Nexus 6P blocked ADB - Security Discussion

Hello, not sure if this is the right thread to be posting this on but here goes...I am trying to root my phone mainly because I want to open up more resources, get rid of certain programs, try out new rooms and I'm interested in development. But another more pressing reason now is because I believe my phone has been hacked. It, along with the last few phones I've had (I've been changing phones to run from whatever is happening.) changes security settings on it's own, goes through batteries way to quickly and uses data when it shouldn't be. Certain options in settings have been grayed out and others keep getting switched back from where I put them. I absolutely cannot run adb because I cannot get my computer to recognize them. I can't run adb over WiFi either. I've tried different computers, operating systems and everything I know to do. I've spent weeks (literally weeks) trying different suggestions from different websites and tutorials and nothing works. I've used Windows, Linux and OSX. I even payed one click root to do it and they couldn't either. I've been looking at what logs and other info I can get from apps but it's limited info because I don't have root. I have read some manifest docs and even though I'm a noob they just don't sound right and certain apps permissions are way out there. I've checked call logs through two carriers, T-Mobile and now Verizon and both indicate that my phone is sending back to back texts and making phone calls that I didn't make. And I mean a lot of them. I've even made it a point to leave my phone at home all day and not use it and my call logs have still indicated usage. I really need some help...I don't know what to do at this point, I feel defeated, angry and frustrated. I believe that it has something to do with firebase and possibly my ex-wife. About a year ago I found an .apk file in her Google drive called ( truthspy.apk ). I did some research and it wasn't good. This was like 5 phones ago and she hasn't had physical access to my last few phones. I'm not sure what's going on but I know for a fact something is going on and Im respectfully requesting someone's help. Is there something that I can do like invoke a log or bug report or go somewhere and take a screen shot to someone something that they would be able to look at and tell if it wasn't right or that something was going on?
Thanks.
Sent from my Nexus 6P using Tapatalk

Related

[Q] Just what is wrong and how to fix it. No one tells me if it's software...

I have a few issues with the Captivate, that I just can't get an answer to, except send it in to Samsung, and we'll repair it. AT&T just does a very poor job, of tech support, on my end of things. I spend hours by phone, poor email replies, and going in for a face-to-face yesterday, simply does no good. I bought the Captivate with Android 2.1, and updated to 2.2, from Samsungs site. My issues are:
AT&T will stop BLOCKING apps, that come from other places, besides their Market. Talk of OTA being pushed, and the Captivate being one of the first to get it, led me to learn that OTA, is not a software push, but a set of instructions, to help us manually change a SETTING in the Captivate. This, from three different tech people, all the way up the ladder at AT&T. That said, the head tech, Glen, COULD NOT FIGURE OUT how to tell me to change the Settings. Another issue, is with SMS and MMS messaging. I can send them no trouble, but I don't really know if the ones I'm sending to, have got them. Surprise. I found I could make requests, for a Notice of Delivery. I just have 'to ASK FOR ONE'. Trouble is, no one can help me figure out how to ask. On AT&T site, under my contract, they have Captivate as my phone. They have a tutorial on MMS settings, so I went to it. I followed the steps they give, and at the END, they show 5 options, that are greyed out, that you can activate. They show 5, but my Captivate only shows 3. The two that are missing, DELIVERY REPORT and READ REPORT, are what I'd need, but they aren't there. Yesterday in a face-to-face, the tech I was talking with, played with a Captivate demo, and actually found those two options on it. His reply, the demo is Android 2.1, I upgraded to 2.2. Conclusion, I screwed myself, with the update. He didn't explain, why the Captivate HE OWNS, and is 2.1 itself, DON'T HAVE THE TWO OPTIONS EITHER. The third issue, is EDGE. Where I live, AT&T's tower, are horrible. No one with AT&T, can connect to them. I pay over $70 a month, to use my Captivate, on my WIFI. My use is rare, for phone calls. It's mainly for the Smart Phone part, that I use it. When I bought the phone, EDGE was not active, but some smart guy at a hugher level, had me make a settings change, and it appeared. But it no longer appears, and it seems if you don't ask a 3G question, they ignore you now. So, after countless failures, I left AT&T yesterday, and stopped at Verizon, just down the road, to get info with them.
