Related
My S4 was stolen, I'm disappointed with Android Device Manager and Samsung FInd My Mobile.
No way I'm sure why can't find my S4 neither service can contact it, I assume they (the thief) do a hard reset and switched SIM card, no way I can confirm the wipe commands I Sent where achieved.
So I now changed every password
AcostaJA said:
My S4 was stolen, I'm disappointed with Android Device Manager and Samsung FInd My Mobile.
No way I'm sure why can't find my S4 neither service can contact it, I assume they (the thief) do a hard reset and switched SIM card, no way I can confirm the wipe commands I Sent where achieved.
So I now changed every password
Click to expand...
Click to collapse
That is sad to hear.
Thats why no company uses lockdown software. Now you are forced to buy new handset from them. Its only their win.
Only security they work on is to force no software changes by the buyer but not the thief.
Good sales point for iOS if I block an iPhone from iTunes acc, no way it can be reactivated w/o my account consent.
AcostaJA said:
My S4 was stolen, I'm disappointed with Android Device Manager and Samsung FInd My Mobile.
No way I'm sure why can't find my S4 neither service can contact it, I assume they (the thief) do a hard reset and switched SIM card, no way I can confirm the wipe commands I Sent where achieved.
So I now changed every password
Click to expand...
Click to collapse
or maybe u didnt activate it ...
AcostaJA said:
My S4 was stolen, I'm disappointed with Android Device Manager and Samsung FInd My Mobile.
No way I'm sure why can't find my S4 neither service can contact it, I assume they (the thief) do a hard reset and switched SIM card, no way I can confirm the wipe commands I Sent where achieved.
So I now changed every password
Click to expand...
Click to collapse
Rwgister a complaint with the police. IMEI tracking is possible.
My friend was mugged and the crook was caught a couple of months later using IMEI tracking.
Sent from my GT-I9500 using xda app-developers app
This feature relies on WiFi/Mobile data. May be the thief turned off the data.
Not sure about that. You can reset the phone with a sms. So I guess it doesn't rely on mobile data alone.
I don't know which features the op enabled, so everything is unclear. Maybe the thief just turned off the phone and waits until the owner gives up.
Is there any software capable of installing itself into /system and working after system reset in hidden mode?
+ taking photos with front cam (only if "stolen") and uploading them somewhere?
+ store those photos in /system (so no gallery can show those photos)
Or better - be installed right into bootloader/(and|or)kernel?
Yuna said:
Is there any software capable of installing itself into /system and working after system reset in hidden mode?
+ taking photos with front cam (only if "stolen") and uploading them somewhere?
+ store those photos in /system (so no gallery can show those photos)
Or better - be installed right into bootloader/(and|or)kernel?
Click to expand...
Click to collapse
Yes, cerberus.
Sent from my GT-I9500 using xda app-developers app
have you used an app called Android Lost, i like this one
If I take your phone and immediately remove the SIM card and immediately flash / wipe a new rom - no way to track it by the Samsung software... (by the way - even it is very easy to change the IMEI ). So, the only option is to send the SMS wipe command before the phone is reflashed
Sent from my GT-I9505 using XDA Premium 4 mobile app
Easy to change imei? Please, make proof-of-concept.
Can i change my IMEI to 1234567890123 or even 666666777777 in my sgs4 (i9500)
Yuna said:
Easy to change imei? Please, make proof-of-concept.
Can i change my IMEI to 1234567890123 or even 666666777777 in my sgs4 (i9500)
Click to expand...
Click to collapse
With root and Terminal Emulator you can change IMEI but I'm not sure that giving proof is a good thing to do on XDA!
BTW sorry OP... I don't care about Samsung or Google tools because after several tests I also deduced that they are useless.
Primokorn said:
With root and Terminal Emulator you cand change IMEI but I'm not sure that giving proof is a good thing to do on XDA!
BTW sorry OP... I don't care about Samsung or Google tools because after several tests I also deduced that they are useless.
Click to expand...
Click to collapse
Yes, ive seen mods take care of bussiness regarding this topic.
Sent from my GT-I9505 using xda app-developers app
Primokorn said:
With root and Terminal Emulator you can change IMEI but I'm not sure that giving proof is a good thing to do on XDA!
BTW sorry OP... I don't care about Samsung or Google tools because after several tests I also deduced that they are useless.
Click to expand...
Click to collapse
Device manager. Phone lost etc.
These are tools only for nsa tracking not for us to track.
+1 for Cerberus. This is a must have app for all Android owners
p.s. OP sorry to hear about your loss
gdonanthony said:
or maybe u didnt activate it ...
