Hi! I seriously might be paranoid - Security Discussion

Hi!
Im not sure where to post, plz dont hare if Im postning wrong.
Long story short;
Jan - 2020 bought a new mbp - got hacked. Lost all mail acc etc.
Have had 2 pc wrecked as well.
And My 1+3, iPhone 6s, Nexus 5X.
From three I bought a Xiaomi mi 9 lite.
Poped Up, ~"your no longer admin-isch" after a Day or two.
Okey, is it something with me or old acc or am I in need of medical help was my thought now 6 months later.
Yesterday I've finally had enough and bought and brand new oneplus 7T. After mentioned expercinces I started it in the store, had them set it up and told them about my seriously, now physical worries.
All fine, updated evertyhing turned it off. Had VPN, malwareybytes installed. No wifi, bt, NFC etc activated. Bought free internet with sim-card bc of my maybe mental issues?!
Anyway. Got home, since all above I've done nothing else but visiting play store and https-xda + oneplus forum in app.
That app which I connected to a brand new Gmail (set Up in mentioned store, also why I write here and not there) got acc to My Gmail etc.
Now I found an email changing named mail from "[email protected] to [email protected].
So installed and bought Sd maiden pro. Found worrying similar folders with this bindning sign; "$" though turned the other way. In those folders there are stuff like systemMUI, mui is only Xiaomi??? Or what. This is spinning out of hand now, but Im so freckasouly scared since all above and dont know what anymore.
Have Mcafee internet secururity with VPN since I left the store, got Netguard today since I got worried, and protonVpn since Mcafee dont have a kill switch.
Of we overlook My obvious paranoia, how can I find out of Im out of My head?
I ser things in Sd maiden at /self and emulated like tty and there where a lot exceptions there as well, like /notifications/, /alarms/ etc.
Im at a dead stop now. I must be imagining but since I've Lost all My earlier acc, 6 months of life + a few bucks I am both out of options and Lost Hope.
Anyway I can find out whats okey? I mean, is there supposed to be like 3-4 types of dial apps/logos? 4 kinds of Cinnamon? And why are mi doing here?
Also got 3 yubico key associated with My Google acc.
Quite a few of earlier mentioned phone just lying around which I'd gladly send someone for free IF there are any intresset in investigae, Keep the phone.
Again. What can I do to feel safe? Doctor or any other way?
(Dinner now brb asap)

I didn't read 90% of that.
As an ex security guy, just clean install. Don't restore anything you'll be fine.

The way you're typing is uncomfortable to read, hammering in that you have mental issues and asking confusing unanswerable questions. If you genuinely believe you're paranoid get professional help, there's no harm there, but then regarding the phone you didn't really seem to ask any proper questions. Clean install (or wipe) your OS, and then you're fine. Then step by step setup your phone as you would and try to find the cause of whatever it is that is being suspicious.
That's all I can suggest, but I wish you well, please look after yourself.

Hi,
For your mental health you should be looked at by some proffesional.
For your Tech problem:
Reset the damn Modem change your wifi ssid& password and change also the default password for your modem gateway. If some one hacking you its most likely by your wifi once you got the acces to it you can preety much see any device on the network and if you know your way arround you can do alot with all the devices on network.
Format your hardrive or break into peaces and throw it away buy an ssd/harddisk New OS, firewall on and new account hotmail/apple id and malwarebytes.
Reset your smartphone clean install of OOS and malwarebytes and ofcourse new gamil and two way autehntication activated.

