Backdoor Breach –

November 22, 2013

Report: Backdoor evidence observed:

I received an email yesterday from Team [redacted]:

We are currently investigating a security breach whereby some user’s login details may have been compromised. We currently have no indication that there has been any unauthorised activity on your account. Protecting our customer’s accounts is important to us.

The current investigation relates to an event that occurred in January 2013, upon which we advised you to change your password. Our records indicate that your password was reset based upon our prior notification to you.

I replied:

I did not receive any notice in Jan 2013 to change my password. 

They replied:

Thank you for contacting us.

We are sorry to hear about this problem. There are 2 possible reasons why
you may not be receiving some of our emails:

I did double check and responded. The incident ticket is still open and under investigation.

I had been suspecting breach of my box for a week or so. However, the above correspondence suggests I have had a backdoor on this box since January 2013. Reasons being I did not receive the security breach mail in January 2013. I use different passwords for all sites. None of them are recorded in digital form other than at the site itself. I do occasionally check the records of what Ips have connected to under my passwords and user names. I had not noted any unusual traffic. I have experienced low level events that caused me to check IP usage out of normal sequence. I did not note anything out of place.

I have been noticing unusual behavior from certain programs, such as [redacted] [redacted] and my spell check program connected to browser as if the dictionaries had been altered.

Maybe, a month or so ago I did have to wipe/reset my phone because it had become almost unusable. It would take a screen-shot when I pressed the right hand side button instead of coming out of sleep. It had gotten so bad I could not answer calls. – Note yesterday I experienced the screen-shot malfunction again. The only application I have installed other than what was issued with the phone is from June Fabrics. They will be notified of this security anomaly.

Last night I discussed the [redacted] breach, the anomalies on my box and phone, and other events that were disruptive financially and physically.

I pointed out that the backdoor I suspected and anomalies I am experiencing is related to a profile that sent a friend request to my facebook where by as I made an announcement to my contact list and specifically to friends and family that.

Important note: I went to find the post on my facebook profile to include it in this report. I could not locate it. I have requested my niece to review her time line for it. I recall she liked the post.

However, at this writing the post warning my friends and family that a known stalker of mine had made contact is missing from my timeline on facebook. The known stalker profile mentioned in the missing post is the same profile that I mentioned to [redacted] noting that the known stalker’s MO was backdooring box(es).

This morning when checking [redacted] [redacted] admin page I noticed that the some of the notifications had been marked as read. My computer would not let me take a screen shot.

I made a post on facebook about the backdoor. The [redacted] I use, which is [redacted] to the computer, vibrated, switched screens, and brought up the settings bar from the bottom. In other words, it appeared to be disengaging from remote after I had made my post about the backdoor.

When I could not take a screen shot, I used my camera phone. When using the camera on the phone twice the camera on the phone shut down. Nevertheless, I got the photos of the screen showing notification being one hour old and already read when I had just woken from over a four hour sleep.

Other anomalies I have noticed is with the spell check feature it appears as if it selectively works or in other words in real time words that I am not spelling correctly are not being allowed to be corrected. I can click on the corrected word but the incorrect word will not correct. This appears to be around words that are common and I should know, and if the word is uncommon or very difficult it will correct, then the next word would not. This has been going on for over two weeks. It is not consistent, suggesting that it is real time manipulation. This occurs in [redacted] and the browser spellcheck.

Also, in the [redacted] I have noticed that at times spell check and grammar check will not work at all. Though not witnessed as often, it does appear to happen when I am working on controversial documents.

I checked facebooks machines that are logged in under me. There was an extra one that appeared to be from the same location as me. I do not know if this is unusual because such has been usual for me in the past.

Also, when updating adobe recently it tried to update my box as a Linux OS box. I do not use, nor have downloaded, nor to my knowledge have Linux OS.

End Report.

Julia Clark

This slideshow requires JavaScript.


Update Nov 23 2013

I have an obscure blog at  Generally it is poems, free audio ebooks, and stichomancy. Nonsensical stuff at best. Emotive stuff. I put it at to make it difficult to lose. As can be noted, my emotive blogs have repeatedly been subject to harassment, hostile takeover, and the likes.

I went to write stichomancy this morning and noted that a linux box had an interest in one journal entry.

This slideshow requires JavaScript.

I am fortunate they were the only visitors. Usually I have somewhat high traffic there.

Which brings me to another issue that needs documentation.  Dominic Morris noted that was was coming up as internl server error, which would be kind of strange because all the server does is a redirect .

Fullscreen capture 11232013 64637 AM.bmp






The screen capture above is for the month of November 2013


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s