Click to expand...
Click to collapse
Point is if you do a hard reset everything gets wiped and the thief has a brand new phone to use. The user who lost it cant find it by imei via samsung.
I also wonder why we are not able to set a password in recovery mode (like a bios for pc would allow us).
I both registered , activated and tested Google ADM and Samsung FMM , I hoped both being similar to Apple's Activation Lock, but isn't its very easy for thieves to overcome just doing a hard reset thru boot loader.
Also the Imei at police I was informed that mafias have IMEI repair tools that in fact are service tools for repair centers but capables to change the Imei number, so is very possible my S4 now lies on a new box with new accessories and new imei and is being sell as an new s4 w/o complaints neither evidence was stolen.
Big issue here
Samsung's introducing consumer-centric features for Knox with the N3. It includes the abilitiy to prevent wiping the device. You can also hide your porn in a seperate secure container that only the phone owner has access to. The SGS4 h/w as it relates to Knox should be the same so hopefully the 4.3 update will push the functionality to the SGS4.
From the N3 press release...
The new GALAXY Note 3 comes with enhanced privacy and security protection provided by Samsung KNOX. Users can activate Samsung KNOX with ease which allows them to run and store security- sensitive applications and data inside a protected execution environment called “container.” The security inside the container is strengthened by system-level protection of Samsung KNOX against malware and phishing attacks as well as hacking attempts on physical devices when devices are stolen or lost. For instance, important personal pictures or video can be stored in the container with no worries for data leakage due to hacking. In addition, users may choose to store enterprise applications and data such as corporate email, contacts and calendar and allow the IT department to manage the container through EAS (Exchange ActiveSync Server). These features make the GALAXY Note 3 an ideal device for BYOD (Bring-Your-Own-Device to work)
Furthermore, the GALAXY Note 3 is equipped with an improved Find My Mobile feature that allows users to disable the phone when it is stolen or lost. With the enhanced user authentication, the technology prevents stolen mobile phones from being reset to factory settings, and allows users to remotely track or erase the data from their lost or stolen mobile phones.
Any news on this regarding the S4? Does the new 4.3 firmware prevent hard-reseting the phone?
Howdy (and apologies ahead of time if this is a dup, I _did_ search, didn't find anything),
Is it just me or did application specific passwords break with Lollipop? Googled a bit and couldn't find any details. I just see postings stating that 2fa works now, but I don't see how that negates the need for app specific passwords.
I know 2fa is now supported but I'm a bit concerned to use my normal password as I'm not sure if it's stored in any way. Anyone know of any links that explain what exactly is stored and how the auth is persisted across reboots? Maybe I'm misunderstanding, but I thought that if my device was lost, with app passwords I could revoke the device without changing my main password.
The other issue is, since I'm using 2fa with the google auth app on this phone I wouldn't even be able to setup if I wiped this phone (which I will need to). At least prevously I could login to my google account on my PC, create the app specific password and sign on that way.
- TIA for any info
I have just upgraded my Nexus 5 from 4.4.4 into 5.0.1 (I didn't install 5.0.0). What I did:
1. Factory reset on 4.4.4
2. Install system update into 5.0.1
2. Factory reset on 5.0.1
3. Application specific password NOT accepted on initial account setup on Nexus 5. I had to use my master password and code list because you can't read sms before account is added on the phone.
Is this really broken? I haven't found any info on this either.
Wow, someone else who was using this feature. That makes 2 of us at least. I guess that's why they removed it...? Yeah, unless I'm missing something it appears it's indeed broken.
The best part is this isn't really part of Android, but part of gapps; no way to report bugs for that (at least that I've found). Someone opened a bug against AOSP but they closed it as this stuff isn't part of AOSP:
{scheme}code.google.com/p/android/issues/detail?id=57863&can=1&q=app%20specific%20password&colspec=ID%20Type%20Status%20Owner%20Summary%20Stars
They suggested using the "google mobile help forum"; I guess this page links to it: {scheme}googlemobile.blogspot.com/2008/11/got-questions-try-new-google-mobile.html - following the link just gives an error "no group mobile found" or something similar.
All I could see to do was to post a response to their help page on signing in with app specific password to Play pointing out the inaccuracy of the article. I can't find that article anymore, it looks like it might've been removed? I received no response to that.
I can't imagine this being a very difficult feature to support, so I'm a little surprised it was removed. But hey, at least they added all sorts of eye candy and other crap I don't really care about.