I contacted Samsung when I got home, telling them the troubles I'm having, and asking if they could help answer my issues? This morning, I got their reply. The answer was an EITHER/OR reply, and that's why I'm asking this here. They say I could either restore my software to brand new, and lose all my phones content, or send it in for repair, which probably would lose the content with as well. Not an indication, if it's a software(Android) problem, or a hardware problem. No indication if AT&T's OTA, is a software PATCH, or if it really is nothing but instructions on what I need to change. AT&T sent me two MMS TEXTS, while I was on the phone with them, that were 4kb in size, and were ONLY GOOD FOR 4 DAYS, by what was said with them. Both opened with the word, DOWNLOADING, following it, but the word DOWNLOADING, is still present, 2 days later. Must mean what they sent, I never had installed. But why install something, if it's NOT A SOFTWARE ISSUE as AT&T claims, and instead send a simple email with instructions, or a web site, I can read the instructions on? But, as of this morning, I really don't know how to handle this. Does anyone, understand what this means, and can explain in basic English, just what is wrong? Thank you.
All of this is software, stock sucks and now you see why the custom rom community is so large.
For edge, go to settings> wireless and network> mobile networks> network mode, change that to gsm only.
The nonmarket ota will have to be
a software patch because it's disabled completely in the settings of the OS. A simple guide on what to turn on in the settings won't do it it's deeper than that.
the sms/mms issue have you tried clearing the cache and or data in"settings>applications> manage applications>all> messing. Or using a different messaging app? I use handcent sms but there are several in the market.
Thanks. I'm starting to understand this rom craze I've been reading about.
On Edge as you suggested, when I get to Mobile Networks, after I click on it, I see NO Network Mode, that I could change to gsm only. I have 4 choices, Use Packet data, which is active, Data roaming, which is not active, Access point names, which shows ATT WAP, avtive, and Network operators, which shows a blacked out Default Setup. It's listed under Available Networks, but I can't even activate the Default setup. What's missing here?
As for the OTA, I'm glad to know it's as I thought, not as AT&T lied to me about. The two seperate AT&T messages they sent me, a little over two hours apart, are listed as such: <Subject: AT&T
test MMS> Downloading
Message size: 4KB
Expires: 5:57 pm, mAY 23
and when you long press it, a menu appears, that allows you to View message details. Click on that, you get
> Message details
Type: Multimedia message
notification
From: 28838270
Expires: 5:57 PM, May 23
Subject: AT&T test MMS
Message class: Informational
Message aize: 4KB
That is what they tried to push me, as the OTA, and as I said, Glen, an upper level tech, tried walking me through the settings, to physically make the change, but failed to do so. Do you understand what type of crap they were really pushing me?
I do have Handcent sms, but I never used it. I suppose I need to stop thinking everything is alike. I opened it up, and the options, are over whelming, so I chose those I thought were right. I'll read up on it later, to try and understand it better. It showed my text messages I already had, including the two test from AT&T, which actually allowed me to DOWNLOAD. Dowload what? Good question. But clicking it, showed it downloaded, SOMETHING. After that, I tried to install the Amazon appstore app, which AT&T kept blocking, and no surprises, it was blocked again just now. So, maybe AT&T knows what type of crap they sent me, but it damn sure didn't fix the BLOCK.
Guess you see I'm frustrated, but thanks for your reply. If this note helps you try something else, please let me know. Thanks.
MarketEnabler to get past the AT& T blocking (requires root)
IMHO, Custom ROMs is the only way to get the best out of your device.
Sent from my Captivate. Andromeda 3, Onix 2.0.5 @ 1.2Ghz
Downloading?
I've had messages get stuck in downloading when someone sends me a MMS with a picture or a web link that needs to use the data connection to download the message and I have the Data network mode shut off. May want to check you're Data Network setting to see if its on or off. Something to check.
With 2.2 you can turn on or off Data network mode by holding the power button to bringing up the menu.
