Related
Read full article here
What is your opinion?
Dont like it. I want my phone to be MY phone. My phone should work for me not google and not some mysterious random company. My private life should not be reduced to some advertising opportunity for a business. Why people accept this I do not know. It dosent matter if an XDA developer will find a way to stop it. It shouldn't be happening in the first place.
OK, so I'm a WM developer, not Android, but if the program turns on the GPS receiver, surely the GPS LED would givaway the fact that it has been triggered. On a Kaiser the right LED flashes orange every other GSM connection flash.
Alternatively, it could just grab the CellID from the GSM connection. Not as accurate, but it can still be used as a crude location pointer. In cities it is probably accurate to a couple of hundred metres.
As the article mentions, Google have a pretty strict policy on what apps can do with users data, but whether they are adhered to is another matter.
It would be quite difficult to stop it, if the Android equivalent of WM's 'GPSAPI.DLL' exists in ROM, as you can't modify it to overide any calls to the functions within it.
On android, it is not possible for a user application to ENABLE GPS (if it was turned off in settings). The only apps that can do so are those in /system, which requires root to write to, or the app to be installed on the ROM itself.
I personally leave GPS off all the time, and do actually read all permissions used before installing an app. In the past, I have actually decompiled applications and removed their GPS/location permissions and "spy code", but now I just use another app that doesn't need excessive permissions.
In Android, permissions do block access to both network location and GPS location, using separate permissions, so it's possible for an app to use network location, but not get access to gps. But I see no need for it, when IP address gives a country/very rough location (enough for a dev to know his/her user base's nationality demographics)
Really don't like that.
I pay for the phone, the bandwidth and the calls.
I do not to be harassed by people trying to sell me stuff on my own telephone, and I especially not want to give an anonymous company my own private data!
stephj said:
OK, so I'm a WM developer, not Android, but if the program turns on the GPS receiver, surely the GPS LED would givaway the fact that it has been triggered. On a Kaiser the right LED flashes orange every other GSM connection flash.
Alternatively, it could just grab the CellID from the GSM connection. Not as accurate, but it can still be used as a crude location pointer. In cities it is probably accurate to a couple of hundred metres.
As the article mentions, Google have a pretty strict policy on what apps can do with users data, but whether they are adhered to is another matter.
It would be quite difficult to stop it, if the Android equivalent of WM's 'GPSAPI.DLL' exists in ROM, as you can't modify it to overide any calls to the functions within it.
Click to expand...
Click to collapse
Unfortunately, on most Android devices you don't get the amber LED to indicate GPS usage. But as pulser_g2 has said, if you have GPS turnt off then only /system apps or root apps will be able to use it.
Pulser, what app do you use to check them out for malicious code?
incredulous said:
Unfortunately, on most Android devices you don't get the amber LED to indicate GPS usage. But as pulser_g2 has said, if you have GPS turnt off then only /system apps or root apps will be able to use it.
Pulser, what app do you use to check them out for malicious code?
Click to expand...
Click to collapse
I use apktool to disassemble the APK, then check the permissions inside AndroidManifest.xml.
Notepad2 used to view the smali code, and AstroGrep (windows) or just a recursive grep on linux, and I look for "http" and "location", since you'd be amazed what you find when recursively grepping the code for "http"
Let's just say I have found pages containing lists of authorised IMEIs for applications, I've found callback code to give a remote server information etc...
I tend to notify the developer if there is anything at issue like IMEIs... But often they do nothing
Get familiar with apktool, and learn to read smali, which is like intermediate java code, slightly more like machine code, but mainly like java...
As for what you do once identifying such an app, I suggest just not using it. It is possible to remove such callback code, but it's complex and much easier to use an alternative.
As the-equinoxe said, I own the phone, and therefore anything going on it has to obey MY rules. So regardless of what an app's license agreement says, my device has its own licence agreement, saying that "pushing an APK to this device via the market/gtalk service hereby provides consent for it to be disassembled and decompiled, and scrutinsed by geeks before installation..."
