That’s pretty cool how the log was automatically sent to:
Does anything look wrong in that log? Or does it seem pretty normal?
What about the pacman log?
The error message said something about chwd. Which is probably my fault considering I had disabled a few devices in the bios/uefi settings, like the bluetooth, the camera, the speakers, the keyboard backlight, etc.
I found and read:
and I plan on getting and installing the current version of Cachy but I’m posting this because I wanted some experienced eyes on those logs.
I’m hoping to disprove my (seemingly far-fetched) theory of a potential bios/uefi rootkit.
Let me back up a bit (warning: this post might get even more lengthy).
In our home Wi-Fi network’s web interface I saw what I considered excessive tcp and udp sessions from my computer, and my parents’ computers. Mine had like over 50 sessions when I only a couple Brave browser tabs open. My mom and dad’s Windows machines had even more sessions and both of them were watching TV–not on their computers.
As far as I know those amounts of sessions could be normal though.
On my laptop, in the system monitor tool I saw a connection from someone with the IP of 192.168.0.14 (mine was 192.168.0.8) transmitting data to/from somewhere else.
Wireshark showed a bunch of traffic and dbus was transmitting like crazy but I think that was just local.
The dmesg and journalctl logs contained things that seemed suspicious to me and I stumbled on a bunch of tools and scripts that were new and weren’t mine.
Haha, I ended up rage-deleting entire directories and screwed up my OS. Then I did the secure-wipe thing of my internal SSD and reinstalled CachyOS from a USB that still had the iso on it.
Not to mention there have been other things that made me think my shit got hacked.
Look at this picture. I accidently did a middle-click and it pasted this curl command headed to wigle.net:
https://pixeldrain.com/u/AAXwThRo
I’m like 98% sure that I never sent curl to Wigle. I tried putting those hashes into crackstation.net just to make sure that that’s not from me but no such luck.
Anyways, thank you all for your time and sorry this post got so long. I know you guys do a ton for this community and I’d hate to waste anyone’s time