Related

[Q] Locate my phone without app

Yesterday i lost my 1 month old HTC HD2 (with MIUI on it) and i really want to have it back. To bad i didn't install a locater app yet, so is there a possibility to locate my phone without a pre-installed app (a google service or something like that)?
Thanks
Wow, I feel your pain.
Have you try out Plan B? https://market.android.com/details?id=com.lookout.labs.planb&hl=en
It can still install itself onto your phone from the Android Market website, provided it is on, have data connection and the phone is still tied to your Gmail account.
It will be able to give you GPS location.
Here is an exaggerated account on how someone got his phone back, but I suspect the credibility of this story.
http://arstechnica.com/gadgets/news/2011/08/how-plan-b-found-the-droid-i-was-looking-for.ars
Nonetheless, it works and still gives a little bit of hope.
PS: Press "thanks" if you think I helped you. It will be my first "thank". =)
i've pushed install B to my htc already, but i don't know if it installed. didn't get any mails yet, so i don't know where my phone is
Hmm.... unfortunately, I cant provide any further help...
When technology fails, we can always fall back to basic human kindness.
I lost my phone once before, but the finder was very kind to call my home and tell my mother about it. Thus I was able to retrieve it.
The finder guessed that it was my home number by searching through the contacts and saw the entry named "Home". But it was a few days later then she called my mum.
So let's hope for the best. =)
call the police first! maybe they can track the phone when someone use it

