I don't know what the catalyst for this was, but a lot of 20 years olds and younger seem to use the word hacked so casually.
I read it all the time, "my insta was hacked", etc.
I would really like to know if hacking is as common as it is reported rather than a successful phishing campaign, a simple issue of forgotten password or getting locked out of email, account ban for rule violation, or something else entirely unrelated to actual hacking.
In this case my skepticism skyrocketed when the hackers write "we are in control".
> I don't know what the catalyst for this was, but a lot of 20 years olds and younger seem to use the word hacked so casually.
It is a mechanism of shifting responsibility. If your password is "1234" and you gave it away to a totally legit MS support center employee that called you recently because MS has detected that your iPhone has a virus, then it is on you. But if North Korean hackers compromised your watch via elaborate hacking campaign to mine bitcoin on it, then it is "not your fault".
Same thing how all company breaches are attributed to "sophisticated state sponsored actors" even though most of the time the company provides zero evidence it wasn't a single bored hacker in their moms basement.
A little bit of a gap in understanding too. Something happened to your account and you don’t know how? Hacked.
Turns out for a lot of people your piss drunk self, your weird ex boyfriend, and that person setting up fake OF with a selection of your public fb/insta pictures, are all threat actors too.
If the original account is to be believed, they did not know the owner’s passcode/PIN. The attackers gained remote access to a device without the passcode/PIN. This suggests it was not phishing.
It sounds like a legitimate usage of the word “hacked” to me. Maybe not the most critical vulnerability because they did not gain full access, but they managed to gain some level of control of the owner’s watch without their permission, and it sounds like the reason was not that they left it lying around unlocked (to be clear it sounds like they got control because the watch was unlocked in the owner’s wrist, but they were accessing it wirelessly- sounds like an issue with Apple’s security model that can be fixed).
My Skype account was hacked many years ago. It started with me getting an email about some credits being added (from my credit card that was in the system).
When I logged onto Skype, I had a new name, and a new contact, both of which were Ivan something. I immediately started chatting with Ivan, who told me that there was a weakness in the Skype login security, which he tried to exploit.
I changed my password to another Medium to Strong password, and a few minutes later my name was again changed to “Anders xoxo Hafreager”, and a message that he had hacked me again.
Check if you have an old email or phone number tied to the account. Attackers can get Microsoft to send one-time codes to them, no matter what else you have set up on the account. Worse, it seems this feature was added some time ago and every account was automatically opted into it.
I was getting dozens of one-time code emails per day caused by login attempts via what must have been Tor. None of them were successful logins, but it got me worried. They seem to have stopped after I reworked my account's requirements to include OTP, but now every couple of days my Skype app posts an error that it couldn't log in, when it is clearly logged in just fine. Even that OTP can't be a standard one, it has to be Microsoft authenticator.
Microsoft has been improving in a lot of ways lately but this is not just embarrassingly bad, it's substantially worse than it was a few years ago.
So true. Normies be using security questions like “What was your fist dog called?” while posting about their first dog’s name in public #insta while complaining about being targeted by a 1337 h4x0r.
Hacking is largely used to mean the breaching of a system by some unauthorized actor, and why shouldn't it? Word meanings change over time and this one got broader.
That said, phishing is a form of hacking the individual so even by a strict definition it still works.
Not sure if catalyst, but if the crowd learns something it is corpos and governments telling almost always the same story of getting hacked, cyberattacked, with the worst of criminal energy, even if its the most simple letting unpatched (more 1000days then 0days) software run or pretty much unsecured systems out open in the wild.. it is the common excuse everywhere for not understanding of an admitted for most too complex tech world.
Anecdotal, but 17 years ago it was also common to say "my runescape got hacked!" when in fact you typed your password on some runes-cape.freewebs.biz :)
Perhaps there is more to hack? At least when I was 20 years old, the only thing to be hacked was the dial-phone, a paper phonebook and perhaps a fax. Social media didn't exist.
Having so many accounts where some stuff might (or might not) be important, folks get very sensitive to being "hacked". Or in other words, having a stranger break in and rummage through their underwear.
I remember on boring days reading the factual entries in the beginning of the phonebook. I remember it as a broad description of how the bell system worked and how to use it.
In the late 70s in a central Pennsylvania farmhouse that was some of the earliest technical documentation I ran into.
Hack in popular tongue has always meant authentication breaches in general, the method is not important. It's been this way for as long as internet has been a household word.
I mean, there is Apple Watch Mirroring, which does allow remote control of an Apple Watch for accessibility purposes. If they were able to somehow exploit that, I would consider it hacking.
