ANECompilerService - Apple Community (2024)

Loading page content

Page content loaded

Question marked as Top-ranking reply

User profile for user: Chrissyc77

Chrissyc77

User level: Level1

12 points

May 27, 2023 9:44 AM in response to gravityfed

ANECompilerService - Apple Community (2)ANECompilerService - Apple Community (3)I have the same issue. How do I remove it? I’ve restored my phone to factory I can’t seem to get it off. Not sure what this means but it seems like someone has total control of my phone.

Link

User profile for user: hechoentexas

hechoentexas

User level: Level1

12 points

May 20, 2023 10:09 PM in response to gravityfed

@gravityfed

You weren't paranoid or in the wrong for asking. Yes, it's compromised. As I have found out the long, torturous and painful way of finding out that Apple will not tell or even confirm if your account is compromised. Nor tell you what devices, telephone numbers, email addresses are attached to your account. ONLY CONFIRM. Plus when you call Apple Support, even a Senior Advisor will only go as far as telling you to wipe aka factory reset. But they will twist it to where it's an error on your part and always answer a question with a question. It's bogus.

Link

User profile for user: gravityfed

gravityfed Author

User level: Level1

84 points

Jun 28, 2023 5:19 AM in response to Tom Gewecke

Yes to your question, in fact all my devices are wrong:

  • I am forced to use modified beta apps, in Googles case, old open source versions. I also have beta versions of Apple architecture like SpringBoard. I am not enrolled in any beta programs and I don’t have TestFlight installed.
  • My emails are (intermittently) intercepted and replies are spoofed.
  • My Apple devices connect to other devices, despite this having been turned off (not just in terms it of looking around to see who is nearby which most mobiles do) but literally connecting directly to it via its IP address.
  • My devices are actively sending and receiving iMessages and FaceTime despite it being disabled.
  • Siri is recording despite it being disabled.
  • My location is monitored despite location being disabled.
  • Numerous triggers have been set up (not by me) to activate, for example when in a vehicle and voice triggers.

They’ve been reset by Apple with no change.

[Edited by Moderator]

Link

User profile for user: gravityfed

gravityfed Author

User level: Level1

84 points

Sep 19, 2023 11:56 AM in response to gravityfed

Our computers and devices are currently under the control of an unknown attacker, so this information relates to my initial enquiry as to what ANECompilerService was for others seeking information. These are legitimate Apple services being misused. We are not enrolled in an Apple developer or beta program and the devices have always been kept updated and in lockdown mode since purchase.

ANECompilerService appears to be related to developer activities. It has been observed compiling unknown code both on macOS and iOS alongside kernel, triald, Trial, mediaanalysisd and PegasusKit in the forms of aned, _ANEServer, Espresso, ANECompiler, ANEServices, AppleH11ANEInterface and AppleNeuralEngine.

