Could a device be tampered with through mail - Security Discussion

Hi!
During the last 6 months I've had a real problem with my online security. Bought a MacBook Pro which turned out to have had a root virus installed, infecting my Wi-Fi and thus all units who connected to it.
Took me a while to figure out...
First I had a brand new, out of the box Xiaomi MI 9 that got rooted OTA and I lost admin privliges etc.
From my experiences with that and from what I could gather I think it might have had something to do with this cloak and dagger virus thing, overlay and ****ing permissions hidden and yeah I really dont know, anyway.
Today I still worry about what happened. I know much is irrationell since I no longer have any Wi-Fi, instead I use unlimited data and got my self a new Oneplus 7T.
Not even enabled developer options nor touched the bootloader or usb debugging.
When I first bought it, (I had not been able to browse the internet nor search the info before bc of above) I ofc asked the store if they had any type of deal or knew of for a reliable VPN.
Unfortunatley, due to my lack of research, being locked out of my mail acc etc I ended up with a second license of Mcafee Internet security vpn, proxy.. (Probably have around 10-15 of those, containg True key and virus protection)..
This is where my fear comes in again.
Been trying to find an answer to this but I can't find enough to have piece of mind, or my 6 months "rehab" from the internet and technology made me a noob at googling.
Bear in mind, I also have and had Malwarebytes Premium, now I also use ExpressVPN instead of Mcafee. (Though I think I'll take advantage of this life time deal on Ivacy VPN today.).
Back to my first fear.
- Mcafee Internet security + Malwarebytes.
As mentioned I lost my mail accounts. Lost or lost, I reclaimed them and eventually locked them with a Yubico key.
Trying to retrive the Gmail on my new device I could swear my menu altered and Android all of a sudden allowed other users, ("All users get their own space, acc, etc").
Still having PTSD (how I refer to it) after this spring I wiped it all, didn't use it for a week, wiped it some more, hahah, and I begin to use it again.
I changed pass, added Yubico key, log out of all devices nor do have anything worth stealing. I wonder If there is anything I'd might have missed?
Ex, might be of topic.
When I try to restore my messenger password. I get the mail, enter the code and proceed to change pass when the code no longer is valid, permission #200 something. This ofc gets me thinking that my mail somehow might be forwarding my mail, syncing them? Gdrive have previously been set to auto sync and then I've unknowingly loaded malware in previously used phones.
I'll to summarize my question.
I guess I wonder if it could be dangerous in somehow or possible to install something on my new device through Gmail if I decide to log in again? Just saw my fb acc is schuduled for delete tommorrow, which is why I'm posting here, could use some advice.
While I'm at it I also am curious if there are any good info regarding Android security. Because I would like to flash a new rom without all bloatware, Google stuff etc and keep reading about safetynet and Selinux.
Also, good tip if there any on how to disable ssh, sftp, stf and all that? During this that happened I also found Samsungs Knox good, probably bc it wont work with overlay? Are there anything similar to Knox for a Oneplus? Many questions in one but I also wonder; I know that I once used my NFC security key one the Xiaomi, when it was infected. Could the key somehow been copied? Might be a bit over cautios,

0

Related

[App Idea] Plan B for data recovery on broken stock phones.