It seems if I want to stop being frustrated over AT&T and their not helping fix the issues, is to start thinking like a lot of you do. I have seem a lot about ROM, but in truth, don't know much about it. I'll try and read up to learn, just what I'm looking for, like what would best fit my issues. Thinking back on my face to face with Tech support, Friday, when I acted so frustrated, that even they couldn't fix my AT&T BLOCKING of apps NOT FROM THE MARKET, I had two different AT&T TECHS ask me, "WHY DO YOU WANT TO LOAD APPS, THAT ARE NOT FROM THE MARKET"? Why? How about I simply want to? Does that mean that AT&T has the mentality, that since they charge to provide service, that it allows them to DICTATE how we use the equipment we buy? What ever happened to the concept of TRUTH, in business these days? Anyway, I'll start trying to gain ideas from going with a custom rom, and see what woud best meet my needs, with one. Thanks.
You know what's funny?
All of the roms have what you're looking for
That's the entire spirit of roms, I bought this awesome peice if hardware but the software it came with is locked down, freedom robbing, laggy, ugly garbage. The phone belongs to us it's ours to do with what we please.
But before you take the rom leap, try super one click to root and it also unblocks non market apps

[App Idea] Plan B for data recovery on broken stock phones.

I feel this idea could be useful for a lot of us, not on our phones since we are likely rooted but on our family members and non tech friends stock phones. Which we usually end up fixing.
My idea if it is possible would be be for a "Plan B" type app for use after a broken screen, were the completely stock phone without ADB enabled needs data extracted.
My hope is that someone could make a app that is remotely installed from play.google.com that automatically turns on ADB debugging (if possible without root)
After that most data can be extracted with "adb backup" or adb pulls.
I can't count how many times this would of helped me in the past if it existed. Any dev up for the job? I am sure it would be appreciated by people.
Guess no one was interested in this idea.
shadowofdarkness said:
Guess no one was interested in this idea.
Click to expand...
Click to collapse
I think many of us are interested but one (so far) can help.
would be a good idea.... who ever was in need for something like that will be likely to pay for that... :laugh:
I could see this being a massive security risk. Sure the app could be handy, but it would also make stealing info from a phone very very easy.
So on that note, I don't think it will ever make it through, though I am sure there are ways.
Just install something like SMSBackup+: https://play.google.com/store/apps/details?id=com.zegoggles.smssync
Set it to automatically back up to their gmail, every so often, and then when it comes time to have to do repairs, you can get all of their calling/sms stuff back, since Google automatically deals with the contact infos.
it wouldn't be a security risk since the only way to install it would be from play.google.com which no one can do without your password. also pour planning with other software is not the point of this since I have been asked to recover data from devices by people that I honestly had no clue they owned the device before they broke it.usually family I don't see on s normal occurrence.
I've always been taught to keep a back up of anything you consider important.
Either way...
There are ADB backup solutions out there, there are recovery apps in the Playstore that will scan for missing or deleted files.
If you have access to the Playstore you have access to all the already available recovery apps. Why the need for an app that will basically root and unlock the device from behind their 'lock screen'?
If you have no direct GUI access, you want an app that you run on your computer that forces the phone connected via USB, to unlock and let you access whatever you want before you restore the phone. This is a massive security problem, because anyone could download that app, and use it to break into phones.
Sound like the 'prior planning' apps, are the best way to go.
I think you are missing my point. I know that prior planning is the best but it it not always possible when dealing with people so tech illiterate that even thought they own the device they barely understand it is not a iPhone because that is what a smartphone is to them.
My intended use is for physicaly broken phones (mainly screen) where I can't control any apps with the screen or turn on ADB from settings.
You thought on the security risk is wrong since out of the ways I can think of to install it via play store on the phone is would not be used since that would mean the attacker could just go into settings and do it the normal way. sideloading is impossible since it would be redundent due to that already needing ADB on.
The intended way via the web is safe enough since the attacker would need your email, password.
Do you hate the "Plan B" app that gps tracks your lost or stolen phone that is already in the play store and gave me this idea. It shows in the store as having between half a million and a million installs. Do you think those people should of went without such a app and lost their phone since they should of just pre planned since it is better.

[Q] Bypass Galaxy S3 password

Okay, I'm not only new to this forum, but I am also inexperienced with Android software, and the exploits thereof. Here's the run down: I have reason to believe that my wife is either cheating on me, or very much considering it. While I am not able to navigate computers very well, I am able to navigate people's behavior quite well, and she is showing a lot of red flags that indicate to me that she is being deceptive, and that she may possibly be up to something with someone at work (which I don't have ready access to.) She has my old GS3 (No service, just wifi) and has recently been particularly occupied with it.