I think this is a deal breaker for me. Unless I'm misunderstanding here, if someone were to acquire my phone and extract the password the key or whatever it's storing, they would then be able to access my account settings and take full ownership. If it only had the app specific password, I don't think that'd allow them to modify security settings. If it's tieing the key to the device, that's great but I still can't revoke it (doesn't show up in the app specific password page). Unacceptable (again, unless I'm misunderstanding something?).
Maybe it's time to start looking for alternatives. Wonder if any Maemo derivatives can run on the M8? It was miles ahead of Android in all departments except eye candy anyways...
I'll reply here if I see any more info - please do the same.
This is totally broken.
My company uses App Specific Passwords and I just updated my Droid Turbo to Lollipop.
After the update, everything worked fine. However, I started getting google play service errors and had to wipe.
Now I need to log in using my authenticator password instead of my app specific password.
Not good
dragonash said:
This is totally broken.
My company uses App Specific Passwords and I just updated my Droid Turbo to Lollipop.
After the update, everything worked fine. However, I started getting google play service errors and had to wipe.
Now I need to log in using my authenticator password instead of my app specific password.
Not good
Click to expand...
Click to collapse
Agreed. Quite unfortunate, but I can't find anyone outside of this thread and a few random posts that seem to actually care.
Thanks for confirmation that this is still a problem, btw. I'm still not sure if there's anyplace to even raise this to Google...
i just spent an hour trying to understand why this smart feature wasn't working on my new mobile with a stock andorid lollipop! at least i feel less lonely now...
i sent a feedback to google even if i don't think they'll reply.. i opened a ticket on AOSP website (Issue 189310) if you want to check their reply.. sorry but i can't post outside links
Dear All,
I use Samsung Galaxy A8 SM-A800F with marshmallow 6.0.1 (Official).
My mobile is hacked. Someone is remotely accessing my mobile and making changes as per his will, hacker is able to access my device without mobile data/internet enabled.
I have observed following things -
- Hacker can track my keystrocks/screen touch
- He can access my whatsapp messages
- He is able to reply to my whatapp messages
- He is able to make folders in my mobile
- He is able to restart mobile
- He is able to enable/diable mobile data
- He can access my sms and can send me customized sms.
- He is able to do all above things without mobile data enabled
I am not sure whats going on with my mobile, is this some king of virus/malware which is allowing hacker to control my device ?
I have tried installing various antivirus.
I have tried factory reset / installing official firmware using odin but still hacker is able to control my device remotely.
Kindly advice me on how to fix this problem.
Best Regards,
Romob
Please advise
romob said:
Dear All,
I use Samsung Galaxy A8 SM-A800F with marshmallow 6.0.1 (Official).
My mobile is hacked. Someone is remotely accessing my mobile and making changes as per his will, hacker is able to access my device without mobile data/internet enabled.
I have observed following things -
- Hacker can track my keystrocks/screen touch
- He can access my whatsapp messages
- He is able to reply to my whatapp messages
- He is able to make folders in my mobile
- He is able to restart mobile
- He is able to enable/diable mobile data
- He can access my sms and can send me customized sms.
- He is able to do all above things without mobile data enabled
I am not sure whats going on with my mobile, is this some king of virus/malware which is allowing hacker to control my device ?
I have tried installing various antivirus.
I have tried factory reset / installing official firmware using odin but still hacker is able to control my device remotely.
Kindly advice me on how to fix this problem.
Best Regards,
Romob
Click to expand...
Click to collapse
are you sure its a hacker? as mobile apps can do all that if you give them permission. why are you sure its a hacker? why would someone hack you?
simms22 said:
are you sure its a hacker? as mobile apps can do all that if you give them permission. why are you sure its a hacker? why would someone hack you?
Click to expand...
Click to collapse
I am sure someone is doing mischief,
I have tried resetting my device, uninstalling apps etc. but issue still exist.
Any help would be greatly appreciated
Any help would be greatly appreciated
Please help
romob said:
Please help
Click to expand...
Click to collapse
have you tried a full wipe and installing a.cistom rom?
"err on the side of kindness"
it's too dangerous. List some apps and source you got apps from ( if you remember all of them)
Have you let somebody tease your phone?
This is not funny but funny as I'm dealing with the same thing, I believe it comes down to WiFi hack, or through tags or nfc or whatever I've done the same thing resetting, rooting, removing some files ex, I've revoked, froze ect.... not sure what do to my self. It have noticed when I hard reset and it unmounts a file. Still learning code so not tip top on what it says. If I can get maybe a list of exploits it would at least give me a place to start. I'm on an s7 Sept patch bone stock apps I have Google chrome,messages, phone,contacts.