I feel this idea could be useful for a lot of us, not on our phones since we are likely rooted but on our family members and non tech friends stock phones. Which we usually end up fixing.
My idea if it is possible would be be for a "Plan B" type app for use after a broken screen, were the completely stock phone without ADB enabled needs data extracted.
My hope is that someone could make a app that is remotely installed from play.google.com that automatically turns on ADB debugging (if possible without root)
After that most data can be extracted with "adb backup" or adb pulls.
I can't count how many times this would of helped me in the past if it existed. Any dev up for the job? I am sure it would be appreciated by people.
Guess no one was interested in this idea.
shadowofdarkness said:
Guess no one was interested in this idea.
Click to expand...
Click to collapse
I think many of us are interested but one (so far) can help.
would be a good idea.... who ever was in need for something like that will be likely to pay for that... :laugh:
I could see this being a massive security risk. Sure the app could be handy, but it would also make stealing info from a phone very very easy.
So on that note, I don't think it will ever make it through, though I am sure there are ways.
Just install something like SMSBackup+: https://play.google.com/store/apps/details?id=com.zegoggles.smssync
Set it to automatically back up to their gmail, every so often, and then when it comes time to have to do repairs, you can get all of their calling/sms stuff back, since Google automatically deals with the contact infos.
it wouldn't be a security risk since the only way to install it would be from play.google.com which no one can do without your password. also pour planning with other software is not the point of this since I have been asked to recover data from devices by people that I honestly had no clue they owned the device before they broke it.usually family I don't see on s normal occurrence.
I've always been taught to keep a back up of anything you consider important.
Either way...
There are ADB backup solutions out there, there are recovery apps in the Playstore that will scan for missing or deleted files.
If you have access to the Playstore you have access to all the already available recovery apps. Why the need for an app that will basically root and unlock the device from behind their 'lock screen'?
If you have no direct GUI access, you want an app that you run on your computer that forces the phone connected via USB, to unlock and let you access whatever you want before you restore the phone. This is a massive security problem, because anyone could download that app, and use it to break into phones.
Sound like the 'prior planning' apps, are the best way to go.
I think you are missing my point. I know that prior planning is the best but it it not always possible when dealing with people so tech illiterate that even thought they own the device they barely understand it is not a iPhone because that is what a smartphone is to them.
My intended use is for physicaly broken phones (mainly screen) where I can't control any apps with the screen or turn on ADB from settings.
You thought on the security risk is wrong since out of the ways I can think of to install it via play store on the phone is would not be used since that would mean the attacker could just go into settings and do it the normal way. sideloading is impossible since it would be redundent due to that already needing ADB on.
The intended way via the web is safe enough since the attacker would need your email, password.
Do you hate the "Plan B" app that gps tracks your lost or stolen phone that is already in the play store and gave me this idea. It shows in the store as having between half a million and a million installs. Do you think those people should of went without such a app and lost their phone since they should of just pre planned since it is better.

