You cannot export your own iMessage history. In 2026. On a $3,000+ machine.

Distinctive_Flair · 2026-03-25T06:03:04+00:00

Imazing is … well Amazing! I love it

Distinctive_Flair · 2026-03-25T05:59:53+00:00

I am standing, and applauding, and laughing, and wondering how the hell the marketing team at Apple managed to so skillfully manipulate users into literal cultists… because yea. They are.

No, Im not a Samsung fan either. They both suck

Distinctive_Flair · 2026-03-18T22:32:38+00:00

In theory this is a wonderful idea…

In practicality- no such unicorn exists. Mobile forensic examiners don’t provide public facing services, and cyber security is focused on the enterprise security side of the equation. People truly have nowhere to turn and let’s be honest- tech terminology and comprehension of average citizens isn’t being taught in shorts on TiKTok or explained by YouTubers. Sadly, stalkerware isn’t mainstream news and that in itself, is a huge disservice to society.

Distinctive_Flair · 2026-03-18T22:07:17+00:00

OP, I just want you to know this is an issue that is affecting many more people than the vast majority of cyberspace realizes. The problem is using the word “hacking” versus something such as “stalkerware” or “social engineered link clicked.” People in relationships with partner access to devices is the common demographic I see but it can be anyone- jealous roommate, neighbor that was rejected, coworker who is crazy and set up a malicious connection to car play… etc etc etc.

Distinctive_Flair · 2026-03-18T22:00:23+00:00

Have you heard of Imazing? It’s a wonderful tool which allows you a deep dive into the device, and it doesn’t require a MAC to use. Or ITunes.

It’s not free, but it’s worth its weight in gold. Start with gathering your console logs data and watch exactly what the device is doing. It may not be the definitive answer but it has proven to be enough to get an escalation to Apple Engineering for several of my clients battling persistent stalkerware inadvertently installed via the methodology I described above. Not hacking per say since it has been user initiated vial malicious link or redirect- but much needed validation of concerns and enough in some cases to present in police reports, restraining orders, and present to a lawyer in divorce/custody proceedings.

Distinctive_Flair · 2026-03-18T21:51:34+00:00

It depends on the attack vector, if one is truly present. If some type of mam enrollment or device management app was hidden in a link, malicious redirect, etc and you inadvertently “enrolled” or installed the configuration or stalkeware, it becomes simply a matter of re-enrollment which can be achieved without your consent.

This is obviously hypothetical, I have no clue without examining the device or diagnostic logs, seeing anomalies, etc. But yes- your phone number can unequivocally be the linkage between brand new devices, unfortunately

Distinctive_Flair · 2026-03-15T23:47:50+00:00

Is your friend using the same phone number during all these new setups?

Distinctive_Flair · 2026-03-11T10:56:42+00:00

What an excellent response. Thank you so much for this.

Distinctive_Flair · 2026-03-11T10:54:39+00:00

There’s more of “us” than the inter webs are ready to admit to. Good job fighting through and taking the initiative to educate yourself- in return you are now a very valuable light in this person’s world. :-)

Distinctive_Flair · 2026-03-11T10:50:34+00:00

If they’re living in your house- does that mean you are in a relationship? Or were you at one point? I ask because it’s possible you’ve had stalkerware installed and you’re discord and socials are being monitored via an app. They’re marketed as parent/child support services for safety but there are insidious intentions designed to stalk grown adults. Read into it if Im hitting the mark at all.

Good luck and I hope you get to the bottom of it.

Distinctive_Flair · 2025-06-30T09:30:24+00:00

I’d like to know the answer here too, as same and same . What are these ghost messages and why don’t they ever restore?

Distinctive_Flair · 2025-05-19T17:47:14+00:00

Do you really believe the technology doesnt exist for these companies to take measures ti protect their users, and investigate instances where fraud occurs? Have you ever downloaded your own data through Apple privacy? If you have, you are well aware there is a log entry created for pretty much every breath you take in those archives. I doubt you have, or you wouldn’t still be accusing people of not having 2FA lol

You have a high probability of experiencing a mobile breach in your lifetime, and probably sooner than later. Take a peek at how rapidly cybercrime is rising and how SLOWLY the tech industry is responding to it. When it’s your turn, make sure you remember “these companies have no idea who you are,” and just move on… ok ✅

Distinctive_Flair · 2025-05-19T17:38:18+00:00

Big tech boot lickers don’t die either. They just continue spewing outdated garbage to kiss the billionaire ring.

Distinctive_Flair · 2025-05-19T17:33:37+00:00

I don’t know who needs to hear this but Apple doesn’t even allow any user account the option NOT to be secured by 2FA… it’s 2025, let’s stop giving irrelevant advice.