You could write a book on what you possible need to do, depending on how your system was compromised.
As you can see them replying to your messages I'd bet it's one of your mates that has done something! Having access to your phone would make hacking it easier eg start with a remote control apps and then gain more access later.
I'm no expert but I think you did the right thing reinstalling your rom, but if it's coming back then they must be able to reinstall malware as they have your wifi password, network password, or it's on your sd card or a bad app that you have reinstalled and can gain root or something.
You need to change ALL your passwords that may enable access to your network or phone, incl work etc. ALSO update/reinstall or factory reset any modem/router/network firmware/pc you can as they may have opened some backdoor. But only have one thing on at a time as you fix it, else one might just compromise your network again. Make sure things like tv, printers etc have secure wifi settings (change ALL default passwords to your own strong ones)
Once all have been restored/factory reset with new passwords then you can turn them on again. (I would leave sd cards out and don't install all your apps yet, add them one at a time and only from Play store) also change passwords for all apps as they may still be able to gain access to them & check things like two factor authentication is set to use phone numbers you have set, not theirs.
I have to go now, though there are more possibilities, I've probably missed some things too, but hope I have given you some ideas. Good luck
Okay so ive been battling this for sometime. I'm starting to get a little more knowledgeable but still don't know what to do with all this.I experienced this first back in 2015 then I completely made a switch. Well now I'm back to same issues.
The problems I'm experiencing is it's happening on all the devices I have. The phone I'm on now bought brand new from metropcs. and not even a day 30minutes later I get an update for the phone. I new not to install or download. But it inventively did. Now it's sitting on my storage wanting me to move files to root.
LET ME MAKE THIS CLEAR. NON OF MY DEVICES ARE ROOTED.
to make this short. My devices seem to have a Bluetooth admin. And connects to any Bluetooth device without me knowing.
So far from what I see chromium and stage fright is a big part of what I'm seeing.
I'm attaching some pictures to give more detail look. And it's not just my Android devices it's my Xbox one S as well.
looking to completely remove. I'm not trying to waste money on switching networks or completly going Mia.
Fast responses please.
Sincerly,
-Desperate androidian
BLEEDCOLORYOU said:
Okay so ive been battling this for sometime. I'm starting to get a little more knowledgeable but still don't know what to do with all this.I experienced this first back in 2015 then I completely made a switch. Well now I'm back to same issues.
The problems I'm experiencing is it's happening on all the devices I have. The phone I'm on now bought brand new from metropcs. and not even a day 30minutes later I get an update for the phone. I new not to install or download. But it inventively did. Now it's sitting on my storage wanting me to move files to root.
LET ME MAKE THIS CLEAR. NON OF MY DEVICES ARE ROOTED.
to make this short. My devices seem to have a Bluetooth admin. And connects to any Bluetooth device without me knowing.
So far from what I see chromium and stage fright is a big part of what I'm seeing.
I'm attaching some pictures to give more detail look. And it's not just my Android devices it's my Xbox one S as well.
looking to completely remove. I'm not trying to waste money on switching networks or completly going Mia.
Fast responses please.
Sincerly,
-Desperate androidian
Click to expand...
Click to collapse
The Android community isn't what it used to be that's for sure. No help, no suggestions. Just nothing.
BLEEDCOLORYOU said:
Okay so ive been battling this for sometime. I'm starting to get a little more knowledgeable but still don't know what to do with all this.I experienced this first back in 2015 then I completely made a switch. Well now I'm back to same issues.
The problems I'm experiencing is it's happening on all the devices I have. The phone I'm on now bought brand new from metropcs. and not even a day 30minutes later I get an update for the phone. I new not to install or download. But it inventively did. Now it's sitting on my storage wanting me to move files to root.
LET ME MAKE THIS CLEAR. NON OF MY DEVICES ARE ROOTED.
to make this short. My devices seem to have a Bluetooth admin. And connects to any Bluetooth device without me knowing.
So far from what I see chromium and stage fright is a big part of what I'm seeing.
I'm attaching some pictures to give more detail look. And it's not just my Android devices it's my Xbox one S as well.
looking to completely remove. I'm not trying to waste money on switching networks or completly going Mia.
Fast responses please.
Sincerly,
-Desperate androidian
Click to expand...