[GUIDE]How to find your Android Device AFTER it has been stolen

Well lets assume your android device has been stolen! Good lord !! . Not to worry, this guide should hopefully help you recover it. Even if its a thief.
PS: This contents of this read may bear resemblance to the reddit thread i created
A about two weeks ago (17th April to be exact) one of my friend lost his Samsung GT-I9003 from his dorm room at 0200hrs. Today when i was scanning my latitude, i saw him position a few hundred meters from me. Problem is, we are on a university campus. 500+ students, staff, kitchen, cleaning - basically lot of people. I suggested we check Google Latitiude's location history and sure enough for the past 15 days, the phone's location is spread all over the campus.
Premise of the crime
The phone is ON and is connecting to the Wi-Fi.
The phone is still tied to the primary gmail account and is thus reporting location.
The SIM has been removed or changed since the original number is now switched off
The person does not have good knowledge of using a smart phone (maybe helping staff)
Steps we have taken
Since we assume it is in the possession of either a student or helping staff we don't want to startle him.
Tried Plan-B on my phone. However the location it was reporting was the same as Google Latitude.
The phone does have Where is my Droid installed but the web interface says invalid email ID. So that option is ruled out unless you have pre configured Where is my Droid previously.
How we found the phone
After Where is my Droid failed us, we started looking for other applications. We found this application called Android Lost. Unfortunately we hit a dead end when we realised that it needs to be activated by sending an SMS. Since we dont know the phone number, or that there is even any SIM card in the phone, that application also seemed useless.But turns out the developer of Android Lost has also made a nifty app called AndroidLost Jumpstart which is can trigger Android Lost without the need of an SMS.
According to the description
This app will wake up the registration process on the androidlost app when ever a phone call is made, an SMS received, battery is low, a package is added, removed or changed.
Click to expand...
Click to collapse
So we got android lost installed. Trust me, its a life saver. We got calls logs, sms, pictures, voice recordings. We tracked the person with the help of this.
Hope this helps anyone in the future!
maverick340 said:
Well lets assume your android device has been stolen! Good lord !! . Not to worry, this guide should hopefully help you recover it. Even if its a thief.
PS: This contents of this read may bear resemblance to the reddit thread i created
A about two weeks ago (17th April to be exact) one of my friend lost his Samsung GT-I9003 from his dorm room at 0200hrs. Today when i was scanning my latitude, i saw him position a few hundred meters from me. Problem is, we are on a university campus. 500+ students, staff, kitchen, cleaning - basically lot of people. I suggested we check Google Latitiude's location history and sure enough for the past 15 days, the phone's location is spread all over the campus.
Premise of the crime
The phone is ON and is connecting to the Wi-Fi.
The phone is still tied to the primary gmail account and is thus reporting location.
The SIM has been removed or changed since the original number is now switched off
The person does not have good knowledge of using a smart phone (maybe helping staff)
Steps we have taken
Since we assume it is in the possession of either a student or helping staff we don't want to startle him.
Tried Plan-B on my phone. However the location it was reporting was the same as Google Latitude.
The phone does have Where is my Droid installed but the web interface says invalid email ID. So that option is ruled out unless you have pre configured Where is my Droid previously.
How we found the phone
After Where is my Droid failed us, we started looking for other applications. We found this application called Android Lost. Unfortunately we hit a dead end when we realised that it needs to be activated by sending an SMS. Since we dont know the phone number, or that there is even any SIM card in the phone, that application also seemed useless.But turns out the developer of Android Lost has also made a nifty app called AndroidLost Jumpstart which is can trigger Android Lost without the need of an SMS.
According to the description
So we got android lost installed. Trust me, its a life saver. We got calls logs, sms, pictures, voice recordings. We tracked the person with the help of this.
Hope this helps anyone in the future!
Click to expand...
Click to collapse
Or install Avast anti theft before your phone gets stolen ;D never the less, very useful, thank you.
Sent from my GT-I9100 using XDA
okmijnlp said:
Or install Avast anti theft before your phone gets stolen ;D never the less, very useful, thank you.
Sent from my GT-I9100 using XDA
Click to expand...
Click to collapse
yep always good to be safe before hand. After this incident lot of my friends have installed or gotten some security app.
Although, aren't security suite like Avast, McAfee and overkill for finding lost phones?
And who was the thief?
Sent from my LG Optimus 2x with xda premium app
another possibility is to instal Cerberus App
Hi everyone. I have recently been the victim of theft for my nexus 7. I had the device locked with the pattern so there is no way that the thief could get into it unless they do a software reset from the recovery mode. The thing is, either way there is no way i would be able to recover it because if in fact they do a factory reset my lookout security would be uninstalled and my nexus would be lost forever, also if they can't get through the pattern and find a way to connect to Wi-Fi, it will still be lost forever. I have read about installing lookout in the system/app folder of a rooted device so its not easily uninstalled by normal means or factory reset. But do you think it is possible to have android lost and lookout pre-configured and installed in the system/app folder so that even if the device is factory reset, the credentials will remain?
is it factory-reset proof?
Just a quick little question: How did you get the phone to register on Android Lost? I can't get a friend's phone to be recognized in the web app, after installing the Jumpstart and another app...
Thank you
Very good contribution, gratz! i will follow your steps in case my android get stolen!
How did it fail?
You say that "after Where's my Droid failed us"...what do you mean by that...how did it "fail"? I would like to know before installing it. What exactly happened that it "failed" you?
Thanks
Losing a phone is irritating
I lost my phone sometime back. I didn't have the time to do research and maybe these apps weren't available at the time of theft. I got the SIM de-activated and tried to track my phone via IMEI number.
So, a few questions
1. Have they changed its IMEI number ?
2. Have they removed my Google account ?
This pretty much messes it up. If you can't track it via IMEI nor can you use any network then its as good as history. These were the only remaining identification tags that could have got your phone back and the thief would know of it. The moment I called on my own number he switched it off. He logged into my account and posted crap(not that I knew any of it had it not been for my friend who reported some strange FB and Twitter status) as if it wasn't enough that he had my phone.
One of the most disturbing things that they can do is play with the IMEI. Older phones were more susceptible to that kind of thing but a Nexus ? P990 ? GT19100? I thought they were much harder to hack. Not only can you NOT track your phone but also lose all other alternatives because the phone is now linked to another google account. I was searching for a post that would walk me through a process of changing the google account currently associated with the phone. In an attempt to understand if this indeed was the case. I wanted to try this app so badly but now I blew it off, my only chance.
Hardware based identification is the only way to go about fixing this issue. Any low level process that runs off some hard coded tag independent of software control known only to the owner of the phone. I just don't know what other options are left with person who lost it. I think there is no other way.
Time for a new phone, I guess
Edit: I guess I was right about that. They had done a hard reset but the IMEI associated with my account is intact. So there are two ways of messing it up. One, you change the IMEI(which sounds ridiculously dumb). Second, you change the primary account(more believable). How stupid of me to think of the first one
i think if a android phone is lost and a guy with a bit knowledge of flashin roms gets it then we might have to forget our phone.. if the phone has screen lock the guy can reset the phone through stock recovery and all security apps like where's my droid,avast etc get wiped off.. i personally don't install any anti-theft apps. i beleive in being EXTRA CAREFUL than installing any anti theft apps
And you are damn right bro, its good to be careful than putting all your believe in one anti-THEFT software which can easily get wiped off.
Sent from my GT-I9300 using xda premium
That's useful, thanks !
How did you get the Logs.
Hi Maverik,
My phone was robbed yesterday & the SIM card was removed,
I wanted to know how were you able to get the call logs, pics etc of your lost phone to ........
Very useful! Thanks!
we have Find My Phone
you can have a try
Find My Phone - find your misplaced phone/stolen phone/lost phone easily
https://play.google.com/store/apps/details?id=com.phonefindandlock
Thanks for share your experience with AndroidLost.
Inviato dal mio K00E utilizzando Tapatalk
AndroFind is the best
i highly recommend AndroFind to find stolen phone.
you can find it in android market :good:
Hi, but It's possible to find any kind of phone also with older Android version?
Thanks!