I sort of hate how this thread immediately rallied around “must be crazy people hallucinating” and I hope Apple takes the reports a bit more seriously & investigates.
Edit: I do agree that passwords guessed or phished doesn’t count in my mind as hacking.
Either the user had a bad digitizer, and misread and/or hallucinated the "We are in control" message, or the entire story is made up. Perhaps a group of people working together to post "Hey me too!" stories? I'm not sure what the motive would be, though.
Extraordinary claims require extraordinary evidence, and this is beyond believability.
It's pretty obviously fake. A bunch of "level 1" (new) users, all with the same story? They literally mention the exact time & date in the same style, and mention the 1-minute lockout in the same way as well. Two of them use the same timestamp even, down to the minute.
Also, something I noticed working for large orgs with over 100K staff and 1M users: An appreciable fraction of the human population is simply mentally ill. Hallucinations, drug use, psychosis, etc... all have a non-zero rate. Given enough users, you'll get the same type that imagines being abducted by aliens and even makes police reports that sound suspiciously like the sci-fi movie that's popular at the time.
Not necessarily disagreeing with you regarding the people that are imagining things, but with a device so relatively popular as the Apple Watch, this could be very well explained by a software update that messed up the touch screen "driver" and is generating ghost touches. As the update rolled out, it started affecting more and more users who turn to the forums to look for help.
One consequence of these ghost touches would be inputting the wrong PIN which will initially lock the device for one minute, so I don't see what's strange about that.
Which messages, specifically, are you referring to with "exact time & date" and "same timestamp"? I skimmed through them but nothing of sort stood out.
Not only that, but all those new users actually bothered to look for a pre-existing topic on their issue instead of making their own new topic. Unlikely.
A lot of the people here are much more experienced with technology, so our behaviour is going to be different, but I have a hard time understanding why someone would sign up for a forum as a first step for obtaining assistance. Calling the vendor, sure. Using vendor support options that connect me directly to their staff, sure. None of the people posting about the issue mention taking other prior steps in obtaining support (even though a couple of posts from established members say they should).
I suppose posting to the vendor forums is fine if you need support. On the other hand, I do not think it is an acceptable source of information about a security flaw in a product. There information provided is not verified. The sources are not verified. We don't know whether the details are true, a misinterpretation (innocent or malicious), or made up. In other words, there is no reason to trust what is being said. If I came in here suggesting that my computer was hacked, I would expect people to respond with similar incredulity. (I am simply someone who posts to a forum. There is no reason for people to trust anything I say, particularly if the posting doesn't contain detail on reproducing the problem.)
Personal experience from browsing n = n + 1 apple support threads:
Just message support. It’s much faster and has a higher chance of producing a result.
Their support raises issues directly to the dev teams when they happen often enough, too. There's a good chance the touch screen team is working their asses off right now on this already
FWIW - The commonality of alien abductions can actually be decently explained by sleep paralysis + hallucinations (+ the mind already having been 'seeded' by the idea).
It's something that perfectly sane people could experience and not realize it was a hallucination because it's a quite rare & unknown phenomenon(and one that you often won't mention because everyone thinks you're crazy if you say it).
You get different percentages depending on what you’re counting.
I regularly choose one of the first countries in those forms that collect your info so they can spam you. There’s some marketing person out there who is convinced Albania and Afghanistan are a cloud computing Mecca.
That doesn’t make me “crazy”.
Similarly, over 5% of students are on ADHD medication but they’re not what I would consider nuts.
What I mean is that there are people that would be homeless vagrants shouting about space worms burrowing into everyone’s brains, but they’re on medication and got a government job where from they’re nearly unfireable even if they stop taking their pills one day.
Two of my friends are conspiracy theorists… in private. It’s basically a fan-fiction club to them, a setting in which to make up stories.
I’ve met an IT guy who truly believed that software updates were a conspiracy and made sure that every system in that place used the “clean” golden image from the original CD and was never ever patched.
There are statics like “20% of all adults have some mental health issue” and then there is the guy who literally spends his day planning your murder because you didn’t talk to him at the water cooler.
Obviously this guy was fooled by a friend who was using his iPhone to remotely operate the watch (which explains the „we are in control“ phrase). Now in this forum numerous people that simply have a broken digitizer chime in. Case closed.
It wasn't obvious at all to me that that's even possible. But as it turns out: it's an accessibility feature (1) to mirror the watch screen on iPhone in order to voice control it or use assistive touch.
maybe some kind of anti commercial to not trust apple products?
but I wouldn't suspect any major brands for something at this level, so maybe just bunch of people trying to mess with people believes like it was multiple times in the past?
like with charging iPhone in microwave etc, basically noone benefits just some folks want to see people panic
I wonder how such hack would even work. The watch does have the option to control it remotely, through the iPhone accessibility options, but obviously this only works with the paired iPhone and not over the internet.