Security to phone, computers, email, entire network is compromised

My question or rather my pleed for answers does not just pertain to android os but I have relied on this site for many answers and have always found a solution just from searching around on here so I know there are very capable members on this site that can help. My problem began over 4 months ago when my home computers were compromised. I assumed it was just a simple virus but soon learned that someone had actually hacked into my home network for what I believe is or was an attempt to retrieve trade secrets. Shortly after i realized that data was being sent to someone through the fax system on my pc and data distribution software had been installed along with a large amount of .dll and legacy items, The admin rights were taken from me and the registry was completely modified which disabled me from having any permissions and kept me from doing anything on the pc. I went out and purchased a new router, got out an older pc, and I put a password of around 20 mixed numbers and letters. 5 minutes after I had set up the new router and pc I noticed through the network map that there was someone else on what I assumed was a secured network. The router was a netgear. First thing I done was change the default password and block any remote access in the network wizard. My next step was to pay the so-called experts (Geek Squad) to solve the security issue. I purchased their 1 month special that entitled me to 1 month of tech support and 3 free pc fixes. after purchasing a windows 7 restore disk I took 3 pc's to a local Geek Squad location to have them restore the Pc's and install what was suppose to be a hack proof software. They only fixed 1 pc, told me the software would keep the hacker out. 5 minutes after i logged into my network here comes all the windows updates (around 50) along with numerous programs. Needless to say I lost my admin rights within an hr. Here we are now, only using cell phones on my network and I am sure the hacker is retrieving my data off of my g vista d6301. My new email that I set up and have only used from the vista has been compromised and although no logins appear in the history but my vista, someone had enabled POP on Dec 28th. I have enabled the developer mode on my phone which allows me to view the process stats. It states that google play service runs 100% and Google Cloud Messaging runs 100%...I have never used any cloud service on this phone. Another thing is that certain system apps that I have never activated are accumulating a decent amount of data. This phone is used only for wifi and has no service plan attached. bluetooth, email, qrtunnel, near field communication all turn on from time to time. Google play also shows something called clearcutlogger running but was unable to find any info on that. I also installed a mic block that has a "spying app catcher" that logs when a app uses your phones mic while the phone is in sleep or idle mode. when the app is on block mic then there are no problems but when I unblock the mic I get countless log entries that an app with net access has gained access to my mic. Its always the same few apps that show up as a potential culprit so I cant pinpoint exactly what app is using the mic. not sure if any of this has anything to do with someone messing around with my phone, just trying to think of some of the things that could help. There is no doubt that this phone along with a pile of now useless computers have indeed been compromised. What I really need help with is how to get this bastard out of my life and secure my network before the new semester begans b/c there is no way I can have my daughter use her new pc on the network knowing its just going to end up like the rest of computers in my new pc graveyard. I know there are quite a few other sites I could have reached out to but there is something about the comradery on this site that has always drawn me to it. 1 more thing fellas, how bout that one touch root for the LG G Vista D6301's? that sure would come in handy right now lol. My apologies for the long read. Any details you need to know to try and help me figure things out, I would gladly assist as long as my knowledge permits.
I understand that the question or article that I posted is quite vast so I will start off with this simple question. Is there a server that I can disable in the LG hidden menu to stop unauthorized use of my GCM, or any other way than simply just disabling Google Play? I have read a couple of recent articles on how hackers are utilizing gcm to gain access to personal info. I just was curious about the server b/c I see many different server acc in the hidden menu such as ATTLABa, Cingular, Mformation, and Funambol. I wasnt sure if these servers or acc could possibly help or be a potential threat.
Sent from my LG-D631 using XDA Free mobile app
Pr1n6/of\Jerusalem said:
My question or rather my pleed for answers .........
Click to expand...
Click to collapse
Pr1n6/of\Jerusalem said:
I understand that the question or article ............
Click to expand...
Click to collapse
First thing you have to be sure that no one has physical access to your gadgets. Second, find a router suitable to be modified with new firmware from http://www.dd-wrt.com/site/index or https://openwrt.org/.
In case you can buy a hardware network firewall and with proper installation and settings you should be able to keep away any threat.
A good idea would be to use a good VPN service, that way you can add a layer of security on your networking habits.
Lastly, check this thread http://forum.xda-developers.com/general/security/tuto-how-to-secure-phone-t2960077 and if you have any question, ask there.
Good luck