I put a keylogger on the computer and grabbed her passwords, but nothing is showing up. She has been deleting her messages, and has been using the private browser setting on the computer. I believe everything that is pertinent to the matter at hand is on that phone. Earlier today, I managed to guess her password while she was in the shower, but had to close shop quickly, due to her coming out. She must've had a trap set, seeing as she has since changed the password, and now I am stuck back at square one.
I tried guessing her password based off of her recent and past interests, favorite things, etc, but have been unsuccessful. What I need is a way to bypass her password, while leaving it intact, either through manual manipulation of the device, or through wifi. My PC is (unfortunately) Vista, and I don't know if she has google play activated on that phone or not. I don't know what she has going on on there, otherwise, I wouldn't be here.
I don't want ANY trace of me being there. If I find something, I will make it very apparent that I know about it. If anyone can help me, I'd appreciate it.
Sorry that you are having problems with your wife but no one here is going to telling how to hack into your wife's phone. It's illegal and just plain wrong no matter what you think she may be doing.

Unknown activity HTC ONE M9

I have unknown activity on my phone.
Along with numerous "unknown" outgoing calls with no number shown on my device (and 2 other M9 phones on the same plan) or any number registering on my carrier's system (when I called R, they said their system did show connected calls lasting various amounts of time, the could not determine what number the calls were going to), there's also a call in the log going to "(unknown)" "***,144***"
Anybody have any clue what's going on? R gave the bs answer that all 3 of us were calling our VM, even while we were sleeping. However, the times we did check our VM, the number did register on the phones and with the carrier's system.
Thanks!
Im adding a question. My M9 was unlocked without my knowledge. I'm guessing that ***,144*** might be the secret unlock code. IS there a way I can determine if it's been rooted as well?
--
squidstings said:
I have unknown activity on my phone.
Along with numerous "unknown" outgoing calls with no number shown on my device (and 2 other M9 phones on the same plan) or any number registering on my carrier's system (when I called R, they said their system did show connected calls lasting various amounts of time, the could not determine what number the calls were going to), there's also a call in the log going to "(unknown)" "***,144***"
Anybody have any clue what's going on? R gave the bs answer that all 3 of us were calling our VM, even while we were sleeping. However, the times we did check our VM, the number did register on the phones and with the carrier's system.
Thanks!
Click to expand...
Click to collapse
Interesting issue. I am not sure about the rooting. You are probably going to need to ask experts around here. Hopefully, they can help you with that. As for security, you could try checking if you have any suspicious apps running in the background or installed (You might be using same GPS or another app for example). It could be that one of the malicious apps had access to your calls which lead to them outputting calls to somewhere. You could try disconnecting your internet for a day and see if the calls persist (That is probably not an option for you, but it is an idea). Additionally, you could try a factory reset on one of the phones and see if the problem is still there.
squidstings said:
Im adding a question. My M9 was unlocked without my knowledge. I'm guessing that ***,144*** might be the secret unlock code. IS there a way I can determine if it's been rooted as well?
Click to expand...
Click to collapse
just saw this,
https://www.xda-developers.com/htc-says-the-ads-in-its-keyboard-are-a-mistake-fix-icoming/
which reminded me of your issue, though I don't suppose it's linked, but it does make you wonder WTF HTC are up to!
Anyhow with your issue I wasn't going to answer as I don't know the answer but my thoughts may help in some small way. I don't thank the 144 is a phone developers code to "root" or turn of security in some way as that would not show on your provides call logs as they stay internal to the phone (mostly). Also I don't think it's adware callng a premium number as your phone company says it does not register properly, so nobody will be paid.
That only leaves a more malicious form of hacking, I would say. So maybe that code does enable your data to be sent but untrckable over a network. That suggests to me it's possibly your actual network (who are R? What country, is it?) or maybe even your government if you are an activist or something? Though more likely is a criminal or business competitor, assuming the other people affected are business colleagues. So could be your boss trying to snoop on you all, if not HTC or the Chinese Communist Party aparatus!
What to do? As Ross says disconnecting is probably not practicable. If you have malicious activity they probably are using data as well as calls. So I would install a firewall to block most apps and log attempted connections (normally have to pay for this) then check IP addresses tell see if they are legit. However this may not show anything as data may go via root. So setting up a proxy to route traffic to your PC and use a sniffing program to see traffic or at least I P addresses.