[Q] Bypass Galaxy S3 password

Okay, I'm not only new to this forum, but I am also inexperienced with Android software, and the exploits thereof. Here's the run down: I have reason to believe that my wife is either cheating on me, or very much considering it. While I am not able to navigate computers very well, I am able to navigate people's behavior quite well, and she is showing a lot of red flags that indicate to me that she is being deceptive, and that she may possibly be up to something with someone at work (which I don't have ready access to.) She has my old GS3 (No service, just wifi) and has recently been particularly occupied with it.
I put a keylogger on the computer and grabbed her passwords, but nothing is showing up. She has been deleting her messages, and has been using the private browser setting on the computer. I believe everything that is pertinent to the matter at hand is on that phone. Earlier today, I managed to guess her password while she was in the shower, but had to close shop quickly, due to her coming out. She must've had a trap set, seeing as she has since changed the password, and now I am stuck back at square one.
I tried guessing her password based off of her recent and past interests, favorite things, etc, but have been unsuccessful. What I need is a way to bypass her password, while leaving it intact, either through manual manipulation of the device, or through wifi. My PC is (unfortunately) Vista, and I don't know if she has google play activated on that phone or not. I don't know what she has going on on there, otherwise, I wouldn't be here.
I don't want ANY trace of me being there. If I find something, I will make it very apparent that I know about it. If anyone can help me, I'd appreciate it.
Sorry that you are having problems with your wife but no one here is going to telling how to hack into your wife's phone. It's illegal and just plain wrong no matter what you think she may be doing.