com.apple.aned

555 0 aned: [com.apple.ane:aned] -[_ANEServer initWithDataVaultDirectory:dataVaultStorageClass:buildVersion:tempDirectory:cloneDirectory:]: dataVaultDirectory=/Library/Caches/com.apple.aned555 0 aned: [com.apple.ane:aned] -[_ANEServer initWithDataVaultDirectory:dataVaultStorageClass:buildVersion:tempDirectory:cloneDirectory:]: buildSpecificModelStorageDirectory=<private>555 0 aned: [com.apple.ane:aned] -[_ANEServer initWithDataVaultDirectory:dataVaultStorageClass:buildVersion:tempDirectory:cloneDirectory:]: modelAssetsCacheDirectory=<private>555 0 aned: [com.apple.ane:aned] -[_ANEServer initWithDataVaultDirectory:dataVaultStorageClass:buildVersion:tempDirectory:cloneDirectory:]: inMemoryModelCacheDirectory=<private>555 0 aned: [com.apple.ane:aned] -[_ANEServer initWithDataVaultDirectory:dataVaultStorageClass:buildVersion:tempDirectory:cloneDirectory:]: tempDirectory=<private>555 0 aned: [com.apple.ane:aned] -[_ANEServer initWithDataVaultDirectory:dataVaultStorageClass:buildVersion:tempDirectory:cloneDirectory:]: cloneDirectory=<private>555 0 aned: [com.apple.ane:aned] Ready to accept restricted and unrestricted XPC connections555 0 aned: [com.apple.ane:aned] <private>: SecTaskCopyTeamIdentifier() returned teamIdentity=""555 0 aned: [com.apple.ane:aned] <private>: SecTaskCopySigningIdentifier() returned csIdentity="<private>"557 0 ANECompilerService: (Espresso) [com.apple.espresso:espresso] Creating context XXXXXXXX04 eng=10008 dev=-1557 0 ANECompilerService: (Espresso) [com.apple.espresso:espresso] Creating plan XXXXXXXX20557 0 ANECompilerService: (Espresso) [com.apple.espresso:espresso] Creating plan XXXXXXXX20557 0 ANECompilerService: (Espresso) [com.apple.espresso:espresso] espresso_plan_add_network plan=XXXXXXXX20 path=<private> cp=65568557 0 ANECompilerService: (Espresso) [com.apple.espresso:espresso] Loaded network: '<private>' pf=10008 cp=0557 0 ANECompilerService: (Espresso) [com.apple.espresso:espresso] espresso_plan_add_network plan=XXXXXXXX20 path=<private> cp=65568 Completed557 0 ANECompilerService: (Espresso) [com.apple.espresso:espresso] Destroying plan XXXXXXXX20557 0 ANECompilerService: (Espresso) [com.apple.espresso:espresso] Destroying context XXXXXXXX04557 0 ANECompilerService: (ANECompiler) ANEC Compiler Input used legacy key names 'NetworkPlistName' 'NetworkPlistPath' - please update to use 'NetworkSourceFileName' 'NetworkSourcePath'...557 0 ANECompilerService: [com.apple.ane:compiler] <private>: SUCCESS: model=<private> : output=<private> : lAttr=<private> : lErr=(nil)555 0 aned: [com.apple.ane:aned] Compilation success: attr=<private>555 0 aned: [com.apple.ane:aned] END: <private>: <private> : <private> : <private>

ANEStorageMaintainer is also developer related with an ANEVirtualClient:

ANEStorageMaintainer

com.apple.private.ANEStorageMaintainer

ANEStorageMaintainer

The main signs include iOS logs that have a Beta Indentifier number. This is found at the top of logs where apps installed are referenced.

Beta Identifier: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX

Additionally, there will be the mention of titles like "legacyInfo", "trialInfo", "rollouts", "rolloutId", "factorPackIds", "deploymentId". As well as "experiment" information towards the bottom of some logs with some of these titles: "treatmentId", "experimentId", "deploymentId".

On macOS you can capture logs in the Terminal.app (a good time is immediately after startup) using the command:

sudo log show --info --debug --last 2m

Please don’t bother replying with negativity. Users have a right to enquire when they feel something is not right on their tech, those responses are unhelpful and frankly, tiresome.

Link

User profile for user: Tonyd4151

Tonyd4151

User level: Level1

8 points

Jan 22, 2024 6:48 AM in response to gravityfed

You device is using a service call mdm. ( mobile device management) some one is harrassing you. Look up on Apple support , Apple supplies all the tools to allow anyone with your cereal number to crest a school, business , or what ever account which uses your google account ( workspaces , and then gives the person full control of your device . They monitor everything on your phone and you have no control , the modify apps and restrict you from getting a normal phone. Search device management.. it’s a nightmare to put it lightly . They need no passwords , Apple supplies login tokens , do can’t bother changing passwords ..

start here and read on … you will never get control of your device ..

mall the criminal has to do is send you a text with a photo and load it with JavaScript callback code from GitHub or whatever and get all info off your device and set up this great monitoring tool to basically distort your life … support has no idea and will deny any and all information or knowledge ..