You can download root checking apps from play store. Also check your security settings any app with admin rights? Also use a good antivirus you might get lucky, but even if negative you may still be infected.
Only way to really clean your system is to reinstall your OS, though a factory reset will fix often. But first you need to know how you were all compromised and fix that else it will just return, I would think it's most likely your local work network, (but could be your provider R or even something else you connect to in sore way eg Bluetooth, or an app you all have (you can boot into safe mode to disable 3rd party apps, but with HTC system apps possibly containing apps that use the Baidu apk etc that still has a possible backdoor unpatched (as far as I know) safe mode will not help white those!)
You might have to look into freezing/uninstalling all HTC installed apps.
IronRoo said:
just saw this,
https://www.xda-developers.com/htc-says-the-ads-in-its-keyboard-are-a-mistake-fix-icoming/
which reminded me of your issue, though I don't suppose it's linked, but it does make you wonder WTF HTC are up to!
Anyhow with your issue I wasn't going to answer as I don't know the answer but my thoughts may help in some small way. I don't thank the 144 is a phone developers code to "root" or turn of security in some way as that would not show on your provides call logs as they stay internal to the phone (mostly). Also I don't think it's adware callng a premium number as your phone company says it does not register properly, so nobody will be paid.
That only leaves a more malicious form of hacking, I would say. So maybe that code does enable your data to be sent but untrckable over a network. That suggests to me it's possibly your actual network (who are R? What country, is it?) or maybe even your government if you are an activist or something? Though more likely is a criminal or business competitor, assuming the other people affected are business colleagues. So could be your boss trying to snoop on you all, if not HTC or the Chinese Communist Party aparatus!
You might have to look into freezing/uninstalling all HTC installed apps.
Click to expand...
Click to collapse
Thank you!
Rogers, Canada. But I've switched carriers within the last few days.
I've actually done the FR 5 times now. Disabeling the pre-installed "Gmail" (I think it's more Google thn HTC related seems to have stopped the calls. I've disabled as much as I could.
so here's the kicker. I'm literally nobody! On disability, no exciting employment history and those In my family who have, aren't in contact, nor do I have contact info. And it was my wife and daughter who had the other phones, but mine was central i think. daughters phone was locked. So nothing so exciting. Which is why I even bothered asking lol
squidstings said:
Thank you!
Rogers, Canada. But I've switched carriers within the last few days.
I've actually done the FR 5 times now. Disabeling the pre-installed "Gmail" (I think it's more Google thn HTC related seems to have stopped the calls. I've disabled as much as I could.
Click to expand...
Click to collapse
Ah! Rogers Canada should be a well controlled and trustworthy provider, so probably not them, though a rogue employee or having their network compromised can't be ruled out.
Also if official Gmail app it should be safe though it does have some quite intrusive permissions like full network access, view confidential info etc, but all are legit if you want the full functionality of Gmail. But it shouldn't have access to place phone calls, so should not be able to create the behaviour you describe.
That leaves a rouge app, but you would all need to have it I suppose, HTC app (or system behavior) or local hack ie via your router or via your PC. A good anti virus should find rogue app on phone and similarly on PC. HTC system apps hard to spot without doing the firewall etc etc. So I would also be double checking your local router for firmware update and resetting it with a new strong password, to prevent possible return, so to any Bluetooth devices.
Hope it doesn't return! All the best
been a while but, just how does one get a "," in the phone keyboard? long press * for P, but no ",".
Now that time has passed and more people might be awake and less likely to make excuses, I'm wondering if this issue can be solved, or at lest thought about intelligently. Maybe someone who knows how it CAN happen, instead of trying to find ways I'm mistaken. this was on THREE SEPARATE PHONES in 2 separate cities.
squidstings said:
been a while but, just how does one get a "," in the phone keyboard? long press * for P, but no ",".
Now that time has passed and more people might be awake and less likely to make excuses, I'm wondering if this issue can be solved, or at lest thought about intelligently. Maybe someone who knows how it CAN happen, instead of trying to find ways I'm mistaken. this was on THREE SEPARATE PHONES in 2 separate cities.
Click to expand...