Could a device be tampered with through mail

Hi!
During the last 6 months I've had a real problem with my online security. Bought a MacBook Pro which turned out to have had a root virus installed, infecting my Wi-Fi and thus all units who connected to it.
Took me a while to figure out...
First I had a brand new, out of the box Xiaomi MI 9 that got rooted OTA and I lost admin privliges etc.
From my experiences with that and from what I could gather I think it might have had something to do with this cloak and dagger virus thing, overlay and ****ing permissions hidden and yeah I really dont know, anyway.
Today I still worry about what happened. I know much is irrationell since I no longer have any Wi-Fi, instead I use unlimited data and got my self a new Oneplus 7T.
Not even enabled developer options nor touched the bootloader or usb debugging.
When I first bought it, (I had not been able to browse the internet nor search the info before bc of above) I ofc asked the store if they had any type of deal or knew of for a reliable VPN.
Unfortunatley, due to my lack of research, being locked out of my mail acc etc I ended up with a second license of Mcafee Internet security vpn, proxy.. (Probably have around 10-15 of those, containg True key and virus protection)..
This is where my fear comes in again.
Been trying to find an answer to this but I can't find enough to have piece of mind, or my 6 months "rehab" from the internet and technology made me a noob at googling.
Bear in mind, I also have and had Malwarebytes Premium, now I also use ExpressVPN instead of Mcafee. (Though I think I'll take advantage of this life time deal on Ivacy VPN today.).
Back to my first fear.
- Mcafee Internet security + Malwarebytes.
As mentioned I lost my mail accounts. Lost or lost, I reclaimed them and eventually locked them with a Yubico key.
Trying to retrive the Gmail on my new device I could swear my menu altered and Android all of a sudden allowed other users, ("All users get their own space, acc, etc").
Still having PTSD (how I refer to it) after this spring I wiped it all, didn't use it for a week, wiped it some more, hahah, and I begin to use it again.
I changed pass, added Yubico key, log out of all devices nor do have anything worth stealing. I wonder If there is anything I'd might have missed?
Ex, might be of topic.
When I try to restore my messenger password. I get the mail, enter the code and proceed to change pass when the code no longer is valid, permission #200 something. This ofc gets me thinking that my mail somehow might be forwarding my mail, syncing them? Gdrive have previously been set to auto sync and then I've unknowingly loaded malware in previously used phones.
I'll to summarize my question.
I guess I wonder if it could be dangerous in somehow or possible to install something on my new device through Gmail if I decide to log in again? Just saw my fb acc is schuduled for delete tommorrow, which is why I'm posting here, could use some advice.
While I'm at it I also am curious if there are any good info regarding Android security. Because I would like to flash a new rom without all bloatware, Google stuff etc and keep reading about safetynet and Selinux.
Also, good tip if there any on how to disable ssh, sftp, stf and all that? During this that happened I also found Samsungs Knox good, probably bc it wont work with overlay? Are there anything similar to Knox for a Oneplus? Many questions in one but I also wonder; I know that I once used my NFC security key one the Xiaomi, when it was infected. Could the key somehow been copied? Might be a bit over cautios,
0

Question Just being honest.