HTH
If you don't like it, then don't install the fart app that needs access to your GPS.
Any app that needs access to your location but doesn't have an obvious reason to do so is using it for advertising purposes.
Don't like it, don't use the apps. It really is pretty simple and it doesn't require you to decompile the app!
If your personal information is so private, don't give it away to someone who EXPLICITLY asks for it.
Any app that needs access to your location but doesn't have an obvious reason
Click to expand...
Click to collapse
Main problems are other types of apps. Apps that need access and then exploit it. For example a weather app needs internet to download weather and at the same time it can send bunch of personal data to it's developer, without user knowing it.
AFAIK there is no effective way to get rid of that problem, other than manually analyzing each application at the market.
Maybe solution would be a policy in Market that will require application to ask user before sending any personal data or else application gets banned from the market. But again it will require someone to check application manually if it's sending data.
I can see a solution that would work.
Android would need to use a UAC style prompt, saying "allow once or always", and same for deny. Like SuperUser apk does.
If an app couldn't use the permission without express approval, controlled by the individual intent or method/subroutine in use, you could easily see when an app was actually using a permission, and allow it one individual GPS reading.
The only problem with this? It would be really annoying for 99.9% of users, and ultimately there would be ways to cheat the system.
The above suggestion where apps request permission would work in an ideal world where every developer can be trusted implicitly.
But this is no ideal world, and even if it were on the scale of xda (few hundred apps), there would be no way to check it happened. And then it would be unenforced, and in my view, and unenforced rule is worse than no rule, since users would be led to believe it was enforced, and thus protecting them.
Bottom line? Trust nobody, write your own apps, and apktool everything. Until then, just be careful what apps you install and give GPS access to... don't use that third party weather app if you don't trust it...
Koush, they guy behind Clockworkmod has come up with another little gem you might want to try. It is a tether app that bypasses most carrier restrictions and allows easy data tethering of your phone to your PC/Mac/Linux computer. Another little plus: It does NOT require root!
Below is his post on Google+ where you can download the relevant client, and it pushes the APK over to your phone. (Make sure USB debugging is enabled.) It is still in Alpha so may not work for everyone, but we know from his previous work that all kinks will eventually be ironed out.
https://plus.google.com/103583939320326217147/posts/1Yy1jb9z4TA
suggest spoofing your browser's user agent
Serious bump to this post. I've got eight days left on the free trial and intend to throw down the five bucks once it asks, no question. Thanks Koushik and anyone else involved, and thanks wnp_79 for calling some XDA attention to this. I'd be interested in knowing how it works it greater detail. Here's the google play link: https://play.google.com/store/apps/details?id=com.koushikdutta.tether
This is a godsend as I'm in a situation where I suddenly need to tether a lot and my T-Mobile USA plan is, or at least the lady claimed, super unlimited, no cap whatsoever and no throttling. Hard to believe, and I'm in LTE areas. The only asterisk is that I pay extra if I want to tether, and there is a limit on tethering, no unlimited, and I don't know if they're looking for tethering or if they're focusing on their bigger problems. Even works on Linux, even lets me do other things like ssh. But one thing this app and its proxy magic do not do is change your browser's user agent string. That leaves you vulnerable to carrier detection based on what browser you're using.
So, to be a little extra safe in case your carrier is sniffing for that, if you're going to be doing this a lot and going heavy on the data, perhaps change (spoof) your computer's browser's user agent (how it identifies itself to servers) from its default to a mobile device, ideally identical to what you use on your phone. To do this without installing anything onto your browser, check this guide, http://www.howtogeek.com/113439/how...user-agent-without-installing-any-extensions/. For example this can be done easily in Firefox's about:config.