Unknown activity HTC ONE M9

I have unknown activity on my phone.
Along with numerous "unknown" outgoing calls with no number shown on my device (and 2 other M9 phones on the same plan) or any number registering on my carrier's system (when I called R, they said their system did show connected calls lasting various amounts of time, the could not determine what number the calls were going to), there's also a call in the log going to "(unknown)" "***,144***"
Anybody have any clue what's going on? R gave the bs answer that all 3 of us were calling our VM, even while we were sleeping. However, the times we did check our VM, the number did register on the phones and with the carrier's system.
Thanks!
Im adding a question. My M9 was unlocked without my knowledge. I'm guessing that ***,144*** might be the secret unlock code. IS there a way I can determine if it's been rooted as well?
--
squidstings said:
I have unknown activity on my phone.
Along with numerous "unknown" outgoing calls with no number shown on my device (and 2 other M9 phones on the same plan) or any number registering on my carrier's system (when I called R, they said their system did show connected calls lasting various amounts of time, the could not determine what number the calls were going to), there's also a call in the log going to "(unknown)" "***,144***"
Anybody have any clue what's going on? R gave the bs answer that all 3 of us were calling our VM, even while we were sleeping. However, the times we did check our VM, the number did register on the phones and with the carrier's system.
Thanks!
Click to expand...
Click to collapse
Interesting issue. I am not sure about the rooting. You are probably going to need to ask experts around here. Hopefully, they can help you with that. As for security, you could try checking if you have any suspicious apps running in the background or installed (You might be using same GPS or another app for example). It could be that one of the malicious apps had access to your calls which lead to them outputting calls to somewhere. You could try disconnecting your internet for a day and see if the calls persist (That is probably not an option for you, but it is an idea). Additionally, you could try a factory reset on one of the phones and see if the problem is still there.
squidstings said:
Im adding a question. My M9 was unlocked without my knowledge. I'm guessing that ***,144*** might be the secret unlock code. IS there a way I can determine if it's been rooted as well?
Click to expand...
Click to collapse
just saw this,
https://www.xda-developers.com/htc-says-the-ads-in-its-keyboard-are-a-mistake-fix-icoming/
which reminded me of your issue, though I don't suppose it's linked, but it does make you wonder WTF HTC are up to!
Anyhow with your issue I wasn't going to answer as I don't know the answer but my thoughts may help in some small way. I don't thank the 144 is a phone developers code to "root" or turn of security in some way as that would not show on your provides call logs as they stay internal to the phone (mostly). Also I don't think it's adware callng a premium number as your phone company says it does not register properly, so nobody will be paid.
That only leaves a more malicious form of hacking, I would say. So maybe that code does enable your data to be sent but untrckable over a network. That suggests to me it's possibly your actual network (who are R? What country, is it?) or maybe even your government if you are an activist or something? Though more likely is a criminal or business competitor, assuming the other people affected are business colleagues. So could be your boss trying to snoop on you all, if not HTC or the Chinese Communist Party aparatus!
What to do? As Ross says disconnecting is probably not practicable. If you have malicious activity they probably are using data as well as calls. So I would install a firewall to block most apps and log attempted connections (normally have to pay for this) then check IP addresses tell see if they are legit. However this may not show anything as data may go via root. So setting up a proxy to route traffic to your PC and use a sniffing program to see traffic or at least I P addresses.
You can download root checking apps from play store. Also check your security settings any app with admin rights? Also use a good antivirus you might get lucky, but even if negative you may still be infected.
Only way to really clean your system is to reinstall your OS, though a factory reset will fix often. But first you need to know how you were all compromised and fix that else it will just return, I would think it's most likely your local work network, (but could be your provider R or even something else you connect to in sore way eg Bluetooth, or an app you all have (you can boot into safe mode to disable 3rd party apps, but with HTC system apps possibly containing apps that use the Baidu apk etc that still has a possible backdoor unpatched (as far as I know) safe mode will not help white those!)
You might have to look into freezing/uninstalling all HTC installed apps.
IronRoo said:
just saw this,
https://www.xda-developers.com/htc-says-the-ads-in-its-keyboard-are-a-mistake-fix-icoming/
which reminded me of your issue, though I don't suppose it's linked, but it does make you wonder WTF HTC are up to!
Anyhow with your issue I wasn't going to answer as I don't know the answer but my thoughts may help in some small way. I don't thank the 144 is a phone developers code to "root" or turn of security in some way as that would not show on your provides call logs as they stay internal to the phone (mostly). Also I don't think it's adware callng a premium number as your phone company says it does not register properly, so nobody will be paid.
That only leaves a more malicious form of hacking, I would say. So maybe that code does enable your data to be sent but untrckable over a network. That suggests to me it's possibly your actual network (who are R? What country, is it?) or maybe even your government if you are an activist or something? Though more likely is a criminal or business competitor, assuming the other people affected are business colleagues. So could be your boss trying to snoop on you all, if not HTC or the Chinese Communist Party aparatus!
You might have to look into freezing/uninstalling all HTC installed apps.
Click to expand...
Click to collapse
Thank you!
Rogers, Canada. But I've switched carriers within the last few days.
I've actually done the FR 5 times now. Disabeling the pre-installed "Gmail" (I think it's more Google thn HTC related seems to have stopped the calls. I've disabled as much as I could.
so here's the kicker. I'm literally nobody! On disability, no exciting employment history and those In my family who have, aren't in contact, nor do I have contact info. And it was my wife and daughter who had the other phones, but mine was central i think. daughters phone was locked. So nothing so exciting. Which is why I even bothered asking lol