Click to collapse
I'm no expert but I'm struggling to see your exact issue you seem to think you have, is it just t your Bluetooth is switching on. All those licences, security certs, file locations etc look normal to me (without checking numbers or being able to compare to same phone os etc) though I have disabled many of those certs eg the Turkish ones etc & my Bluetooth files are different but I can find ref hill those locations online eg Xieomi phones
You appear to have a ZTE, please give model number and current OS & rev (must be stock I suppose). ZTE was found with a backdoor in older phones, sending data to China, so it's possible, & some Chinese phones also update their apps without notification. But as you say your whole network appears compromised so the source may be something else, like your router/modem, or Bluetooth as you think (though some apps require Bluetooth admin permission legitimately, you can disable it as an Admin). Tell us what behaviors you are seeing that you believe are malicious. New phone update soon after you turn on is quite common, as I'm sure you know.
When I had a quick look at your log it did have a lot of activity going to the US DOD, would you expect this, as well as the usual google & Facebook connections. Though (perhaps) strangely also to a server from a small marketing company here in Australia, but I'm no expert even if I looked at your log line by line I wouldn't understand it all.
Ref his other post
https://forum.xda-developers.com/general/security/security-global-family-credientals-t3665851
Things to try. Run a reputable antivirus. Boot into safe mode, so only system apps run, is it still happening? Can you turn off anything that is listed as a device admin? Try run a root checker app. Even if it all comes back negative you may still have a problem as a port may already have been opened and malicious app self deleted or something. Use an app like Fing to see if any device you don't recognise are connected to your network.
You may be able to block some activity if it's not going through root with a firewall eg NetGuard no root firewall, start with everything blocked.
Above are just some general hints, without knowing specifics I can only suggest you backup any stuff you want to keep then factory reset everything & change ALL passwords to strong ones (no good just adding a number on the end of your old ones!), better still reflash all firmware (updates if available) to overwrite everything. This incl your internet access points eg router, and only reconnect to the net/networks after you have done them all (one at a time preferably then you may be able to identify source of problems)
That turned out a lot longer than I intended!
IronRoo said:
I'm no expert but I'm struggling to see your exact issue you seem to think you have, is it just t your Bluetooth is switching on. All those licences, security certs, file locations etc look normal to me (without checking numbers or being able to compare to same phone os etc) though I have disabled many of those certs eg the Turkish ones etc & my Bluetooth files are different but I can find ref hill those locations online eg Xieomi phones
You appear to have a ZTE, please give model number and current OS & rev (must be stock I suppose). ZTE was found with a backdoor in older phones, sending data to China, so it's possible, & some Chinese phones also update their apps without notification. But as you say your whole network appears compromised so the source may be something else, like your router/modem, or Bluetooth as you think (though some apps require Bluetooth admin permission legitimately, you can disable it as an Admin). Tell us what behaviors you are seeing that you believe are malicious. New phone update soon after you turn on is quite common, as I'm sure you know.
When I had a quick look at your log it did have a lot of activity going to the US DOD, would you expect this, as well as the usual google & Facebook connections. Though (perhaps) strangely also to a server from a small marketing company here in Australia, but I'm no expert even if I looked at your log line by line I wouldn't understand it all.
Things to try. Run a reputable antivirus. Boot into safe mode, so only system apps run, is it still happening? Can you turn off anything that is listed as a device admin? Try run a root checker app. Even if it all comes back negative you may still have a problem as a port may already have been opened and malicious app self deleted or something. Use an app like Fing to see if any device you don't recognise are connected to your network.
You may be able to block some activity if it's not going through root with a firewall eg NetGuard no root firewall, start with everything blocked.
Above are just some general hints, without knowing specifics I can only suggest you backup any stuff you want to keep then factory reset everything & change ALL passwords to strong ones (no good just adding a number on the end of your old ones!), better still reflash all firmware (updates if available) to overwrite everything. This incl your internet access points eg router, and only reconnect to the net/networks after you have done them all (one at a time preferably then you may be able to identify source of problems)
That turned out a lot longer than I intended!
Click to expand...
Click to collapse
Thank-you. Now for a better visual. There's to many apps.
And if u can give me links to apps that will help.
And on my oneplus one the Bluetooth thing says :1002 sharing or midi or something.
BLEEDCOLORYOU said:
Thank-you. Now for a better visual. There's to many apps.
And if u can give me links to apps that will help.
And on my oneplus one the Bluetooth thing says :1002 sharing or midi or something.
Click to expand...
Click to collapse
And code.auroa? What is this
BLEEDCOLORYOU said:
Thank-you. Now for a better visual. There's to many apps.
And if u can give me links to apps that will help.
And on my oneplus one the Bluetooth thing says :1002 sharing or midi or something.
Click to expand...
Click to collapse
I don't have that phone so can't really tell what is a suspect app or not, especially just from screen shots.