Or, use extensions/addons.. For Chrome, User-Agent Switcher for Chrome (https://chrome.google.com/webstore/detail/user-agent-switcher-for-c/djflhoibgkdhkhhcedjiklpkjnoahfmg) works. For Firefox, User Agent Switcher (https://addons.mozilla.org/en-US/firefox/addon/user-agent-switcher/). I've used both, they work (watched my own server logs to be sure) and seem legit. Downside is that you'll be seeing some mobile-formatted sites but hey, possibly-safer scofflaw tethering.
Hi, I have a question concerning "security" of internet browsing from android smartphones.
I hope that this is the right place to post.
Yesterday I was browsing the internet from a friend's android 2.3 samsung i8150 stock rom, and followed an "apparently normal" link on a webpage - it was not a link, I later realized that it was a "form button".
Suddenly after clicking it, I received an sms on the same smartphone from JAMBA, which stated that "my subscription was successfull" and from that moment on, I had to pay weekely 5€ (they took their first 5€ instantly, and of course there was no info about any "service" or subscription near the link).
I immediately called my phone operator (wind mobile) and asked to disable the subscription (which I hope they did - at least they refunded me), but they also said that this kind of "scam" is frequent: these services just need a click and a phone number to be subscribed to.
My question is simple: how could I "make safe" a browser which is publishing my personal phone number to any masked sms/ringtone/wallpaper/and whatever possible unwanted "service"?
I found these 2 topics, and made a check in the urls provided to see if it was wind's fault, but I couldn't find my phone number there.. so I assume it's another "trick" they are using to get my phone number..
http://forum.xda-developers.com/showthread.php?t=1463638
http://forum.xda-developers.com/showthread.php?t=1463530
Should I use a different browser (which one?) and consider the stock one "unsafe"?
Do you know anything about this behaviour and how to be "protected"?
Thank you in advance
Hi,
I've discovered the description of "Signal Private Messenger" app, but I don't know what thinking about it.
Its description seem's to indicate that you can communicate voice and text securely end to end with your smartphone, and that it's open source.
What is really securely ? I don't know and "I want to know"
Thanks in advance for your answers.
Hi, The short answer is Yes. Signal is by Open Whisper Systems & runs on iOS and Android. You can use it as a regular SMS/MMS app; as well as encrypted SMS/MMS/phone calls. To activate the encryption you need to exchange keys with the person you want to message.
Hope this helps!
equi_design said:
Hi, The short answer is Yes. Signal is by Open Whisper Systems & runs on iOS and Android. You can use it as a regular SMS/MMS app; as well as encrypted SMS/MMS/phone calls. To activate the encryption you need to exchange keys with the person you want to message.
Hope this helps!
Click to expand...
Click to collapse
Hi,
Thanks for your answer.
Your answer is a good summary of the app's features.
But what are you thinking about the word "securely" ?
Is it a dream or a reality ?
The app's editor highlights testimonies from known people who use it. Is it sufficient to trust this app ?
Has someone in this forum examined the code of this app ?
Nothing is completely secure.
In my opinion, & from my use, Signal is more secure than a normal messengering app - but less secure than a talk in real life.
If you are interested in security, please check out this XDA subforum; http://forum.xda-developers.com/general/security
And read up here: www.eff.org
Hm, nice to see a discussion going on. Have just heard Snowden recommend the app so I thought I'd check it out. BUT, there is a but ... I intentionally blocked the app from any internet usage whatsoever with AFWall+ donate. I've set up my AFW to show a toast whenever it blocks an app trying to use the internet so that I know which apps try to use the net in the background without my permission or intention. To my surprise my AFW blocks Signal all the time when I use Signal. And I mean ALL the time. How does this make sense? Why would a privacy app try to connect to the internet constantly? I've not got WiFi calling and I've not even enabled it in Signal's settings. Am I missing something here or is there sth wrong with the app? It's making me feel that it is constantly trying to leak data and that's why it attempts to use the internet. Good thing I have a robust thing on board such as AFWall... best firewall out there.