Click to collapse
Check with a root app to see if your device is rooted
check permissions also you can take back permissions with a app on fdroid
unknown app check with virus total or
IF someone has root on your phone they can do what they want and when they want
a app that has call access they can transfer information over a phone connection which can be anything
The troubling thing here is that your phone was unlocked w/o you which implies root access
IF you bought your phone new you might not be anybody but to be put in perspective amazon lets you steal $500 if you use another id and they say it is not you so you do not lose out
but if it is used this can be from the previous user.
The best thing to do if it does not stop is to upgrade the software on the phone if you have already done that then use a Root firewall or change to a rom here on xda (you can all change making the transition easier).
Applied Protocol said:
Check with a root app to see if your device is rooted
check permissions also you can take back permissions with a app on fdroid
unknown app check with virus total or
IF someone has root on your phone they can do what they want and when they want
a app that has call access they can transfer information over a phone connection which can be anything
The troubling thing here is that your phone was unlocked w/o you which implies root access
IF you bought your phone new you might not be anybody but to be put in perspective amazon lets you steal $500 if you use another id and they say it is not you so you do not lose out
but if it is used this can be from the previous user.
The best thing to do if it does not stop is to upgrade the software on the phone if you have already done that then use a Root firewall or change to a rom here on xda (you can all change making the transition easier).
Click to expand...
Click to collapse
Thank you for taking the issue seriously and not trying to force kool aid down my throat (if carrier was "trust"worthy, THEY would have solved it).
It didn't show root. 2 of 3 m9s were mysteriously unlocked. the 3rd did prompt for a code, but did also show those "unknown #" calls. However, I'm still stuck on the code. I can't even enter a ",". Didn't check the other units for it, but it's still the only unanswered issue that could explain the unlock (aside from your suggestion). No one's even heard of it, but programmers are known for adding backdoors. If anyone's got a new, s-on unit and feels like trying it, that's about the only way to get an answer.
It's dead now anyways. Battery won't charge unless powered off and went from 24+hours regular standby to about 3 hours with extreme powersave on, overnight and doesn't extend with usb power. usb data comm isn't even recognized. All 3 have failed actually (different ways) so I'm going back to my m7 which still works great. Except, it says s-on but works with different carriers and I can't even enter the code I paid for (no prompt. is there another way?)
So, here's the tinfoil hat part. Although I'm nobody, This all started around the time of the '16 election. when I was arguing with a youtube account named (not looking to attract attention so no name, but you know it) for the person who came 2nd.
Thank you for your help. It's a shame it's pooched before solving the issue. But hopefully, the code will be solved.
But any help entering my sim unlock code a different way would be appreciated. But if other carrier sims work, should root be doable while showing s-on?
Thanks a TON!!
squidstings said:
Thank you for taking the issue seriously and not trying to force kool aid down my throat (if carrier was "trust"worthy, THEY would have solved it).
No one's even heard of it, but programmers are known for adding backdoors. If anyone's got a new, s-on unit and feels like trying it, that's about the only way to get an answer.
Click to expand...
Click to collapse
It would seem in your case that it is a setting change that was made and not comparable to other phones. Probably what we are talking about is a connection to a command server. S-on is a protection so that one cannot change the state of certain partitions namely the recovery boot and system however their are ways to get around this. You would need to get a root app to do that.
As a general rule you need to prove something is going on and funny numbers are a indication but nobody in the security community would touch it because it is very open. What you need to do however is
Get a copy of the calls use pcap and
check your firmware with the standard HTC firmware
this will show you what the phone call is doing and will help the android community overall (improved security)
Also programmers do not try to add backdoors they try to have a good product it is the hacking/security teams of _________ that do that. This being a programmer myself.

Question Active hacker in my phone and this computer Help me

So far he has deleted all the bookmarks that I saved from this site. The phone RCS doesn't work anymore. They can listen to phone call and terminate them and spoof incoming calls. I sent one phone to Samsung to be reviewed. At the end of 3 week review they sent me a check for the phone and I bought another one from ATT and I still have this problem. So I would appreciate it if someone could give me some direction for this Flip 3. I like the phone. I am a engineer and designed a few devices using ESP32's. So I know how to flash. I just need to lock this phone down and I will deal with the computer problem later...
Infections across multiple platforms is almost unheard of... what did Samsung find?