Here use this app to run on demand scans against the virustotal database (this is not an "antivirus app" like Avast so offers no protection, it only scans apps on demand, so you should run a good antivirus also)
https://play.google.com/store/apps/details?id=com.funnycat.virustotal
it should flag any suspect apps and you can submit any unknown ones you are worried about.
---------- Post added at 05:12 AM ---------- Previous post was at 05:02 AM ----------
BLEEDCOLORYOU said:
And code.auroa? What is this
Click to expand...
Click to collapse
edit: not Firefox then.
org.codeaurora.bluetooth is a legit part of Bluetooth .... Well unless it's flagged by virustotal then it probably is a malicious app just given a common name to try and hide
IronRoo said:
I don't have that phone so can't really tell what is a suspect app or not, especially just from screen shots.
Here use this app to run on demand scans against the virustotal database (this is not an "antivirus app" like Avast so offers no protection)
https://play.google.com/store/apps/details?id=com.funnycat.virustotal
it should flag any suspect apps and you can submit any unknown ones you are worried about.
Click to expand...
Click to collapse
Okay but what is provisioning? Code auroa smartcard services googleplay for instance apps and
And IV never encrypted this phone.
BLEEDCOLORYOU said:
Okay but what is provisioning? Code auroa smartcard services googleplay for instance apps and
And IV never encrypted this phone.
Click to expand...
Click to collapse
And alot of the overlay apps n simtoolkit are all questionmarked
BLEEDCOLORYOU said:
And alot of the overlay apps n simtoolkit are all questionmarked
Click to expand...
Click to collapse
ser my edit above re aurora
sometimes virustotal will have 2 or 3 antiivirus companies flag a file, these are probably false positives so probably nothing to worry about (though could just be a new submission, other companies should soon update if real malicious code, check back in a day or two). If lots of companies flag an apk then you haven a problem.
It looks like you have a problem whit overlays (unless it's an app your phone company installs for that function, not sure what you mean). You should install a proper antivirus app like Avast, malwarebytes etc as a first step, hopefully it can remove malicious apk
---------- Post added at 05:51 AM ---------- Previous post was at 05:37 AM ----------
BLEEDCOLORYOU said:
And IV never encrypted this phone.
Click to expand...
Click to collapse
Doesn't matter, encrypting phone only protects unauthorised access to your data. Once it is unlocked anyone can view your stuff. And once a malicious app is on your system it can shall read all your data even if you had encrypted it as it's unencrypted when you use it
IronRoo said:
ser my edit above re aurora
sometimes virustotal will have 2 or 3 antiivirus companies flag a file, these are probably false positives so probably nothing to worry about (though could just be a new submission, other companies should soon update if real malicious code, check back in a day or two). If lots of companies flag an apk then you haven a problem.
It looks like you have a problem whit overlays (unless it's an app your phone company installs for that function). You should install a proper antivirus app like Avast, malwarebytes etc as a first step, hopefully it can remove malicious apk
---------- Post added at 05:51 AM ---------- Previous post was at 05:37 AM ----------
Doesn't matter, encrypting phone only protects unauthorised access to your data. Once it is unlocked anyone can view your stuff. And once a malicious app is on your system it can shall read all your data even if you had encrypted it as it's unencrypted when you use it
Click to expand...
Click to collapse
Okay so now I'm trying to post screenshots of when I'm connected to wifi and it's not letting me
Pairwise cyphers and
Group cyphers
Sim_num
?
BLEEDCOLORYOU said:
And alot of the overlay apps n simtoolkit are all questionmarked
Click to expand...
Click to collapse
Tap those with question marks to submit to virustotal for analysis
IronRoo said:
Tap those with question marks to submit to virustotal for analysis
Click to expand...
Click to collapse
/sys/fs/selinux/class/appletalk_socket/perms
Not suspious?
BLEEDCOLORYOU said:
/sys/fs/selinux/class/appletalk_socket/perms
Not suspious?
Click to expand...
Click to collapse
Now I'm not stupid, this is facts. I just need defined and solution!!!
No these are normal library files. Stagefright "the malicious exploits" were called this as it was the stagefright framework it exploited. Everyone has these files, here are mine below.
You need to use tools like antivirus to identify bad files but even that is no guarantee as there is the possibility the original malicious file could have self deleted and, for example, just left open ports which would not be found as a "virus" but still allow remote access to your device.
If you cannot identify the actual exploit on your phone then the best solution is probably to just reflash the stock rom as this will wipe & overwrite everything. But if a malicious file is left on your SD card or another networked device you could soon be infected/compromised again. That is why I said before if you can't identify the source of your infection you really need to factory reset or reinstall all OS on all devices affected including your home router etc (or maybe it's your work or public network) and change all passwords.