jonathansmith said:
Hm, nice to see a discussion going on. Have just heard Snowden recommend the app so I thought I'd check it out. BUT, there is a but ... I intentionally blocked the app from any internet usage whatsoever with AFWall+ donate. I've set up my AFW to show a toast whenever it blocks an app trying to use the internet so that I know which apps try to use the net in the background without my permission or intention. To my surprise my AFW blocks Signal all the time when I use Signal. And I mean ALL the time. How does this make sense? Why would a privacy app try to connect to the internet constantly? I've not got WiFi calling and I've not even enabled it in Signal's settings. Am I missing something here or is there sth wrong with the app? It's making me feel that it is constantly trying to leak data and that's why it attempts to use the internet. Good thing I have a robust thing on board such as AFWall... best firewall out there.
Click to expand...
Click to collapse
It's encrypted, end to end. It's not leaking anything. The code is opensource, you can go and review the code and build it yourself.
If you're blocking it from accessing the internet, then it's going to try again, probably because it can see that there is a network connection live.
@jonathansmith
Thanks for your detailed feedback.
It will be nice if someone in this forum could analyze the code of this open source app.
As for me, I am unfortunately not competent.
Were you able to identify with AFW the site the app was trying to connect ?
dtective said:
It's encrypted, end to end. It's not leaking anything. The code is opensource, you can go and review the code and build it yourself. If you're blocking it from accessing the internet, then it's going to try again, probably because it can see that there is a network connection live.
Click to expand...
Click to collapse
Thank you, that's exactly what I don't get. Why would it attempt to establish a connection. Ofc I'm blocking it. I'm blocking tons of others apps as well, but unlike Signal (and a few other suspicious apps) the other apps do not try to establish a connection.
As I said, when you block an app from accessing the net with AFWall you can tell AFWall to give you a toast showing you when every signle time when AFWall blocks a certain app trying to access the net. So, with 99% of my AFWall-blocked apps I don't get this toast, meaning that those apps don't even attempt to access the net (but better stay safe and have em blocked.) With some tricky apps though, AFwall shows that toast msg indicating that it successfully blocks a certain app from accessing the net. That's what I don't get - why would Signal be set up in a way that it would attempt to access the net. Prolly WiFi calling or sth but I'd rather use it for now only as a default SMS client.
Yes, you are right. Signal can see that there is a network connection live and that's why it constantly tries to connect to it. Just wish Signal would get it once and for all that it is blocked for good and stop trying to access the net.
If anyone knows which Services, Broadcast Receivers, or Activities from Signal should be disabled (using MyAndroidTools for example) please do share which ones they are so I can disable them and thus prevent Signal from constantly trying to establish a connection. The toast msg from AFW does become annoying when it is every second second
---------- Post added at 11:39 AM ---------- Previous post was at 11:33 AM ----------
iwanttoknow said:
Were you able to identify with AFW the site the app was trying to connect ?
Click to expand...
Click to collapse
Maybe gotta look into the log of AFW. The toast msg only shows the ip address which Signal ties to connect but AFwall prevents it form doing. But that's not the prob for me. Doesn't matter too much what it tries to access cos I know AFWall is good enough at preventing that. Just want to stop Signal from trying to access whatever it is trying to access! Will let you know if I figure it out!
---------- Post added at 12:00 PM ---------- Previous post was at 11:39 AM ----------
equi_design said:
Nothing is completely secure.
And read up here: www.eff.org
Click to expand...
Click to collapse
I second that. Nothing is, indeed! And thanks for reminding me about eff ... here's a good one - https://www.eff.org/https-everywhere @iwanttoknow check it out!