So here's the deal. I'm very smart.. but this is not my forte.(phones) my daughter has screwed up My wife and I phone. Along with my other kids phones as well. She has a school Chromebook and somehow we started getting games installed on our phones from the playstore and some weird rogue games. Looking at the permissions they have access to everything any anything in our phones. I did a little research after probing through hidden files on her Chromebook she stays on gotcha cc. And all types of http only gaming sites. I we have to constantly turn off our camera and Bluetooth bc it turns on automatically. I found out she can access everyone's phone and has also somehow made like 2 networks on my router when she was grounded and was getting free data while her phone was off?? I can't delete this crap. Anti virus scans are useless. I noticed Android developer in her cookies and also some studio. I have this **** attached to my bootloader and no reset can remove it. We have a moto g stylus 5g (xt2131Dl) and anything I put in to remove via my computer/USB cable it instantly corrupts it. She also had a bunch of wallpaper apps that seem to migrate to our phones.calendars clocks and things have these crazy permissions. I noticed my email now is workspace..? Or work profile. Can somebody hit me up and help me get rid of this ****. Oh by the way. It's on my PC desktop now and laptop. It's like my whole phone is a virtual machine.. everybodys. I can't update past anything released in 2019 and 2020. Help!
Churchisat9 said:
So here's the deal. I'm very smart.. but this is not my forte.(phones) my daughter has screwed up My wife and I phone. Along with my other kids phones as well. She has a school Chromebook and somehow we started getting games installed on our phones from the playstore and some weird rogue games. Looking at the permissions they have access to everything any anything in our phones. I did a little research after probing through hidden files on her Chromebook she stays on gotcha cc. And all types of http only gaming sites. I we have to constantly turn off our camera and Bluetooth bc it turns on automatically. I found out she can access everyone's phone and has also somehow made like 2 networks on my router when she was grounded and was getting free data while her phone was off?? I can't delete this crap. Anti virus scans are useless. I noticed Android developer in her cookies and also some studio. I have this **** attached to my bootloader and no reset can remove it. We have a moto g stylus 5g (xt2131Dl) and anything I put in to remove via my computer/USB cable it instantly corrupts it. She also had a bunch of wallpaper apps that seem to migrate to our phones.calendars clocks and things have these crazy permissions. I noticed my email now is workspace..? Or work profile. Can somebody hit me up and help me get rid of this ****. Oh by the way. It's on my PC desktop now and laptop. It's like my whole phone is a virtual machine.. everybodys. I can't update past anything released in 2019 and 2020. Help!
Click to expand...
Click to collapse
Wow....
First I take away her phones and laptops so she couldn't interfere.
Try factory resetting start with a router then the phones,
Motorola does have a recovery program for the phones,
rescue-and-smart-assistant - Motorola
#hellomoto | Discover our new unlocked Android phones from motorola and stay informed about our offers and promotions.
www.motorola.com
Then install an antivirus like Norton or something like that and let it run,
In the case of the laptops I pulled and trashed the hard drives get new ones and default the BIOS before you put it all back together,
If you're using Microsoft get the installation ISO on a thumb drive if the PCS are major manufacturers like Dell, the BIOS contains the licensing key so you won't have to buy it again
Good luck if she's old enough I'd ever arrested.
Just my two cents.....
And change all your passwords once you've got a good clean PC to do it from.
Ps dont connect anything back to the internet to your done sanitizing it all.
maddog3030 said:
Wow....
First I take away her phones and laptops so she couldn't interfere.
Try factory resetting start with a router then the phones,
Motorola does have a recovery program for the phones,
rescue-and-smart-assistant - Motorola
#hellomoto | Discover our new unlocked Android phones from motorola and stay informed about our offers and promotions.
www.motorola.com
Then install an antivirus like Norton or something like that and let it run,
In the case of the laptops I pulled and trashed the hard drives get new ones and default the BIOS before you put it all back together,
If you're using Microsoft get the installation ISO on a thumb drive if the PCS are major manufacturers like Dell, the BIOS contains the licensing key so you won't have to buy it again
Good luck if she's old enough I'd ever arrested.
Just my two cents.....
And change all your passwords once you've got a good clean PC to do it from.
Ps dont connect anything back to the internet to your done sanitizing it all.
Click to expand...
Click to collapse
Maddog 3030 thanks brother! Yeah it's ridiculous. Like my mind is blown completely.. i definitely confiscated the two phone/laptop. You'll never believe what happened.. she freaking signed in through Roku on her tv.. the only thing I left in her room electronically. Furious. But I'm very grateful for you response I'm definitely doing that step by step. I can't believe we have to run our phones in safe mode in my own house 24/7. I'll see if I can grab some more verbage from some of the things I find. Alot of it is encrypted copy pasted on blank notepad on the laptop. However I did see chrome://sysinternals and flags in the browser history. She had been on. I'm just lost as to how.. is it all the Google cloud developer stuff or Microsoft or azure..what else.. the Roblox/gotcha stuff which the files are being put into.. like everyday our phones have like "software" update at the top of the screen . Like no matter what I turn off it automatically turns it back on I'm thinking through Bluetooth. Hey Ive searched and searched is there any possible way to run the Microsoft tool without a PC? And only on my phone? The laptop I have is a hp and the desktop is the windows all in one 27in. Completely knocked windows defender out. Funny thing is she's never once had possession of or even used our phones before. Hadn't sent anything to us that we've opened to give it access. Sorry to make this so long lol. But I know you guys are the ones to explain this to. I've googled/duckduckgo/chat gpt/YouTube and searched hours and days for an answer. I get anything from the tct malware to the developers of multiple platforms accounts. Each have pieces that are spot on. But nothing exact. Our phones are straight talk. I've even called them. No help. Caught my attention when she was having data somehow at school and her phone wasn't even active. But the data on my wife and I phones were crazy high. The usuage from multiple apps were around 900mb each in the span of a week.. just didn't think there was any way Bluetooth had anything to do with it because of the distance from her school at the time to our home was way too far. But whatever it is it definitely calls for our Bluetooth to be turned on and our hotspot also comes on too. EVERYTIME. It's some feature of it. And also was a dead giveaway after so long of it happening. Everytime our Bluetooth , hotspot and mic access would pop on she would be in the house on her phone being sneaky.. recently when I had enough and took the electronics and discovered all this stuff on it.

Categories

Resources