It isn't an infection. They are exploiting both devices. I run Norton 360 on both systems. It only slowed them down. And they are 24/7 on me like ex NSA. They haven't stolen anything but they are malicious. Samsung never said. The only thing that said is to buy a different phone. ATT has a open fraud case open because they saw the Tag phone and I changed the phone number several times like some drug dealer with different sim cards.
I feel like I am in the movie Enemy of the State except I am Will Smith and Gene Hackman rolled up into one.
cjdee1 said:
It isn't an infection. They are exploiting both devices. I run Norton 360 on both systems. It only slowed them down. And they are 24/7 on me like ex NSA. They haven't stolen anything but they are malicious. Samsung never said. The only thing that said is to buy a different phone. ATT has a open fraud case open because they saw the Tag phone and I changed the phone number several times like some drug dealer with different sim cards.
Click to expand...
Click to collapse
AT&T has an open fraud case on you... or "them"?
Did malicious things? Losing bookmarks is pretty common and usually has nothing to do with being hacked.
Change Google account and password.
Reset all other accounts the same way on a clean Android. Allow no one physical access to the device and most importantly be careful what you install and download.
Most users don't need a hacker to stalk them; they do it themselves by careless installs and downloads. I'll remind you that XDA is a site filled with hackers... mostly peaceful.
I'm sorry for your troubles, most days hacking isn't needed. Really to get into someone's account these days you need personal information which is freely givin on social media and whatnot. You should get with Google and do a massive security checkup. Change password turn on 2FA...the whole swizzle. If all else fails, create a new account completely separate from the affected account/device and start fresh
I opened the Fraud case. They provided the documentation. This has been going on since last year. There was a white paper that came out in November how the media player was being use to hack in. I deal with this problem every day. One would think they would give up. I have another 20 computers in my office that I am replacing once I get my end under control.
Hmm... maybe move all your info to a new account (make the account on a different IP address so like have a friend make it maybe) cuz from my understanding- the hacker finds you on even a new phone? delete the accounts that are being hacked and uh- idk what else really
delete the apps that are being infected
Purge everything from everywhere and start fresh. Honestly Norton and other programs for virus protection aren't really helpful anymore. I do not see a point in using them when Microsoft does a great job just on their own. It's possible that it could be the cause most of the time anti-virus programs that aren't part of the main OS are the problem
Also another note, anything with a Snapdragon and made for the US is locked down. Means no flashing no anything. Best bet for a device us find a good old phone that has a lot of support and flash anything on it
Dr.Lost said:
Also another note, anything with a Snapdragon and made for the US is locked down. Means no flashing no anything. Best bet for a device us find a good old phone that has a lot of support and flash anything on it
Click to expand...
Click to collapse
If you go below Android 9 you will introduce a slew of high risk vulnerabilities including some the worst rootkits. If you're really concerned use the latest version of 12 with fully active scoped storage and the mess that it is...
In general don't use wifi on Androids.
Keep bluetooth off if not using.
Install only vetted apps. Scan with online Virustotal.
Keep all downloads in the download folder until vetted. Scripted malware jpegs, pngs are real and may evaded conventional detection. If they get into a database they will raise hell until deleted; open all jpegs in download folder before transferring them and check for changes in that folder
Keep all email in the cloud, avoid downloading any attachments unless absolutely necessary.
If malware is suspected, delete it or factory reset within 2 hours. Reset passwords.
Time stagger backups so they don't all get infected if there is an incident. Backup redundantly to 2 or more hdds that are physically and electronically isolated from each other and the PC. Use only a known clean PC to access those backups... cross platform malware jumping is rare, cross drive jumping is not.
blackhawk said:
Infections across multiple platforms is almost unheard of... what did Samsung find?
Click to expand...
Click to collapse
Unheard of? Absolutely not, rare on a cell phone, maybe? I don't know really but it is possible especially if OP pissed off the government
Good luck OP
When it comes time to switch to a new phone, ATT should be moving you to a new account with a fresh SIM. Don't transfer anything. Install anything you had fresh and set it up fresh. If they are giving you a new SIM or attaching the new phone to the same account and someone gained access to the account, they're still being fed every new number and IMEI.
As for pictures and stuff, get a USB-C compatible hard drive. Move it to that. Make sure your virus scanner on the computer is updated and either yank the LAN cable or turn off the router before connecting and scanning it. Once it's clean, connect the drive to the new phone and not the computer.