And here's a bit of a follow-up. Managed to catch the toast. Not sure if it is always the same ip that AFW blocks, but will try to pay attention. A reverse search reveals that the geo location of the ip is some place in Washington, US.
https://imgur.com/a/5fhIf
As I understood it
(And I could be wrong I left signal years ago when it was text secure)
Signal does NOT use sms to send messages
That functionality of the app was dropped a while back
It uses internet only to transmit encrypted messages
And it uses its own message server to host your messages.
It seems like decent software
I abandoned it because it uses your personal phone number as your identifier..
And it will not work with out a phone number..
Which for me is just crazy as every government in the world and most phone companies are selling /tracking your "meta" data based on your smart phone and it's phone number.
Think of it as any other encrypted internet message system
But it uses your phone number as an identifier...
Everyone gets my pubic email address now for communication.
Cops, government, hospital, work, stores,etc
It's the 21st century. Why use a phone number for anything anymore?
nutpants said:
As I understood it
(And I could be wrong I left signal years ago when it was text secure)
Signal does NOT use sms to send messages
That functionality of the app was dropped a while back
It uses internet only to transmit encrypted messages
And it uses its own message server to host your messages.
It seems like decent software
I abandoned it because it uses your personal phone number as your identifier..
And it will not work with out a phone number..
Which for me is just crazy as every government in the world and most phone companies are selling /tracking your "meta" data based on your smart phone and it's phone number.
Think of it as any other encrypted internet message system
But it uses your phone number as an identifier...
Everyone gets my pubic email address now for communication.
Cops, government, hospital, work, stores,etc
It's the 21st century. Why use a phone number for anything anymore?
Click to expand...
Click to collapse
You have to go back in time when the app was called Textsecure and it provided end to end encryption for SMS. The app was available on F-Droid until someone discovered that plain text sms were saved unencrypted on device. After that, the dev temporarily closed the source and also demanded that the app be removed from F-Droid, because in his view distribution on F-droid was "insecure." Well, that hole was fixed and the following versions worked pretty well. About the same, time, the dev started to be bothered by TSA every time he travelled by air. Then, within a few subsequent releases, google binaries and internet permission were included. Then, the app started to crash if internet service was restricted. In addition, you could only get the app from Googleplay, which means, you must have Gapps and Google Services Framework, which has total control over the phone and regularly "phones" home (obviously not your home). GSF can get your outgoing text before encryption and incoming text after.. Despite all of the above, one could still compile the app and use it without GSF. Then suddenly, the dev announced that he would no longer support encrypted SMS. About that time, he started receiving literally millions of $ from a US government's backed foundation. In addition, he was offered a lucrative contract to do encryption for What's UP, which later became Facebook. Quite a change after being harassed in airports So, encrypted sms were dropped and the app turned into an internet messenger. You must register with your phone number; your data goes through Google servers and Whisper System's servers. And by the way, neither the Signal servers nor Redphone servers are open source. You can't use the app unless you have Gapps and GSF and if you use the app, you are known to Whisper Systems, Google and all 3-letter agencies...
This is not the first time I am posting on Textsecure/Signal, just do a search on XDA and F-Droid forums and you will find more info with links. I would stay away from anything coming out of Whisper Systems. Use Silence, which is a fork of Textsecure with encrypted SMS. For over-the-internet services, use Conversations.
And by the way, never use an app where everything: encryption, encryption method, registration, servers are in the hands of one entity, which won't allow you to use other servers...
nutpants said:
As I understood it ...
Click to expand...
Click to collapse
You might be right but for normal unencrypted messages Signal uses simple SMS. Have tried it and without any WiFi or data it simply sends a msg as an SMS. So far so good but u might have a point. I'm yet to test with someone who also has the app installed and see how encrypted msgs are transferred. I'd imagine it NOT to be over the internet, but then again you might have a point? Why? Because as I said I've blocked Signal with AFWall and I get a toast showing that Signal CONSTANTLY tries to connect to the internet when there is currently a live connection to the internet, be it Data or Wifi. So yeah, you might be right, but I need to test it out. In the meantime someone who has already done this would do us a favour by telling us how it works.