IronRoo said:
No these are normal library files. Stagefright "the malicious exploits" were called this as it was the stagefright framework it exploited. Everyone has these files, here are mine below.
You need to use tools like antivirus to identify bad files but even that is no guarantee as there is the possibility the original malicious file could have self deleted and, for example, just left open ports which would not be found as a "virus" but still allow remote access to your device.
If you cannot identify the actual exploit on your phone then the best solution is probably to just reflash the stock rom as this will wipe & overwrite everything. But if a malicious file is left on your SD card or another networked device you could soon be infected/compromised again. That is why I said before if you can't identify the source of your infection you really need to factory reset or reinstall all OS on all devices affected including your home router etc (or maybe it's your work or public network) and change all passwords.
Click to expand...
Click to collapse
I'm on a video bridge network I got the direct TV setup with 2 wireless setups. Both secure from what I know.
BLEEDCOLORYOU said:
Pairwise cyphers and
Group cyphers
Sim_num
?
Click to expand...
Click to collapse
These are for encryption of your connection, not your phone
BLEEDCOLORYOU said:
I'm on a video bridge network I got the direct TV setup with 2 wireless setups. Both secure from what I know.
Click to expand...
Click to collapse
I'm no coding/security guru, but I have worked on telecoms, military electronics, etc but my coding & network security knowledge is limited.
I would run this app Fing to check your local network, are there any unknown devices connected?
https://play.google.com/store/apps/details?id=com.overlook.android.fing
note: this only finds currently connected devices, so you'd want to do this several times & especially when you see suspect behavior.
Also check for open ports, easiest way is probably this site, it will scan the first 1000 ports or so (select all)
https://www.grc.com/
go to shields up
but you really need to scan ALL possible ports with a tool like Zenmap (for PC) if you think you are compromised
https://nmap.org/zenmap/
However it's not clear to me if you ever installed a proper antivirus and whether it found and deleted anything? Virustotal seemed to find some suspect apks, I had a quick look at Trendmicro database but it didn't list details of the one it found in your screenshot, but the fact some of those antivirus companies called the suspect apk names with "joke" in it may suggest it's just a joke app your mate has installed, though probably not a joke app if your other devices are really also compromised, from memory there is also real malware with that name which may be able to infect other devices. Running a proper antivirus should easily find and clean any "joke" app on your phone & hopefully any real malware. If you've done this and still seeing indications you are compromised then do what I suggested above. (Also repeat malware checks on other devices and removable storage media)
You should also log into your router as admin and check settings, are you using a secure router password? Is firmware up to date. Is firewall set up correctly? Also close any open ports that you don't use. Turn off remote admin, if router has it. Etc etc what do your router logs show (turn on more detailed logging if necessary) Factory reset or reinstall firmware if you think changes have been made to your router by someone else.
Hi I am having same issues. Exact same behaviors regardless of new phones new carrier and all accounts being unconnected in name. Google etc. This is extreme. Its via bluetooth I agree something with esims or virtual sims for use of wifi access and or signal piracy for media. The DOD files are also something I am familier with seeing. Code Aurora was also a govt project way back. Its Interesting thst I have Verizon files loading on at & t phones and sprint loading on Verizon. Whatever this is has managed to infiltrate my computers as well. Its relentless. Its impressive and sophisticated. Please please help.
Spidder77 said:
Hi I am having same issues. Exact same behaviors regardless of new phones new carrier and all accounts being unconnected in name. Google etc. This is extreme. Its via bluetooth I agree something with esims or virtual sims for use of wifi access and or signal piracy for media. The DOD files are also something I am familier with seeing. Code Aurora was also a govt project way back. Its Interesting thst I have Verizon files loading on at & t phones and sprint loading on Verizon. Whatever this is has managed to infiltrate my computers as well. Its relentless. Its impressive and sophisticated. Please please help.
Click to expand...
Click to collapse
I'm having the same issmy ues. Did anyone ever resolve or figure out what is happening? I think I'm under investigation by the DOD and they own my devices. My uploads/downloads are blocked, internet searches filtered, pics/screenshots of evidence deleted off my phone, etc.
Hello!
I have Samsung Galaxy A03s. I did a factory reset a few days ago and I didn't remember my password. I also have no clue what is the google account Im signed with.
I tried numerous different ways, I watched multiple youtube videos - none of them worked.
Do you have any suggestion what I could do?? And also are there any free apps I can use???
I tried downloading dr fone but I need to pay in order to do anything with the app.