> but obviously this only works with the paired iPhone and not over the internet.
That's the intended design, but perhaps the trusted device layer could be bypassed under some circumstance? It seems extremely unlikely, but maybe not impossible.
edit: The more I read and think about this, the less I think it's likely. I'll keep this as a devil's advocate sort of message, but I feel like I should still point out that the entire premise here seems a little nuts and the people reporting the hacks are more likely to be uninformed/paranoid/etc and dealing with ghost touches than the watches were likely to be compromised.
Only one person reported the spam call in that thread, the Marcus-II commenter. Their comment shows up twice in the first page and once on the second page. No one else mentions the spam call.
The baseband processor is entirely separate, with some basic commands and responses communicated from the phone's CPU to the baseband, so even this explanation is suspect.
That's not true. Apple employees can see a video feed of your screen after you accept their support request (similar to screen sharing over FaceTime), but they can't interact with your phone remotely.
I’ve had this happen when I called in a support request for some iOS issue I had. Their interface has all the devices on your Apple ID, and they can enable screen sharing on any of them after you accept it via a notification. I have to admit, it must be a lot better for the support experience as opposed to trying to verbally describe what’s going on.
I have the same issue. It’s clearly a bug and maybe both the funniest and most serious one I’ve ever had to deal with.
In my case I was waking up to my watch using itself. It changed contacts, added locations in maps, placed and cancelled two calls to emergency services and more. I then made the mistake of taking it off my wrist. Now the screen is locked and the watch will continue to enter wrong PINs, locking itself for more time every time. You can’t shut it down - the watch will start to type and dismiss the shutdown dialog (or call 911 again!).
I haven’t gotten around to taking it to an Apple Store and have returned to my Garmin watch.
I am inclined to believe that the first reporter only thinks they saw this, not that it actually occurred (or they saw some random words appear on the keyboard that resembled this phrase).
Anyone who worked with users would tell you stories about the stories the users tell to support about how they "didn't do anything at all, didn't touch it and now everything is gone! it's your fault!"
By the way, yesterday my Apple Watch 2 popped up a keyboard and wrote "pflenker is leichtgläubigertyp!" can you believe it?!
I thought the same when I saw the video. I had the same problem with an Android phone, but the ghost touch was located in one zone of the screen because it was damaged. This looks like more like a software bug.
> they popped up the keyboard and typed “We are in control”
This reads like bad hacking fiction, complete with the guy typing that wearing a Guy Fawkes mask. Why the hell would the (hypothetical) attacker lose precious time doing something like that.
Not too keen on the anecdote either, but with the Flipper Zero script kiddies around, you can never be too sure. Just a couple of months ago, you saw headlines of low-skill pairing dialog DOS attacks.
I believe HID-over-GATT was recently introduced to iOS (only a decade late), and implementation details could potentially be relevant here.
Typing "We are in control" looks like kids bragging about their hacking skills. Not the usual hackers but who knows. Furthermore it means that the hack was not automated (yet.) A person was there, typing commands. Again, unusual.
On the other side hacking a watch is something that probably doesn't get unnoticed by the wearer if it must go through the UI. Are they subtler ways to get in control?
I have upvoted this, but on a second thought, this is probably what I would do as well if I had the possibility to observe the victim, yet all the chances to have not been caught. Makes for an exhilarating complaint and report as well (evidence: this thread).
Unless the "ghost touch" issue randomly typed "we are in control" on the author's watch like he claims, then I don't think it's related. If this isn't hacking, then the author is just lying (which is what I suspect, based on all the similar claims being made and upvoted by new accounts that have never engaged in any other topic on the Apple support forums before this).
That part seems made up. I don't think the watch possesses the capability for the level of remote control they are talking about, especially on production builds.
My guess is the same but I’ll just add that to this day I only have one message in my apple support forum account, posted when I encountered a nasty bug with iOS few weeks ago.
I wonder why most of the comments take it very casually and say may be issue with digitizer/ghost touch. Had it been any other OEM, this would have been such a big issue with anecdotes of why people trust apple products.
If you were genuinely remotely hacking a smartwatch, you’d be executing background processes to exfiltrate data entirely invisible to the user, not doing some bizarre remote desktop thing randomly tapping around on apps. The claim doesn’t pass the sniff test irrespective of the manufacturer.
From experience, you really can't just take user reports at face value. There's almost always something there, but it may or may not be what the user thinks it is.