Link

User profile for user: gravityfed

gravityfed Author

User level: Level1

84 points

Apr 25, 2023 3:19 PM in response to gravityfed

Just following up for anyone also looking into these logs on their device. I discovered it is exploit CVE-2022-46689 which has been used to gain root privileges to my MacBook Pro, Mac Mini, iPhone and all our iPads (and wifi, security camera access). This exploit will allow someone to silently control your devices whilst sending your data to its servers. Unfortunately the problem persists regardless of patches/updates and re-installs.

Link

User profile for user: gravityfed

gravityfed Author

User level: Level1

84 points

Jun 26, 2023 12:31 AM in response to zenafromlancaster

@zenafromlancaster

From my investigation this has become a very sophisticated operation stemming from an exploit which allows an attacker to gain kernel privileges.

You know it’s bad when your SpringBoard on your iPad is a modified beta version.

Command: SpringBoardPath: /System/Library/CoreServices/SpringBoard.app/SpringBoardIdentifier: com.apple.springboardVersion: 1.0 (50)Is First Party: YesBeta Identifier: XXXXXXXX-XXXX-XXXX-XXXX-4AC737AC4784Resource Coalition ID: 9Architecture: arm64eParent: launchd [1]PID: 31Event: disk writesAction taken: noneWrites: 1073.77 MB of file backed memory dirtied over 54242 seconds (19.80 KB per second average), exceeding limit of 12.43 KB per second over 86400 secondsWrites limit: 1073.74 MBLimit duration: 86400sWrites caused: 1073.77 MBWrites duration: 54242sDuration: 54241.79sDuration Sampled: 54232.25sSteps: 285 (10.49 MB/step)

Link

User profile for user: gravityfed

gravityfed Author

User level: Level1

84 points

May 4, 2023 4:47 AM in response to Wattermellon

@Wattermellon

I have some further information, ANECompilerService is apparently a process that runs on Apple products with Adobe Creative Suite installed. ANE stands for Adobe Native Extensions which developers code for Adobe AIR applications. ANE files are libraries of native code, ANECompilerService compiles the code into an executable format. When there is an issue with the ANE compilation it may create a log entry, which is what we have found on our devices.

So, it’s a legitimate process, albeit an executable so worth keeping an eye on, HOWEVER, if you do NOT have Adobe AIR applications installed then it’s highly like either you have malware or an active exploit is using the compiler to execute code.

In my case, it has never had Adobe on the iPad (or my iPhone which it is also on). My compiler was accessing libcommonCrypto.dylib which is a cryptographic function for encryption, decryption etc and this is not something that ANECompilerService should be accessing along with other security processes. At the time of the crash it was using several system libraries and system level components. There was also the issue that the check for a root certificate failed or was invalid.

I also found evidence in other logs of security violations on the iPad. I also have a compromised MacbookPro and Mac mini (which has now been confirmed) which were both interacting with all of our iPads (also confirmed) even though they have different Adobe IDs for some devices.

The bad news is, if your appearance of the log is not for a legitimate reason then it may be impossible to get rid of, for me, Apple Store performed a full reset and it hasn’t gone away. The lastest security update which came out yesterday also did not make a difference. I run the iPad in lockdown mode but that hasn’t made any difference, they have altered the operating system.

I am waiting to hear back what the next steps are.

Link

User profile for user: Tom Gewecke

Tom Gewecke

User level: Level10

117,382 points

Jun 26, 2023 6:04 AM in response to gravityfed

gravityfed wrote:

I have since found it is part of the Apple Neural Engine, as I found a full path in my log.

Yes, good to hear you have found what was in line 12 of the log in your first post on April 1.

Is there actually anything wrong with your own device?