Sounds like someone cloned your ESN and SIM based on what they were doing. Synced items could be manipulated through a PC hack and one good run of the right software with your phone on the same network made it a phone issue.
Oh, and if they didn't or don't already do it, make sure ATT logs your previous devices "lost or stolen" to blacklist the IMEI. That should also make a clone useless for as long as it's a clone.
if you are suspecting a hack, then report to samsung members app > get help > error report asap for help from samsung's hacking issue team
luigi90210 said:
Unheard of? Absolutely not, rare on a cell phone, maybe? I don't know really but it is possible especially if OP pissed off the government
Good luck OP
Click to expand...
Click to collapse
If you download malware files a PC is suspectable to, yes, but generally an infection on an Android doesn't cross platform infect a PC.
It's important to nip any malware in the bud and to isolate that device immediately to limit damage. Any device with malware that I can't erraticate completely within 1 to 2 hours gets nuked, data and all, factory reset. Data is restored then via offline backups.
My PC never has internet access and that's one less huge vector for infection. Even then my backup data drives are isolated from the PC unless in use... multilayered security.
If the DOD, AEC, FBI etc are interested in you, you'll never know it unless they want you to know. When on stake out they always operate as teams. One team is high exposure to gain maximum information and maybe detected but a second picket fence approach team is already in place if the primary team is exposed. Of course they share all knowledge gleaned. The second team you will likely never detect.
Fun fact; field FBI Agents blend in, can be wearing blue jeans, orange vest, 3 piece, anything but low key and drive midrange priced cars that are slightly dirty. The way you ID them is by their behavior and at times location.
If you're not on their menu they may even have a benign friendly conversation with you. They are interesting to chat with.
There is an app on the phone com.qualcomm.atfwd Is that a valid program for this phone. I got my old CDMA phone up on t mobile I had the data turned off because it was useless to me. I came back home and I saw the 2 forks moving. The data was turned on and Norton firewall blocked entry and I had the wifi in airplane mode on the computer. Now I have skills, the average person would never know. This is why I need a phone that I can lock down.
I believe it started with the phone and then I used samsung pc software which hacked the computers that I used. I have all the 25 zip files from one phone before it got a change to load. Anybody interested in them?
The phones have 422 files installed.
cjdee1 said:
There is an app on the phone com.qualcomm.atfwd Is that a valid program for this phone. I got my old CDMA phone up on t mobile I had the data turned off because it was useless to me. I came back home and I saw the 2 forks moving. The data was turned on and Norton firewall blocked entry and I had the wifi in airplane mode on the computer. Now I have skills, the average person would never know. This is why I need a phone that I can lock down.
Click to expand...
Click to collapse
WiFi Screen mirroring.
cjdee1 said:
There is an app on the phone com.qualcomm.atfwd Is that a valid program for this phone. I got my old CDMA phone up on t mobile I had the data turned off because it was useless to me. I came back home and I saw the 2 forks moving. The data was turned on and Norton firewall blocked entry and I had the wifi in airplane mode on the computer. Now I have skills, the average person would never know. This is why I need a phone that I can lock down.
I believe it started with the phone and then I used samsung pc software which hacked the computers that I used. I have all the 25 zip files from one phone before it got a change to load. Anybody interested in them?
The phones have 422 files installed.
Click to expand...
Click to collapse
Interested in potentiality infected files?
Wanna do malware jpeg swap?
Seriously... scan them with online Virustotal.
I guess that could start over as a last resort. The funny thing is I don't do anything illegal. Who ever it is will be wasting time and costing me time. I am sure they are getting screenshots but I don't think that they do it live. On the PC I have zero'd out the drive but the bios is another way. It started when I backup the phone using different computers on my network.
cjdee1 said:
I guess that could start over as a last resort. The funny thing is I don't do anything illegal. Who ever it is will be wasting time and costing me time. I am sure they are getting screenshots but I don't think that they do it live. On the PC I have zero'd out the drive but the bios is another way. It started when I backup the phone using different computers on my network.
Click to expand...
Click to collapse
Is the router updated and secured? Lock it down even if you need help to set it up.
On the PC you should try to ID what the malware is and make sure the databases are clean of it before reloading. Protect all backup drives until the PC is known clean.
The bios can easily be reflashed.

Categories

Resources