An Australian man has been trapped in a nightmare never-ending cyber hack for two years that cost him his job, home, and whole identity.
Simon Edwards, 44, replaced all his devices multiple times, spent $10,000 on tech support and moved back in with his mother in a desperate effort to expel the intruder – all to no avail.
The hack was so widespread that his TV, car, security cameras, social media accounts, and even his tax return were taken over by a mysterious outsider.
He has to carry around a Commonwealth Victims Certificate to prove his identity and get help from government agencies and financial institutions.
Mr Edwards’ nightmare started with a trip to an Apple store in Melbourne in late 2019 after his iPhone and laptop started behaving strangely.
Edwards estimates that he has lost $9,500 dollars and nearly lost another $10,000
His browsers were plagued with pop-ups, emails refused to send, and he received dozens of scam calls a week.
Tech staff told him the results of their analysis were inconclusive, but six months later called him back with a creepy discovery.
‘You’re the child and there’s a parent,’ he was told, despite being a single man who lived alone.
The employee was referring to parental controls that were activated on his devices without his knowledge, locking him out of apps and monitoring his every move.
All of Mr Edwards’ devices were linked through bluetooth, allowing the hacker to install a family sharing network with themselves as overlord.
The system is be used to share books and music or to set time limits on children’s devices and restrict access to websites and applications.
His devices would lock him out of apps, the screens would shake and purchases he didn’t recognise were made.
The ‘screen mirroring’ feature on his devices was also constantly turned on, streaming his laptop and phone screens to the invisible third party.
‘This has completely ruined my life,’ Mr Edwards told News Corp.
‘Every shred of personal data is gone. I can’t change my date of birth,” he said. “I can’t claw back what’s happened. I have to live with it.’
Edwards had to replace his email address, SIM and bank cards to try fix the problem
Mr Edwards fears the malware that allowed hackers into his IT came from a person he matched with on a dating app.
‘I’ve always been the person to think the best of people but it’s changed how I view everyone around me. It just takes one person with bad intentions to wreak so much havoc,’ he said.
The breach allowed hackers into his internet accounts including access to his credit cards, social media, and tax returns.
Edwards estimates $9,500 was stolen and he nearly lost another $10,000, plus thousands more in costs dealing with the fallout.
Much worse was his life being turned upside-down with the hacker and the malware they implanted being so persistent he can’t escape.
‘I’ve done every different common sense thing you can think of, new phone, new email address, new SIM card, new credit card number, where there’s no carry over.’ he said.
Constantly plagued by problems, Mr Edwards quit his job last April and left Melbourne to move in with his mother in regional NSW.
Apple gave him just $300 in compensation and his problems have no end in sight.
Edwards was told a third party had gained access to his devices through the Apple ‘family sharing’ feature
Family sharing heightens access between family accounts. Even lost or stolen phones on family sharing allow the thief to potentially gain access to personal and sensitive information from other accounts including passwords and locations.
Mr Edwards case isn’t the only one, other people have also experienced third parties accessing and controlling people’s devices through initially exploiting family sharing access.
There are a couple ways that someone can put your devices under their restrictions through family sharing.
These include the user mistakenly approve a notification that gives the option to join someone’s ‘family’, or if someone else (a ‘family administrator’) has your password, they can add you to their family.
You can make your Apple ID more secure by enabling the ‘two-factor authentication’ feature.
At least 5.3 million Australians were targeted by cybercrime in the past year, and spent 27 million hours dealing with it, according to the 2022 Norton Cyber Safety Insights Report.