squidstings said:
Thank you!
Rogers, Canada. But I've switched carriers within the last few days.
I've actually done the FR 5 times now. Disabeling the pre-installed "Gmail" (I think it's more Google thn HTC related seems to have stopped the calls. I've disabled as much as I could.
Click to expand...
Click to collapse
Ah! Rogers Canada should be a well controlled and trustworthy provider, so probably not them, though a rogue employee or having their network compromised can't be ruled out.
Also if official Gmail app it should be safe though it does have some quite intrusive permissions like full network access, view confidential info etc, but all are legit if you want the full functionality of Gmail. But it shouldn't have access to place phone calls, so should not be able to create the behaviour you describe.
That leaves a rouge app, but you would all need to have it I suppose, HTC app (or system behavior) or local hack ie via your router or via your PC. A good anti virus should find rogue app on phone and similarly on PC. HTC system apps hard to spot without doing the firewall etc etc. So I would also be double checking your local router for firmware update and resetting it with a new strong password, to prevent possible return, so to any Bluetooth devices.
Hope it doesn't return! All the best
been a while but, just how does one get a "," in the phone keyboard? long press * for P, but no ",".
Now that time has passed and more people might be awake and less likely to make excuses, I'm wondering if this issue can be solved, or at lest thought about intelligently. Maybe someone who knows how it CAN happen, instead of trying to find ways I'm mistaken. this was on THREE SEPARATE PHONES in 2 separate cities.
squidstings said:
been a while but, just how does one get a "," in the phone keyboard? long press * for P, but no ",".
Now that time has passed and more people might be awake and less likely to make excuses, I'm wondering if this issue can be solved, or at lest thought about intelligently. Maybe someone who knows how it CAN happen, instead of trying to find ways I'm mistaken. this was on THREE SEPARATE PHONES in 2 separate cities.
Click to expand...
Click to collapse
Check with a root app to see if your device is rooted
check permissions also you can take back permissions with a app on fdroid
unknown app check with virus total or
IF someone has root on your phone they can do what they want and when they want
a app that has call access they can transfer information over a phone connection which can be anything
The troubling thing here is that your phone was unlocked w/o you which implies root access
IF you bought your phone new you might not be anybody but to be put in perspective amazon lets you steal $500 if you use another id and they say it is not you so you do not lose out
but if it is used this can be from the previous user.
The best thing to do if it does not stop is to upgrade the software on the phone if you have already done that then use a Root firewall or change to a rom here on xda (you can all change making the transition easier).
Applied Protocol said:
Check with a root app to see if your device is rooted
check permissions also you can take back permissions with a app on fdroid
unknown app check with virus total or
IF someone has root on your phone they can do what they want and when they want
a app that has call access they can transfer information over a phone connection which can be anything
The troubling thing here is that your phone was unlocked w/o you which implies root access
IF you bought your phone new you might not be anybody but to be put in perspective amazon lets you steal $500 if you use another id and they say it is not you so you do not lose out
but if it is used this can be from the previous user.
The best thing to do if it does not stop is to upgrade the software on the phone if you have already done that then use a Root firewall or change to a rom here on xda (you can all change making the transition easier).
Click to expand...
Click to collapse
Thank you for taking the issue seriously and not trying to force kool aid down my throat (if carrier was "trust"worthy, THEY would have solved it).
It didn't show root. 2 of 3 m9s were mysteriously unlocked. the 3rd did prompt for a code, but did also show those "unknown #" calls. However, I'm still stuck on the code. I can't even enter a ",". Didn't check the other units for it, but it's still the only unanswered issue that could explain the unlock (aside from your suggestion). No one's even heard of it, but programmers are known for adding backdoors. If anyone's got a new, s-on unit and feels like trying it, that's about the only way to get an answer.
It's dead now anyways. Battery won't charge unless powered off and went from 24+hours regular standby to about 3 hours with extreme powersave on, overnight and doesn't extend with usb power. usb data comm isn't even recognized. All 3 have failed actually (different ways) so I'm going back to my m7 which still works great. Except, it says s-on but works with different carriers and I can't even enter the code I paid for (no prompt. is there another way?)
So, here's the tinfoil hat part. Although I'm nobody, This all started around the time of the '16 election. when I was arguing with a youtube account named (not looking to attract attention so no name, but you know it) for the person who came 2nd.
Thank you for your help. It's a shame it's pooched before solving the issue. But hopefully, the code will be solved.
But any help entering my sim unlock code a different way would be appreciated. But if other carrier sims work, should root be doable while showing s-on?
Thanks a TON!!
squidstings said:
Thank you for taking the issue seriously and not trying to force kool aid down my throat (if carrier was "trust"worthy, THEY would have solved it).
No one's even heard of it, but programmers are known for adding backdoors. If anyone's got a new, s-on unit and feels like trying it, that's about the only way to get an answer.
Click to expand...
Click to collapse
It would seem in your case that it is a setting change that was made and not comparable to other phones. Probably what we are talking about is a connection to a command server. S-on is a protection so that one cannot change the state of certain partitions namely the recovery boot and system however their are ways to get around this. You would need to get a root app to do that.
As a general rule you need to prove something is going on and funny numbers are a indication but nobody in the security community would touch it because it is very open. What you need to do however is
Get a copy of the calls use pcap and
check your firmware with the standard HTC firmware
this will show you what the phone call is doing and will help the android community overall (improved security)
Also programmers do not try to add backdoors they try to have a good product it is the hacking/security teams of _________ that do that. This being a programmer myself.