Link

User profile for user: Admiraloftheblack

Admiraloftheblack

User level: Level1

8 points

Dec 29, 2023 3:36 AM in response to gravityfed

I’m so glad I finally found these posts! I’m litterally going insane and looking like and *** at the same time upon boot using the teminal command you provided look similar as well looking at my keychain there are Kerberos login tokens and as well my logs show verbiage about single sing on and my brand new user account. I was able to Open Directory utility app and delete all the users but about the time I finished I was both locked out of changing root password as well I tried to run the log command once more to be met with sudo command not found which is on par with this hack I’m disabled and the system used as a weapon against me the owner/user. Any device that has an ip address ie CCTV overtaken, Sonos speakers, smart tv’s the microphones open and can hear “hushing” etc in the background. Trace route shows all my internet traffic routed through the same set of IP’s and 100% of packets lost on the first hop which is loopback and then routed out to these criminals. Firewall will be flooded with outside connections all through legitimate or it appears at lease apple services ie remoted 85 connections and the list goes on and is ever changing as I block each service at about that time my firewall application is disabled and double signin starts and they get into my sonic wall and disable it and allow their internet highway of ipv6 connections to silently flood my machine. Shoot I’m seriously lost at the same time relieved I found your post! And while we maybe experiencing different vector of compromise it’s all same in the fact it’s every apple device I own as well as a brand new MacBook that was overtaken in minutes of boot I’m assuming my local network? I dunno however I did see in /library/preferences plist file indicating my name and most apple services in guessing in search of all apple accounts? Thanks for the post I’ll keep my eye to see where this goes! Thx

Link

User profile for user: Wtfjay

Wtfjay

User level: Level1

8 points

Aug 16, 2023 12:38 AM in response to gravityfed

Wow I thought I was being followed or something weird what I was reading that data on my phone… I’m not feeling this data collection **** these phone companies are doing and or allowing!

Link

User profile for user: IdrisSeabright

IdrisSeabright

User level: Level10

164,333 points

Nov 25, 2023 10:05 AM in response to Squirrels007

Squirrels007 wrote:

An hes got a weird since of humor as well i was on phone with advanced tech telling me theres no way but im like the logs dont lie an another no1 ever has access to my phone it’s always on me an if coworker barrows to call im right there (doesnt happen oftn) bit when i dont use my health app except when i got phone to put med ID for health reasons an everything is changed on it ik something is up yet i believed them last time again ive been hacked multiple times for what reason none but it’s annoying that my phone is slow an crashes all the time

There is definitely something wrong with your phone. Your keyboard is not functioning properly. All the punctuation is missing in your post. Also, some letters.

Link

User profile for user: Watchlistvictim

Watchlistvictim

User level: Level1

19 points

Dec 22, 2023 1:17 PM in response to gravityfed

This is so helpful. Thank you for taking the time to post this. I have been searching all these terms and processes and types of software firmware middleware in these logs (four years now.) After seeing Pegasus I knew I was right regardless of what senior advisors were telling me. I should say not telling me. So, I want to say thank you again. This was one of the most helpful posts I’ve seen since 2019 when this began.

Link

User profile for user: Roxychick70

Roxychick70

User level: Level1

12 points

Dec 26, 2023 5:01 AM in response to gravityfed

I have all of the same issues with privacy my phone has a mind of its own! It’s always got the camera and microphone on! I’m unable to access iCloud haven’t been able to for months and now since the last update I can’t do the security checks either!

Private relay gets turned off, settings are changed daily and family sharing gets turned on!

every thing points to me having key chain yet I’ve never used it, i have money being spent on my Apple ID that isn’t me , I had advanced data protection on for months and every time I tried turning it off I’d just get an email saying I had just turned it on!

its very confusing I could go on about this for hours but I choose not to on here but honestly what is going on it’s really starting to send me insane trying to keep my identity in check!

i have emails being encrypted my tax was was updated and more! I’ve changed phones, bank accounts Apple IDs and now when I read what you’re saying and I check my analytic logs I have all the same logs!

i have some developer apps under accessibility that I was told shouldn’t be there and I have interactions made on the support app that aren’t from me! I’m at a loss as to what I’m meant to do or think anymore as it doesn’t seem to make any difference as to what I do the phone iPhone 13 just seems to work against me as opposed to work for me! I had the same issue with my android phone but it was a lot simpler as I could see the other device in my settings what or how are you meant to know with iPhone?

my settings always show just me until I do an update or the safety check where it will every now and again reveal other devices!