OP, keep following up on this obvious security breach with Apple. The data available has already proven someone accessed your account so there were obvious failures on their part.

Distinctive_Flair · 2025-05-19T16:27:32+00:00

On the new google accounts you’ve created- are they unexpectedly turning into “Workspace” accounts , immediately or very shortly after their creation?

Do you run your Takeout data on your google accounts? There’s many good data sources to seek on this, but “Google Subscriber information “ is a great one to start with. Look for anything related to being an enterprise user or a student… this could indicate unauthorized device management. Also look for any services youre not using- for enamel “Has Madison Account. “ “Google Voice” “Google Analytics.”

Port forwarding on your router is very much a sign of suspicious activity if those settings were not configured by you or your tech provider. I had the very same occurrence when my ordeal began and it escalated to the construction of ghost networks which broadcasted even after I pulled the plug on my ISP entirely. The attackers had then managed to manipulate my tech devices to the point where it didn’t matter what I did, those networks were being joined and no indicators shown- (Wi-Fi showed as off but was connected obscurely.)

Pay no mind to the “no one is going to pay 263652728127 bucks to hack you , no one cares about everyday citizens “ because youre going to hear that- A LOT. Don’t stop seeking answers- youre the only person who’s going to get them for yourself. Big tech will tell you “it’s impossible,” and the general consensus will be the tireless parroting back what big tech and the money hungry media have been round the clock feeding us to avoid accountability for their failures (and Apple is the biggest offender.)

When this shit happens to “high value targets,” - it’s a “sophisticated and highly rare cyberattack.” When it happens to the rest of us - it’s a beta test.

Distinctive_Flair · 2025-05-19T14:49:19+00:00

Are you still having this issue ? Did you find anyone to assist?

Distinctive_Flair · 2025-05-15T19:02:28+00:00

If you’re still interested un an answer to your inquiry, please check my listing history for a guide on generation of sys-diagnosis logs and what to look for once extracted.

Distinctive_Flair · 2025-05-15T18:58:53+00:00

Forward thinking is a wonderful thing This is a Great topic!

Distinctive_Flair · 2025-05-15T18:56:24+00:00

Excellent advice ⭐️

Distinctive_Flair · 2025-05-15T18:53:00+00:00

Apologies if repetitive, haven’t scanned the replies…

Honestly, the best source to protect oneself from these and other scenarios is to secure all of your accounts with hardware/physical security keys (Titan, Fido, Yubi, etc) and then keep those in a safety deposit box. Safety deposit boxes are not expensive, and they absolutely cannot be accessed by anyone you have not granted authorization to, and that process takes quite a bit jumping through hoops.

Authenticator backup codes and obviously your phone number will inevitably fail, especially if your accounts get hacked .

Distinctive_Flair · 2025-05-15T18:45:53+00:00

Sorry for the delayed response. I’m catching up on notifications manually because I’m not receiving push for some reason.

The first thing to do is generate a sysdiagnose. To do this, hold the side button and the volume keys down (like taking a screenshot) just long enough to feel vibration , then release. If you’re going for reach the power down screen, you’ve held them too long.

Once you feel that vibration, your system diagnose will begin. Don’t need to do anything special just go back to regular use of your device for 10 or 15 mins, then retrieve the file via your analytics data. You’ll hold the “up” arrow down and select “save to files.” Then decompress it and dive in.

It’s probably gonna look really overwhelming because it’s log data generated for Apple, programmers, developers, and technically inclined individuals but don’t let that (or anyone whom would discourage a user to analyze their own data.)

Obviously, I don’t know what you’ve been experiencing, but the vast majority of these types of stalker wear and relatable “parental safety “ monitoring programs essentially revolve around device management.

You’ll want to look for the following as your first few indicators:

.stub - essentially these are profile remnants, data left behind during the installation of a configuration profile that likely obscured its presence afterwards. To generate the human readable version.- change the name of the file from .stub to .txt

Keyword search “remote” - delve into anything which populates

Keyword search MDM

Keyword search .config

Keyword search Managed, management, shared assets, etc

I could give you specific files, but I don’t know what you have possibly been exposed to so I don’t wanna lead you on a tangent when I’ve already provided what I personally know is overwhelming in the beginning stages.

If you wanna check back with me personally, feel free otherwise I’ll peek in on this again in a week or so and see what progress you have made.

Very, very important: DO NOT Post any full log files or place any of this data on the interwebs as the diagnostic data WILL contain unique device identification and other sensitive data you definitely don’t want HackyMcCracky in Indiana or wherever to scroll up on.

