with your concerns and I’ll see if I can navigate through them and with that being said finding someone that’s well-versed in networking and active Directory will be of much importance so if that’s your expertise, please contact me as well. Thanks much.!

There is no such thing as an unauthorized MDM. To install MDM, you either

1. Must purchase the device from Apple or an authorized reseller and have it added to Apple Business/School Manager and have an MDM connected for automated device enrollment
2. Someone must have physical access to your device and must have your passcode/password.
3. Someone must have physical access to your device, your iCloud password (assuming you've set that up), and be in a trusted location (or wait for an hour, again, assuming you set iCloud up), then they have to wipe your device and add it to Apple Business/School Manager manually.

Option 1 cannot be removed by you because you don't own the device.

Option 2 can be removed in Settings > General > VPN & Device Management.

Option 3 can also be removed in Settings > General > VPN & Device Management if it has been less than 30 days since the device was enrolled. You would likely notice if this one was the case as again, at a minimum, it requires the device to be wiped.

These are the only options.

t3ddy, I’ve read your story and thought that was my story I put on here . I had to keep reading it over and over and read your other ones as well . Going through almost exact same thing … you may be more advanced in knowing what’s going on though . Geo fencing? Is that how anything that comes into my home is hacked from my sisters phone to even the people who do our lawn weekly and buy a new phone annd Instantly when I turn it on I used to think it was the phone chargers but I didn’t not even need to charge new phone he’s already in settings the second I turn it on .He is in my adt panel as well remotely turning off and on when I leave and come back . I have no wifi in my home . It’s hard wired supposedly but cell is actually wireless technology I get it but I don’t have wifi in my home at all . So I figured he’s using a hot spot on his phone or? Is there a hidden hub or something in my attic? We did find levaton switches in my home, got home from vacation and noticed my light switches had been moved or touched and different color switches in it . may want to check your home for them as well . As far as I know it extends wifi or something like that , not sure . . Mine going on since 2015 . ADT says it’s a glitch on panel . Yeah don’t think so only when I leave and come back ? . He’s broken into my car and has control of my gps and knows where I’m at at all times. Had me on a goose chase one night after trying to find this place I was only 10 minutes from but gps kept changing to where I went around the city and finally figured it out 45 mins later . Took the fuse out of my car alarm … suppose to go off when someone tries to enter it, just noticed last night it doesn’t go off . Son said this morning the fuse it out . . Steals everything from me from food to jewelry to all my sports cards i inherited from my aunts sport card shop in 2001. All cards missing which were hidden in attic that I forgot about. Were for my sons when they got older. Aunt had books of cards and Michael Jordon everything Kobe Bryant rookie cards you name it. She died with no children so gave it to my sons but they were too young. I had no idea how much it was worth. We can only estimate it but Jordan rookies to Bryant and shaq rookies …full books of cards from 60’s to 90’s probably 50 of them of different cards from fleer to tops and all the other ones she had the shop for 25 yrs. The mdm I found and just found one today again w Cisco in vpn but there are hidden onesas well I’m also signed in even though I sign out as a beta thing also under user ed and corp accounts in Apple and a developer. And aws Amazon thing. You mentioned. I get emails from all of them . I changed passwords or you can do this now with your accounts . I will try to get into them and have on GitHub and deleted account only to face another one in my name again . I have all the sudden “feedback “on my iPhone that I can’t delete . I now know what it is thank you …. Also have hidden apps I can’t see . Or delete . My downloads for the updates start to download … phone goes off and turns back on to downloading line going forward. Then stops and line goes backwards like it just took the download away and the screen goes black again then comes back on like nothing happened and says it’s updated…. yet my girlfriends i phone same kind after her update has all this stuff I don’t have. Can’t do the security check as well . I’m sharing with notes, health and who knows what else and I don’t even have all that on my iPhone. I have 3 To 5 apps that’s it . Everything deleted at store when buy new phone nothing transferred over not even my Apple ID yet it all shows back up on new iPhone 3 days later. Batteries blown up 3 times … phone so hot needs to be charged 6 times a day even if I don’t use it . I can hear him breathing when I’m on phone… even when talking with Apple agent . After we are done we both hang up then a minute later you hear another hang up . I’m close to getting him . Also shows I’m on a 🖥️ Mac computer at times when I don’t own one, I’m only on iPhone . Have brand new HP all in one but in 4 days there are 29 admins I’m not one of them. Another horror story . Controls my a/c at home my washer dryer I’m in Arizona I’ll put it down to 75 goes to 85 8 times a day on both units . Changed the panels and have guy do it all . Worked for about a week then right back at it again. I have so much documented screenshots and am going to the sherrifs office this Friday . They said they would look into getting my data from Apple . .

[Edited by Moderator]

I would be interested in the class action suit and any other information that you have

thanks for posting

Been dealing with this for far longer than i knew. the last 3 years its been absolutely impossible not to see it everywhere. id see small changes and now i barely know how to operate my macbook at all. the settings and files and permissions arent mine.

the amount of devices and computers that id bring into my apartment for a day before the settings started changing isnt small. it didnt make any sense how something not at all connected or even ON would do that and i assumed i was being paranoid.

finding out that apple is the one whos made all of this possible? dude.

This is complete and total nonsense.

You have no idea what you're talking about.

Yes

Wiping doesn’t solve the preboot files hidden in the rogue firmware.

in the software agreement that I have to agree to it spells it all out.

your not suppose to share or use it on consumer devices.

it expressly indicates that if your don’t follow the rules of software agreement , Apple can take it away from you (mine is dev version)

so they CAN take it off if your a misbehaving developer.

But why not if your a victim of that technology? They’re just trying to avoid liability by not admitting and solving this huge issue.

It’s time

Why is this edited ?

Because it violated the terms of service. You were sent an email by the moderators explaining that.