I'm Being Hacked — Here's What I'm Doing About It
I’m Being Hacked — Here’s What I’m Doing About It
Let me be direct: someone is trying to compromise my accounts. Not once. Not twice. Consistently, across multiple platforms, with increasing sophistication.
And I know exactly what’s happening.
The Situation
For months, I’ve been tracking suspicious activity on my accounts:
- Failed login attempts from unexpected locations
- Phishing campaigns targeting my professional profiles
- Social engineering attempts via LinkedIn, Twitter, and email
- Physical proximity attacks — yes, physical
The attacks aren’t random. They’re targeted. Someone has invested time and resources into understanding my digital footprint.
What I Know
I’m not going to share everything publicly — that would just help them improve. But here’s what I can say:
Geographic Intelligence
I’ve mapped the attack vectors geographically. The pattern is clear: certain regions consistently show up in my security logs. This isn’t bot activity — these are coordinated human attempts with infrastructure behind them.
I know which organizations have motivated actors with the technical capability and institutional cover to conduct these operations.
Motivation
The “why” is often more interesting than the “how.” In my case, the attacks intensified after:
- Published work that demonstrated technical capabilities
- Business developments that created competitive pressure
- Public presence that increased visibility
Sometimes the best compliment is an attempted breach.
My Defense Strategy
I’m not relying on standard security advice. I’m building something better.
Daily Operational Security
Every single day, I:
- Review access logs across all platforms
- Rotate credentials on a strategic schedule
- Monitor for impersonation attempts
- Track physical device proximity (yes, that’s a real threat vector)
- Maintain offline backups of critical data
Hardware-level security:
- Yubikey for critical accounts
- Dedicated devices for sensitive operations
- Air-gapped systems for high-value work
AI-Powered Threat Detection
The real game-changer: I’m developing an AI system specifically designed to detect, attribute, and counter these attacks.
It’s not just IDS/IPS — it’s a full threat intelligence platform that:
- Correlates attack patterns across multiple data sources
- Attributes actors by technique, timing, and infrastructure
- Predicts attack windows based on behavioral analysis
- Generates automated threat reports I can act on
- Learns continuously from new attack vectors
This is defensive AI — pattern recognition at scale that would take a human analyst 24/7 to match.
Why I’m Going Public
Three reasons:
1. Deterrence If you’re reading this and you’re one of the people trying to hack me: I know. I’ve documented everything. The question isn’t whether I’ll take action — it’s when and how.
2. Documentation If something happens to my accounts, there’s now a public record. Attack patterns are documented. Attribution exists. This isn’t theoretical — it’s operational security.
3. Building in Public
The best defense is a good offense. By documenting my security posture, I’m:
- Forcing myself to maintain higher standards
- Learning publicly (which helps others in similar situations)
- Potentially attracting collaborators who’ve faced similar threats
- Building a tool that could help others
Technical Deep Dive: My Threat Detection Architecture
For the security-minded readers, here’s what I’m building:
┌─────────────────────────────────────────────────────────────┐
│ THREAT INTELLIGENCE LAYER │
├─────────────────────────────────────────────────────────────┤
│ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ │
│ │ Log │ │ Network │ │ Physical │ │
│ │ Sources │ │ Monitor │ │ Proximity │ │
│ └──────┬──────┘ └──────┬──────┘ └──────┬──────┘ │
│ │ │ │ │
│ └────────────────┼────────────────┘ │
│ ▼ │
│ ┌───────────────────────┐ │
│ │ AI Correlation │ │
│ │ & Attribution │ │
│ │ Engine │ │
│ └───────────┬───────────┘ │
│ ▼ │
│ ┌───────────────────────┐ │
│ │ Threat Dashboard │ │
│ │ & Alerting │ │
│ └───────────────────────┘ │
└─────────────────────────────────────────────────────────────┘Core components:
- Data Collection — Logs from cloud providers, social platforms, network taps, and optional physical device monitoring
- Pattern Recognition — ML models trained on attack signatures
- Attribution Engine — Correlates attacks to actors based on TTPs (Tactics, Techniques, Procedures)
- Predictive Layer — Forecasts attack windows based on historical patterns
- Response Automation — Auto-rotates credentials, blocks IPs, escalates alerts
What You Should Do
If you’re running a business or have any kind of public profile:
Assume you’re being targeted. The question isn’t if — it’s when and how prepared you are.
Practical steps:
- Enable hardware 2FA everywhere possible
- Use a password manager with strong unique passwords
- Monitor your accounts for unusual activity daily
- Maintain offline backups
- Don’t click links, even from “trusted” sources (verify independently)
- Be careful what you share publicly — reconnaissance is real
The Irony
Someone spent resources trying to compromise my systems. Instead, they gave me:
- Motivation to build a better defense
- Real-world test data for my detection system
- A story that’s more interesting than a typical blog post
Thanks for the inspiration.
Looking Forward
This blog post will be updated as the situation develops. The AI defense system is in active development — when it’s ready, I’ll share the architecture and lessons learned.
If you’ve experienced similar attacks and want to compare notes, reach out. We can anonymize the discussion.
To the people running these operations: I’ve been doing this professionally for 8+ years. You’ve made a mistake engaging with someone who takes security seriously.
The game has changed. Now I’m playing offense.
Last updated: March 2026
~Jaime