Forgot phone password

Friend got into a fight with his brother. His brother was able to break into his phone.
Friend changed the password on the device last week, and because of his school, he doesn't take the phone with him.
He opened the phone today, and can't remember the password.
It is a Moto G7 Power, running Android 9
It has GenTech installed on the phone.
I do not know any specifics beyond that, as the settings are hidden behind a lock screen.
When I logged into the Google account, it looks like the account hasn't been backing up photos, contacts, etc since the GenTech was put on. iDrive also hasn't been backing anything up.
Are there any tools that can remove the lock screen? Preferably free, but I wouldn't mind paying a small amount. And NOT wipe the device.
Before coming here, I saw Eelphone, but it looked super shady.
Searching through XDA's forums, I saw Dr.Fone as an application as well.
Are these the best options? I mean, I troubleshoot devices for clients all the time, and thankfully haven't had to recover their devices like this, and I know that it has changed a lot since the beginnings of Android, but I need something in the toolbox for sure.
Any help is appreciated, thank you!
Edit: I thought I might try Dr.Fone on my Motorola device. Uh, not the right application that I need! I want the data preserved, not wiped. If I wanted the phone wiped, I'd have done it from the bootloader.
(Or do they make a copy of the device, wipe the phone, and reload everything minus the lock screen?)
(Or is Dr.Fone a malicious program masquerading as legitimate?)
DaNissNYC said:
Friend got into a fight with his brother. His brother was able to break into his phone.
Friend changed the password on the device last week, and because of his school, he doesn't take the phone with him.
He opened the phone today, and can't remember the password.
It is a Moto G7 Power, running Android 9
It has GenTech installed on the phone.
I do not know any specifics beyond that, as the settings are hidden behind a lock screen.
When I logged into the Google account, it looks like the account hasn't been backing up photos, contacts, etc since the GenTech was put on. iDrive also hasn't been backing anything up.
Are there any tools that can remove the lock screen? Preferably free, but I wouldn't mind paying a small amount. And NOT wipe the device.
Before coming here, I saw Eelphone, but it looked super shady.
Searching through XDA's forums, I saw Dr.Fone as an application as well.
Are these the best options? I mean, I troubleshoot devices for clients all the time, and thankfully haven't had to recover their devices like this, and I know that it has changed a lot since the beginnings of Android, but I need something in the toolbox for sure.
Any help is appreciated, thank you!
Edit: I thought I might try Dr.Fone on my Motorola device. Uh, not the right application that I need! I want the data preserved, not wiped. If I wanted the phone wiped, I'd have done it from the bootloader.
(Or do they make a copy of the device, wipe the phone, and reload everything minus the lock screen?)
(Or is Dr.Fone a malicious program masquerading as legitimate?)
Click to expand...
Click to collapse
Is the device rooted?
Does the device have USB debugging enabled in system settings?
If the answers to these questions are no, then all you can do is factory reset. After resetting, it will probably be FRP locked(Factory Reset Protection), which means you still need to remember the google account username and password to get logged into the device, but, the lockscreen pin/password will be removed. You'll lose the user's data in the process. At this point, if it isn't rooted or does not have USB debugging enabled, there aren't really any options to save their user data before resetting the device.
Sent from my SM-S767VL using Tapatalk
The phone is not rooted, unless the GenTech software gained the root access. (I am too new to post a direct link, but it is a monitoring program - I don't know how common it is outside of my community)
If I recall correctly, I did get access to developer options, but that was back in July - I'm not sure if I have developer options enabled at this time.
The paid softwares can't crack it? That really is too bad.