Link

User profile for user: Autryk

Autryk

User level: Level1

8 points

Jan 30, 2024 6:48 PM in response to Jackl311

This happened to me two days ago. I knew I was hacked and know who it is… would a police report/hiring an attorney be wise to investigate this incident and not allow him to continue harassing me?

[Edited by Moderator]

Link

ANECompilerService - Apple Community (2024)
Top Articles
Shadow the Hedgehog
How Spot Bitcoin ETFs are Performing Across Exchanges
Foxy Roxxie Coomer
Elleypoint
Chatiw.ib
Dollywood's Smoky Mountain Christmas - Pigeon Forge, TN
Rainbird Wiring Diagram
Devotion Showtimes Near Mjr Universal Grand Cinema 16
Mohawkind Docagent
Corpse Bride Soap2Day
Campaign Homecoming Queen Posters
Natureza e Qualidade de Produtos - Gestão da Qualidade
Theycallmemissblue
OpenXR support for IL-2 and DCS for Windows Mixed Reality VR headsets
Labor Gigs On Craigslist
Craigslist Mpls Cars And Trucks
Bahsid Mclean Uncensored Photo
Bfg Straap Dead Photo Graphic
Unlv Mid Semester Classes
Justified Official Series Trailer
Lancasterfire Live Incidents
Jayah And Kimora Phone Number
Army Oubs
Wausau Marketplace
ZURU - XSHOT - Insanity Mad Mega Barrel - Speelgoedblaster - Met 72 pijltjes | bol
Palm Springs Ca Craigslist
Ubg98.Github.io Unblocked
Healthier Homes | Coronavirus Protocol | Stanley Steemer - Stanley Steemer | The Steem Team
Azpeople View Paycheck/W2
Scheuren maar: Ford Sierra Cosworth naar de veiling
South Bend Weather Underground
Southland Goldendoodles
Wrights Camper & Auto Sales Llc
Goodwill Of Central Iowa Outlet Des Moines Photos
Kristy Ann Spillane
Mastering Serpentine Belt Replacement: A Step-by-Step Guide | The Motor Guy
Calculator Souo
Wega Kit Filtros Fiat Cronos Argo 1.8 E-torq + Aceite 5w30 5l
Atlantic Broadband Email Login Pronto
Xemu Vs Cxbx
Gwu Apps
Powerspec G512
Arcadia Lesson Plan | Day 4: Crossword Puzzle | GradeSaver
Los Garroberros Menu
Hk Jockey Club Result
How to Install JDownloader 2 on Your Synology NAS
Sara Carter Fox News Photos
Motorcycles for Sale on Craigslist: The Ultimate Guide - First Republic Craigslist
Mega Millions Lottery - Winning Numbers & Results
Ihop Deliver
Uncle Pete's Wheeling Wv Menu
Scholar Dollar Nmsu
Latest Posts
Article information

Author: Maia Crooks Jr

Last Updated:

Views: 5879

Rating: 4.2 / 5 (43 voted)

Reviews: 82% of readers found this page helpful

Author information

Name: Maia Crooks Jr

Birthday: 1997-09-21

Address: 93119 Joseph Street, Peggyfurt, NC 11582

Phone: +2983088926881

Job: Principal Design Liaison

Hobby: Web surfing, Skiing, role-playing games, Sketching, Polo, Sewing, Genealogy

Introduction: My name is Maia Crooks Jr, I am a homely, joyous, shiny, successful, hilarious, thoughtful, joyous person who loves writing and wants to share my knowledge and understanding with you.