What free tutorials you can find on the internet.
Samsung can unlock it with proof of purchase too I believe.
Next time delete Google and Samsung accounts from device before you do the reset and do the reset from settings vs boot menu to avoid this from happening...
I downloaded SamFirm tool but I have no idea how to use it.
If anyone knows this tool, could you please tell me what Im supposed to do in order to unlock my phone?
Samfirm is as the name suggest a tool to download Samsung firmware for mobiles - this isn't of any use. MediaTek devices can be accessed low level so one could just erase FRP partition (if Samsung followed the rules)
But there is risk bricking your device, therefore I recommend youtube videos like this - it's much more safe to use.
v.here said:
Hello!
I have Samsung Galaxy A03s. I did a factory reset a few days ago and I didn't remember my password. I also have no clue what is the google account Im signed with.
I tried numerous different ways, I watched multiple youtube videos - none of them worked.
Do you have any suggestion what I could do?? And also are there any free apps I can use???
I tried downloading dr fone but I need to pay in order to do anything with the app.
Click to expand...
Click to collapse
You are not looking for a way to remove FRP, you should be looking for a way to "bypass" FRP on your specific model number.
Try doing a Google search for:
"Bypass FRP (your specific model number)"
Also, the best to avoid this in the future is to go to your Google settings and disable the "Find My Device" feature and remove the Google account before you factory reset the device. Then it will not trigger FRP lock when you do the reset.
[Samfw FRP Tool URL]
ZModder said:
https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-click
Click to expand...
Click to collapse
Yeah, there are many ways to bypass FRP lock. This is just one of many tools and methods.
But, with what I posted previously, neither removing or bypassing FRP are necessary. It is better to understand how Google and android work than it is to blindly walk into a problem that requires a tool to fix. It is also a very bad idea to not remember Google login email and password, it's as simple as keeping that info somewhere other than the device.
I find it hard to believe or understand how no one ever thinks ahead or "looks where they are going" when they do things without first understanding the details or potential consequences of actions when tinkering with technology that they don't truly understand. To give an example to put things into scope, if people handled guns as carelessly as they do their phones, just imagine.....
Not that phones present the same dangers, just making a point.
Zillion said:
https://samfw.com/blog/samfw-frp-tool-1-0-remove-samsung-frp-one-click
Click to expand...
Click to collapse
Hi it's been a long time since I've been here on this site I have the same thing I've got that software installed and I get past the emergency call and it says cannot access ABB can you give me any pointers I believe I can get it I'm still very much a green horn novice
Droidriven said:
Yeah, there are many ways to bypass FRP lock. This is just one of many tools and methods.
But, with what I posted previously, neither removing or bypassing FRP are necessary. It is better to understand how Google and android work than it is to blindly walk into a problem that requires a tool to fix. It is also a very bad idea to not remember Google login email and password, it's as simple as keeping that info somewhere other than the device.
I find it hard to believe or understand how no one ever thinks ahead or "looks where they are going" when they do things without first understanding the details or potential consequences of actions when tinkering with technology that they don't truly understand. To give an example to put things into scope, if people handled guns as carelessly as they do their phones, just image......
Not that phones present the same dangers, just making a point.
Click to expand...
Click to collapse
I had it going pretty decent hadn't verified my Google account and it didn't go to the code page so I tried to software that you talked about earlier it seems to go through but it gets a failed to load the ADB any advice is greatly appreciated i bought the phone fulfilled my contract was able to get it unlocked.. was good to get to a friend of mine because I bought another phone I didn't know nothing about removing the Google account so the hard reset came up this fpr and I'm not getting nowhere past that it's got something to do with ADB I'm finally searching up to two steps or someone away from the city I just need some advice thanks..
Droidriven said:
Yeah, there are many ways to bypass FRP lock. This is just one of many tools and methods.
But, with what I posted previously, neither removing or bypassing FRP are necessary. It is better to understand how Google and android work than it is to blindly walk into a problem that requires a tool to fix. It is also a very bad idea to not remember Google login email and password, it's as simple as keeping that info somewhere other than the device.
I find it hard to believe or understand how no one ever thinks ahead or "looks where they are going" when they do things without first understanding the details or potential consequences of actions when tinkering with technology that they don't truly understand. To give an example to put things into scope, if people handled guns as carelessly as they do their phones, just image......
Not that phones present the same dangers, just making a point.
Click to expand...
Click to collapse
^truth^ Your Google password should be long, unique and carved in granite, twice. Don't trust your memory for this... it should look like a MS installation password which is a good model to emulate.