Hi! I seriously might be paranoid

Hi!
Im not sure where to post, plz dont hare if Im postning wrong.
Long story short;
Jan - 2020 bought a new mbp - got hacked. Lost all mail acc etc.
Have had 2 pc wrecked as well.
And My 1+3, iPhone 6s, Nexus 5X.
From three I bought a Xiaomi mi 9 lite.
Poped Up, ~"your no longer admin-isch" after a Day or two.
Okey, is it something with me or old acc or am I in need of medical help was my thought now 6 months later.
Yesterday I've finally had enough and bought and brand new oneplus 7T. After mentioned expercinces I started it in the store, had them set it up and told them about my seriously, now physical worries.
All fine, updated evertyhing turned it off. Had VPN, malwareybytes installed. No wifi, bt, NFC etc activated. Bought free internet with sim-card bc of my maybe mental issues?!
Anyway. Got home, since all above I've done nothing else but visiting play store and https-xda + oneplus forum in app.
That app which I connected to a brand new Gmail (set Up in mentioned store, also why I write here and not there) got acc to My Gmail etc.
Now I found an email changing named mail from "[email protected] to [email protected].
So installed and bought Sd maiden pro. Found worrying similar folders with this bindning sign; "$" though turned the other way. In those folders there are stuff like systemMUI, mui is only Xiaomi??? Or what. This is spinning out of hand now, but Im so freckasouly scared since all above and dont know what anymore.
Have Mcafee internet secururity with VPN since I left the store, got Netguard today since I got worried, and protonVpn since Mcafee dont have a kill switch.
Of we overlook My obvious paranoia, how can I find out of Im out of My head?
I ser things in Sd maiden at /self and emulated like tty and there where a lot exceptions there as well, like /notifications/, /alarms/ etc.
Im at a dead stop now. I must be imagining but since I've Lost all My earlier acc, 6 months of life + a few bucks I am both out of options and Lost Hope.
Anyway I can find out whats okey? I mean, is there supposed to be like 3-4 types of dial apps/logos? 4 kinds of Cinnamon? And why are mi doing here?
Also got 3 yubico key associated with My Google acc.
Quite a few of earlier mentioned phone just lying around which I'd gladly send someone for free IF there are any intresset in investigae, Keep the phone.
Again. What can I do to feel safe? Doctor or any other way?
(Dinner now brb asap)
I didn't read 90% of that.
As an ex security guy, just clean install. Don't restore anything you'll be fine.
The way you're typing is uncomfortable to read, hammering in that you have mental issues and asking confusing unanswerable questions. If you genuinely believe you're paranoid get professional help, there's no harm there, but then regarding the phone you didn't really seem to ask any proper questions. Clean install (or wipe) your OS, and then you're fine. Then step by step setup your phone as you would and try to find the cause of whatever it is that is being suspicious.
That's all I can suggest, but I wish you well, please look after yourself.
Hi,
For your mental health you should be looked at by some proffesional.
For your Tech problem:
Reset the damn Modem change your wifi ssid& password and change also the default password for your modem gateway. If some one hacking you its most likely by your wifi once you got the acces to it you can preety much see any device on the network and if you know your way arround you can do alot with all the devices on network.
Format your hardrive or break into peaces and throw it away buy an ssd/harddisk New OS, firewall on and new account hotmail/apple id and malwarebytes.
Reset your smartphone clean install of OOS and malwarebytes and ofcourse new gamil and two way autehntication activated.

Categories

Resources