So it's a good idea to apply Occam's razor.
Digitizer/ghost touch is probably the simplest explanation.
The only thing the hacked/pwned idea has going for it is the "We are in control" message, which is still a bit marginal if the watch really was hacked. (None of the other posts mention this and why would a hacker type that message in? Could be because it's a practical joke or maybe part of a phishing attack, but those are tenuous and nothing else mentioned supports those.)
If you have access to control the touch interface or to type a message on the screen you already have full control to the device. Look at the video, the input is so random, it's a software bug.
iOS developers who have done work for watchOS know that, during development, you are barely able to connect an Apple Watch to Xcode. It is flaky as hell. So thinking that someone can remotely control an Apple Watch is a bit hard to believe.
Ghost touches and typing "we are in control" with predictive text, sounds more plausible but still raises an eyebrow.
I think the "We are in control" thing is a dead giveaway that this is fake. Communicating with the victim might be essential to get access, but afterwards it's just about extracting whatever you need as fast as possible in my understanding.
Is it possible there’s an exploit to remotely touch, which at first looked random, but as people figured it out learned to actually operate the device?
let's imagine that that's the case.
imagine that you are the attacker that figured that out, what are you going to do?
start attacking random people with random clicks on their screen or keep it in private until you figure out details how to make it useful?
thats why this sound like some kind of hardware malfunction (or some substance on touch screen - I personally experienced ghost touches on my phone from dirty screen) or it's some kind of prank by kids using some flipper and previously authorized device or something similar
This looks very much like the accessibility feature “Control Watch with iPhone” when AssistiveTouch color is set to Grey in the Watch accessibility settings…
Apple Watch does have a remote control feature, intended for controlling the watch from your phone, as part of the accessibility options. It's certainly technically possible that this feature is being abused to get access to data that would otherwise be locked down by Apple's strict sandbox post-exploitation.
Or, more likely, it's some kind of shitty prank by someone nearby to the users.
First of all, why would anyone even care about you enough to want to steal whatever health data is available? Is there any particularly sensitive personal info stored there?
Second, presumably if one gains access to the device through a sophisticated hack they'd probably also be able to exfiltrate data without having to alert the user.
With all of that being said, I wish there was some sort of black box mechanism for logging certain events in such a way that the device itself can't tamper with it. That way you'd have a log that can be easily analyzed to judge whether or not a hack is likely to have taken place. Right now if you open the syslog on an Apple device it's filled with so much crap that it's basically impossible to detect if anything nefarious was likely to be happening.
> First of all, why would anyone even care about you enough to want to steal whatever health data is available? Is there any particularly sensitive personal info stored there?
This is a strange argument. Of course there can be sensitive data there. Photos, (i)Messages, eMail, calendar events, addressbook, health data, voice recordings, location data. The device is password-protected for a reason.
It is also usually connected to a paired iPhone and to the Internet. You might be able to do some shady stuff with the phone using private APIs.
> .. I wish there was some sort of black box mechanism for logging certain events in such a way that the device itself can't tamper with it..
This is called an append-only log. It can be built in many ways. Which way is suitable largely depends on the security requirements.
My personal favorite kind of append-only logging is transparency logging. If you'd like to learn more you can check out e.g. sigsum.org, an open-source project my colleagues and I have been working on for several years now.
It's a factory test script is getting triggered on the watch somehow.
It would normally be run near the end of the manufacturing process to ensure everything is working as expected. It automatically runs through a series of steps hitting a wide swath of watch functionality and would look a lot like someone rifling through a watch remotely. But a persons watch wouldn't have test data or factory password, so the script soon ends up getting the watch locked (or maybe that's just part of the test).
It could even conceivably type the message "We are in control" (though I have my doubts about that part of the story), because, as those of us who know some hardware verification folks, that's right where their sense of humor is.
If this is actually a bug as most of you think. It's likely a hardware bug and all these devices are kinda faulty? Isn't that the real news here.
If it's an hardware issue with touch it just means that no software patch can actually fix it enough to not waste battery in future. And that there is a realistic change that the issue gets worse when the devices get older.
There’s a feature to use your iPhone to do keyboard input on an Apple Watch. Could it be that? Don’t tell me Apple left out some authentication. I know you can do something similar with text input when you’re on the same network as an Apple TV and someone’s inputting text. It’ll prompt on your iPhone to submit keyboard input.
This whole thread is filled with terrible advice and wannabe Snow-Crash writers, plus people who think "hackers" are scrolling through your files just to get to your fitness files.
I am kind of shocked, that state of mind was acceptable around 95-2000, but not a quarter millennium later.
I for sure live i a bubble, but are people really like that?