Using my personal phone number as identifier does not sound cool indeed. If you are right about this: 'It uses internet only to transmit encrypted messages. And it uses its own message server to host your message' then I guess I'm ok with using the net for transmitting encr. msg since they are encrypted with E2EE. As to where the msgs are hosted. I guess I'm better off having them stored at Signal's server than at Verizon's cos from Verizon they end up DIRECTLY to the government. I guess with nuff persuasion and money though they'd also end up there from Signal. It's the way of the world, isn't it? Also, as I mentioned in my last post, the IP which Signal constantly tries to connect to is in Washington. That's already fishy enough .... very fishy!
optimumpro said:
Use Silence, which is a fork of Textsecure with encrypted SMS. For over-the-internet services, use Conversations.
Click to expand...
Click to collapse
How about apps like 'Wire' and 'Wickr - Top Secret Messenger'? Are they any good? Will give Silence and Conversations a try! 10x for bringing them up.
unknown404 said:
How about apps like 'Wire' and 'Wickr - Top Secret Messenger'? Are they any good? Will give Silence and Conversations a try! 10x for bringing them up.
Click to expand...
Click to collapse
Wickr is not open source. So, for me it is out of the question. Wire sounds good, although they say they can terminate your account at any time. Also, they say the company is based in Switzerland, but the location for dispute resolution is San Francisco. They also say they can require you to download/upgrade the app, which means that if you want to stay on older version, they won't let you...
Again, I am against models where everything is concentrated in the same hands...
optimumpro said:
Wickr is not open source. So, for me it is out of the question. Wire sounds good, although they say they can terminate your account at any time. Also, they say the company is based in Switzerland, but the location for dispute resolution is San Francisco. They also say they can require you to download/upgrade the app, which means that if you want to stay on older version, they won't let you...
Again, I am against models where everything is concentrated in the same hands...
Click to expand...
Click to collapse
I guess I'm ok with Wickr's being closed source (but then again what do I know ... the discussion about open vs closed source goes both ways so more opinions are welcome). Just don't get why I made an account there and now trying to log back in I'm told the credential are wrong. Weird!
Hi,
In my first post, I was asking your opinions about "Signal Private Messenger" app.
Thanks all for your answers.
In your answers, I have discovered the names of Silence and Conversations apps.
Which level of confidence for them and why ?
iwanttoknow said:
Hi,
In my first post, I was asking your opinions about "Signal Private Messenger" app.
Thanks all for your answers.
In your answers, I have discovered the names of Silence and Conversations apps.
Which level of confidence for them and why ?
Click to expand...
Click to collapse
I'll be happy to hear more opinions as well but as optimumpro said, Silence really seems solid and offers E2EE, which is what I need. Have tested it with other users and seems good so far. Can't say anything about Conversations cos I've not used it yet. I read good stuff about Wickr as well, but yeah ... closed source deters many.
unknown404 said:
I'll be happy to hear more opinions as well but as optimumpro said, Silence really seems solid and offers E2EE, which is what I need. Have tested it with other users and seems good so far. Can't say anything about Conversations cos I've not used it yet. I read good stuff about Wickr as well, but yeah ... closed source deters many.
Click to expand...
Click to collapse
Both Conversations and Silence are open source, unlike Signal, which contains prebuilt binaries and jar files. Also, neither Conversations nor Silence forces you to register or use their servers, which Signal does.
optimumpro said:
Both Conversations and Silence are open source, unlike Signal, which contains prebuilt binaries and jar files. Also, neither Conversations nor Silence forces you to register or use their servers, which Signal does.
Click to expand...
Click to collapse
That I do second and that I do like!
Hi,
After reading some articles, I discovered that it was "easy" to assure End-to-end encryption (E2EE) for our communications. I share my understanding here, knowing that it's well known by experts in the domain. So thank you for being kind to me.