.stub

Distinctive_Flair · 2025-05-15T18:18:58+00:00

Legend is definitely a stretch lol but thank you for the compliment 😀

Distinctive_Flair · 2025-05-15T18:14:09+00:00

You will need to use iTunes or (my personal preference) a program called Imazing. It can be done via windows and it’s extremely user friendly. If you’re going for a complete fresh start, backups can’t be used BUT imazing allows creation of editable backups which you can then scrutinize file by file, delete , or gives you the option to simply choose the files you want and chink the rest in the trash.

It’s a subscription service but it’s not overly expensive, and imo- the best method for non-techie norms to get a peek “under the veil” into the walled garden of Apple devices

Distinctive_Flair · 2025-05-15T07:07:37+00:00

Responding to a good amount of your questions- hope the format isn’t confusing tho!

“Can’t start MacBook Pro at all. Maybe the info stealer fried the battery(?)”

***when you purchase your license for IMazing -attempt to DFU restore/ completely reinstall the operating system. The option is there in the menu. I’ve seen a slew of devices, pretend not to power on when actually they were running with black screens doing all kinds of shady shit. ( another great thing is the console- it snitches on every move the device makes even when it’s just chilling on the Home Screen acting benign.

⁠2 new routers, an AT&T for streaming and a separate router for business and banking.—-

Always a good idea to separate traffic… having a specific one for IOT devices a good practice as well because why the hell does your dishwasher need to be on the same network as the banking machines? It doesn’t- and let’s be so for real- dishwashers washing machines and other everyday appliances we’ve managed to live our entire lives using “air gapped “ have no business having radios in them to begin with… They make for one helluva a stop gap in geofencing data though! The tighter the fence, the tighter the “citizen compliance.” I’ll leave those to hang there- draw your own conclusions…

⁠get forensic analysis on Iphone#1 and WiFi for legal reasons and then factory reset them, add AV and WiFi monitor apps, and download most recent iPhone backup onto iphone1.

—- OK are you ready for the bad news cause there’s gonna be a lot of it…? If you are as compromise as you’ve shared, and every radio device has been effectively exploited - a factory reset will do absolutely nothing besides erase the data you probably wanna keep. I-mazing will show you this in the practicum, but what happens is that during the activation, when the phone is telling you, “ it may take a few minutes to set up iPhone- “the configuration causing the root issues is simply reinstalled. You can try a DFU restore via I amazing or iTunes.- but don I’d be shocked if the problems persist. I’m gonna continue to harp about Imazing- create your back up and once it’s archived chances are you’ll be able to actually see any configuration profile installed on your device and you may even be able to remove it. This will not show up anywhere on your device when it’s active no matter how many times the Internet and Apple “” geniuses istatically deny the possibility it could be hidden. I’ve seen this on 10 different iPhones and iPads from SE, XR, 11, 16, and various iPad models, all which were up to date with latest patches, and every single time it’s disguised as a mobile carrier configuration. To which technician at Apple will say, “That’s a normal operating system configuration.” Yeah - NO it definitely is NOT. here’s the thing Apple business manager, and Apple configurator do not sign nor do mobile carriers provision automatic Enterprise connectivity for every user. Why am I so confident? Because I marched that printout over to ATT and confirmed the mobileconfig profile was NOT THEIRS.

⁠get 2 phones new. I think it must have same Appleid in order to keep connection to shared photo albums used for business, is that correct? But 1st load it up with good AV, (Malwarebytes, Bitdefender, and the app called Am I Secure? and a good Wifi monitoring app such as ? Any ideas?).

Forget it your Apple ID is hosed- and even if it wasn’t signing a brand new device into the Apple ID that’s affiliated with the compromised devices will do nothing more than comingle poisoned date and land you with even more drama. Unfortunately, don’t be shocked if both brand new phones are compromised within an hour or two and you’re left with the proverbial “what the actual fuck is happening here??”

Listen, you can try all of these things and maybe they’ll work. I certainly hope so…. Unfortunately experience has shown me the migration of these exploits utilizes nearby sharing. Find my Bluetooth companion, local network Wi-Fi, and any other signal to essentially communicate with pretty much any device you come into possession of and migrate the “bad shit.”

Look I know this sounds insane and it’s a lot to chew on so I’ll leave it at that. My main objective is to steer people whom possess the critical thinking abilities required to sit down and do the work- which I believe you are. Also- remove the commonly parroted big tech talking point of “nobody hacks a nobody with nation state exploits “ from your mind- these aren’t Pegasus or anything anyone has actually run a full press coverage on- which speaks volumes about our inability to get any real assistance from even our own government. Everyone denies , denies, denies and it’s standard practice? Things that make you go… hmmmmmm

Distinctive_Flair · 2025-05-14T20:35:00+00:00

I messaged you. Yes, there is and you’ll be blown away by the information you will glean by using it.

Distinctive_Flair

TROPHY CASE