I've only had to browse it for information a few times, but it really is shockingly useless. I've never found an actual answer on those forums.
Even Google's practically useless forums have helpful users who suggest workarounds between the hundreds of "I have the same problem" comments. Microsofd's near-useless forums have some good information if the thread doesn't die once a Certified Super Microsoft Systems Engineer tells you to reinstall Windows (because that seems to be all they can come up with). But for some reason, Apple's forums are somehow worse. Maybe it's because of Apple targeting a more tech-averse audience, I don't know, but when it comes to Apple's forums, nobody has any real answers.
I think a lot of it has to do with there often not being actual answers as most of the system is hidden from the user anyway.
But I have had the exact same experience. Up to really hostile behaviour and suggestions to reinstall from scratch. (I didn't know I need to start 'code' to agree to a license to update the c compiler, absolutely new to the OS coming from Linux and stuck for nearly a day) got plenty of feedback in a short time but most were along 'go back to windows' or 'did you try [obscure third party tool]', literally none actually helpful. Could be bad question asking, or just unlucky experience but it stuck to me.
I rather get ignored in Microsoft forums or semi angry 'where are your complete logs!?!1' in the Linux forums.
I had exactly the same problem last week. Random touch & drags on the watch, it took me some effort to shutdown the watch without making an accidental emergency call.
Given apple's security track of record and the fact that I pose no value as a target for the such an hacking effort. I deducted that it just was ghost touch.
Modern software is bad enough that I wouldn't be surprised if this is true, but the modern stock marked is also detached from reality enough, that I wouldn't be surprised if this was an attempt at market manipulation either.
This happened to my watch; it was not a fun day at all. Not sure if it was a glitch or a hack but it was very disconcerting and I did a full factory reset, re-pair and a different passcode.
Apple has a strong security track record, and its devices are generally considered to be more secure than other brands. However, no device is completely immune to hacking... This is the first time i've heard about Apple Watch hack
This has nothing to do with hacking and everything to do with the ghost touch issues that apparently affect multiple Series 9 and Ultra 2 users (although I’ve not seen it on my series 9 myself).
Way back in the early days of Android (pre Ice Cream Sandwich), I spoke to one co-worker who told me that when they looked at their Google Map app while driving it would show their actual physical car (and all the other surrounding vehicles etc.) on the satellite view - in motion - in real time.
No manner of attempts by me to state why this was impossible would dissuade them and they went away thinking I was the technical idiot as a result.
So “we are in control”?
Yeah, no.
This is what happens when folk think that shows like NCIS and their ilk are factual based docudramas.
Yeah, if you told me I had 5 seconds to pop up the keyboard on my Apple Watch, I would probably lose. Maybe I'd try to go through my GF's button to her profile and then to messages? Where else can I get a text input really fast?
I think the OP in the linked thread is a complete hoax, and all the commenters are experiencing the random phantom/ghost input issues, googling it and hitting that thread. If you read carefully they all sound like their watch is receiving random inputs.
So not hoax then but scared users that need to help understand their device and it's honestly very bad bugs?
Not sure it does matter at this point, these people paid $800 and now feel their device is heavily insecure, they need help and a explanation from official side they understand.
I was with you until "Likely submerged it in water and it was all over". Flagship phones and watches have been waterproof for many years now. I use my iphone and my apple watch in both the pool and the shower regularly with no issues
Ah, but what you're failing to take into account is that there are magnets in the Apple Watch. And as we all know, you drop some water on the magnets, that's the end of the magnets.
I was swimming with my Apple watch in Hawaii, after a couple of days of swimming the side button sank into the case and got stuck. Now the fun began, long press on that button is an automatic call to 911. I had several calls happened and had to explain to a 911 operator why I'm calling but eventually I was able to turn off (shut down) the watch completely.
I think you just got unlucky. It's a mixed bag with "waterproof" phones, but [flagship] smartwatches should be pretty solid. My GF and I both had Galaxy Active watches, now we have Apple watches, we go swimming and kayaking with them, zero issues.
Not as unlikely as one might think. The random inputs, after unlocking the watch with a passcode, might hit the messages app if that is set up as a complication. Then something similar to we are in control is written (drawn letter by letter), which might autocorrect to what OP in TFA saw. Apple autocorrect can come up with some wild sentence constructions.
I read it all the time, "my insta was hacked", etc.
I would really like to know if hacking is as common as it is reported rather than a successful phishing campaign, a simple issue of forgotten password or getting locked out of email, account ban for rule violation, or something else entirely unrelated to actual hacking.
In this case my skepticism skyrocketed when the hackers write "we are in control".