In fact, there is a difficulty for communicating parties who wanted to communicate without anyone spying their voice or written messages. They have to use cryptographic protocols relying on a shared secret. But how to share a secret on unsecure communication channels ?
It's "easy", due to the Diffie-Hellman cryptographic protocol which permits to do that. There are a lot of explanations about it on the Net. But it could be defeated by the man-in-the-middle attack (MITM). To counter this attack, you have "simply" to sign the shared secret with asymetric keys (with your secret key to sign the shared secret, and with your public key permitting to the other part verify it). If you are interested, see more explanations on the Net about asymetric cryptographic protocols.
I sincerely hope that I didn't say too much nonsense.
Silence app is based on Diffie-Hellman protocol, like other apps in the domain.
In summary, after reading your answers to my initial post :
- Silence app permits to exchange SMS/MMS, using E2EE.
- Conversations app is an instant messaging (IM) client for Android, using E2EE.
Signal Private Menssenger is an E2EE IM and voice calling app.
I have noted what has been written about Signal Private Menssenger in this thread, so is there a "less intrusive" E2EE voice calling app, in the same way as Silence ?
Thanks for your participation.
I have a Huawei p30 phone with last security patch received in august 2020, not rooted and never been in strangers hands.
This crazy psycopath woman has been stalking me badly for a year, but then in september 2020 she shared a weird (fake) video with the image of a pixeled pony on my Facebook page. I clicked on it but strangely it won't open. Few hours later this crazy woman deleted the fake video and begun to write me about things I said privately to a friend via Whatsapp! and in the following months she started insulting me with fake Instagram profiles every time I chatted privately with other girls, making fun of the things I wrote to them. She seems to see everything on every social network! And even when I took a picture with a girl that I never shared but only had privately in my gallery, she reacted to it by insulting me!
I don't know what kind of trojan or RAT is this but I would like so much to get rid of it!
1) Can you guys tell me how can I get rid of this RAT? I've already searched with Kaspersky, Malawarebytes, Avast for Android but they can't see a damn thing.
2) Can I put my sim card with my whole whatsapp (and related backup messages and contacts) on a new device or I am going to risk?
3) Can I keep my Gmail and Instagram accounts by disconnecting them from the hacked device and changing passwords from a new device?
THANKS
Personally don't think your phone got infected by a RAT and/or Trojan: this type of malicious software requires root-access get granted to it.
IMO your issue is related to the social media you make use of, the method you login there, the passwords you use with this accounts.
You know that FB, WA and Instagram basically are ONE company, that your related account details get shared between them?
jwoegerbauer said:
Personally don't think your phone got infected by a RAT and/or Trojan: this type of malicious software requires root-access get granted to it.
IMO your issue is related to the social media you make use of, the method you login there, the passwords you use with this accounts.
You know that FB, WA and Instagram basically are ONE company, that your related account details get shared between them?
Click to expand...
Click to collapse
If you look around over the Internet there is PLENTY of new generation RAT trojans that take root permissions of Android phones with just one click. Some of them are called drive-by download, they use a buffer overflow mechanism. Off course you need security holes for this to happen, and Huawei is very very exposed to this, they never release security patches! Even the police officer I talked to when I filled the complaint told me that they see many cases like these. It's absolutely possible.
Columbus93 said:
If you look around over the Internet there is PLENTY of new generation RAT trojans that take root permissions of Android phones with just one click. Some of them are called drive-by download, they use a buffer overflow mechanism. Off course you need security holes for this to happen, and Huawei is very very exposed to this, they never release security patches! Even the police officer I talked to when I filled the complaint told me that they see many cases like these. It's absolutely possible.
Click to expand...
Click to collapse
I want to say one thing to the one guy laughing underneath my post. ALL of my accounts were protected with double step autentication (2FA) and just yesterday, my phone received a series of notification about a Google chromecast device that was connected to my Huawei p30. I even got the last notification saying "you succeded connected google chromecast to your device". Now tell me how this is even possible, because I never had a google chromecast device and I was at work the whole time! Looks like there's a clone of my p30 smatphone out there. Do not aswer if you have no clue about new hacking programs.
1. Make sure that you have finished a full data backup.
2. Do a factory reset + wipe cache.
3. Change your passwords ASAP.
Just for your reference.
A side remark dedicated to visitors here who don't know what a RAT is:
A RAT ( read: Remote Administration Tool ) is an Android app that always runs as an Android service, what gets started at Android's boot. It has initially been developed as an university project. A RAT consits of a client module ( the mentioned Android service ) and a server module located somewhere outside of Android device, reachable via Android's network connection.
A RAT's client module only can get installed on Android devices with unlocked bootloader, AVB disabled and rooted Android. It's the user - and ONLY he /she - who allows a RAT service to get installed on Android
These are a RAT's functionalities typically available
Get contacts (and all theirs informations)
Get call logs
Get all messages
Location by GPS/Network
Monitoring received messages in live
Monitoring phone state in live (call received, call sent, call missed..)
Take a picture from the camera
Stream sound from microphone (or other sources..)
Streaming video (for activity based client only)
Do a toast
Send a text message
Give call
James_Watson said:
1. Make sure that you have finished a full data backup.
2. Do a factory reset + wipe cache.
3. Change your passwords ASAP.
Just for your reference.
Click to expand...
Click to collapse
About the backup: can I just connect the hacked phone (offline) to a clean PC to transfer my files? I am afraid I'll transfer also the rat this way!
jwoegerbauer said:
A side remark dedicated to visitors here who don't know what a RAT is:
A RAT ( read: Remote Administration Tool ) is an Android app that always runs as an Android service, what gets started at Android's boot. It has initially been developed as an university project. A RAT consits of a client module ( the mentioned Android service ) and a server module located somewhere outside of Android device, reachable via Android's network connection.
A RAT's client module only can get installed on Android devices with unlocked bootloader, AVB disabled and rooted Android. It's the user - and ONLY he /she - who allows a RAT service to get installed on Android
These are a RAT's functionalities typically available
Get contacts (and all theirs informations)
Get call logs
Get all messages
Location by GPS/Network
Monitoring received messages in live
Monitoring phone state in live (call received, call sent, call missed..)
Take a picture from the camera
Stream sound from microphone (or other sources..)
Streaming video (for activity based client only)
Do a toast
Send a text message
Give call
Click to expand...
Click to collapse
So you are basically telling everyone that when FBI is live monitoring your smartphone, that's because you CHOOSE to ALLOW a RAT service to get installed into your smartphone? I never ever allowed this thing to install inside my phone, all I did was to click on that fake video! and things like this, to mutuate the words of the police officer I talked to, do happen all the time!
My last 2 cents here:
If someone ( like FBI employee, spouse, life companion, etc.pp ) wants to monitor everything on your Android phone not having your phone in hands, wants to access your phone's data not having your phone in hands, he / she must install a monitoring app or RAT software ( e.g. AndroRAT ) on your Android phone. Point.
Have a nice day.
jwoegerbauer said:
My last 2 cents here:
If someone ( like FBI employee, spouse, life companion, etc.pp ) wants to monitor everything on your Android phone not having your phone in hands, wants to access your phone's data not having your phone in hands, he / she must install a monitoring app or RAT software ( e.g. AndroRAT ) on your Android phone. Point.
Have a nice day.
Click to expand...
Click to collapse
I'm positive with what you say, but I'm also saying that this monitoring app CAN be disguised as fake video or image, thus by clicking on it you will inadvertitely launch a series of payloads that will root and then hack your phone. This is a fact. It happened to me and if you give a look online you'll see how this works and how many apps are doing this (obviously you need HUGE security holes in your device to do that, and older Huawei devices, which are rarely updated, do have them).