SIM card with malware? - General Questions and Answers

I bought a brand new Note 20 with ATT (locked) and was trying to set up all my accounts on the phone. Here is some background and issue:
My old device was S7 with a valid SIM and still active.
On the new device, I installed all of the apps manually. One of the apps is also Youtube Vanced (which is also on my old phone)
I felt I installed everything and then went to activate the SIM after a while. Once I inserted the brand new SIM card into the device, it gave me a warning that the SIM is not provisioned (as I haven't activated it yet). Then I started noticing random apps getting installed. These are the apps that I have never installed over the years.
I felt maybe the Vanced app was compromised, as it was the only one out of the app store. I kept uninstalling apps but new ones kept appearing.
I was in a bit of a panic mode and did a factory reset. Then repeated the steps. This time I did not install the Vanced. Everything was clean, except the apps starting appearing almost a minute after I put the SIM card. Then I performed a reset again thinking this is not the Vanced app issue (is this the right assumption?)
Then after the reset, I did not install any new apps at all, did not even provide my Gmail or Samsung accounts. I waited a few minutes to see if apps were installing. Nothing happened. I went ahead and inserted the SIM again and well, the apps started again. At this point I have reached a conclusion that this was due to the SIM card.
I did another reset and now haven't inserted the SIM (been few hours now and no apps installed).
Question 1- Is it possible that there is a problem with the SIM? If not, what could be the problem.
Question 2 - Does the factory-reset resolve the issues with any malware/virus or do we need additional procedures to make sure the device is "clean"

weirdissue said:
I bought a brand new Note 20 with ATT (locked) and was trying to set up all my accounts on the phone. Here is some background and issue:
My old device was S7 with a valid SIM and still active.
On the new device, I installed all of the apps manually. One of the apps is also Youtube Vanced (which is also on my old phone)
I felt I installed everything and then went to activate the SIM after a while. Once I inserted the brand new SIM card into the device, it gave me a warning that the SIM is not provisioned (as I haven't activated it yet). Then I started noticing random apps getting installed. These are the apps that I have never installed over the years.
I felt maybe the Vanced app was compromised, as it was the only one out of the app store. I kept uninstalling apps but new ones kept appearing.
I was in a bit of a panic mode and did a factory reset. Then repeated the steps. This time I did not install the Vanced. Everything was clean, except the apps starting appearing almost a minute after I put the SIM card. Then I performed a reset again thinking this is not the Vanced app issue (is this the right assumption?)
Then after the reset, I did not install any new apps at all, did not even provide my Gmail or Samsung accounts. I waited a few minutes to see if apps were installing. Nothing happened. I went ahead and inserted the SIM again and well, the apps started again. At this point I have reached a conclusion that this was due to the SIM card.
I did another reset and now haven't inserted the SIM (been few hours now and no apps installed).
Question 1- Is it possible that there is a problem with the SIM? If not, what could be the problem.
Question 2 - Does the factory-reset resolve the issues with any malware/virus or do we need additional procedures to make sure the device is "clean"
Click to expand...
Click to collapse
heard of it.. u well get a locked phone with security code,, and cannot access it.. always watch out for such SIMS.. because i dont know how its codded

Tekodrink said:
heard of it.. u well get a locked phone with security code,, and cannot access it.. always watch out for such SIMS.. because i dont know how its codded
Click to expand...
Click to collapse
Its about license

weirdissue said:
I bought a brand new Note 20 with ATT (locked) and was trying to set up all my accounts on the phone. Here is some background and issue:
My old device was S7 with a valid SIM and still active.
On the new device, I installed all of the apps manually. One of the apps is also Youtube Vanced (which is also on my old phone)
I felt I installed everything and then went to activate the SIM after a while. Once I inserted the brand new SIM card into the device, it gave me a warning that the SIM is not provisioned (as I haven't activated it yet). Then I started noticing random apps getting installed. These are the apps that I have never installed over the years.
I felt maybe the Vanced app was compromised, as it was the only one out of the app store. I kept uninstalling apps but new ones kept appearing.
I was in a bit of a panic mode and did a factory reset. Then repeated the steps. This time I did not install the Vanced. Everything was clean, except the apps starting appearing almost a minute after I put the SIM card. Then I performed a reset again thinking this is not the Vanced app issue (is this the right assumption?)
Then after the reset, I did not install any new apps at all, did not even provide my Gmail or Samsung accounts. I waited a few minutes to see if apps were installing. Nothing happened. I went ahead and inserted the SIM again and well, the apps started again. At this point I have reached a conclusion that this was due to the SIM card.
I did another reset and now haven't inserted the SIM (been few hours now and no apps installed).
Question 1- Is it possible that there is a problem with the SIM? If not, what could be the problem.
Question 2 - Does the factory-reset resolve the issues with any malware/virus or do we need additional procedures to make sure the device is "clean"
Click to expand...
Click to collapse
Hi!
Not malware , adware .
A carrier branded version will come with some preinstalled apps and even some games like candy crush or bubble something (verizon is specially terrible with this kind of sutff) so those weird apps that got installed after you put in the sim card is just ATT loading it their bloat.
Also if you downloaded vanced from the trusted sources , github or the xda links , theres nothing to worry about. Cheers

Related

SIM hacked/infected - reflashing does not remove it

Hello XDA.
Over the last three months, my phone has been regularly sending SMS's to a number in Singapore. Of course this is not something I have had anything to do with.
I have an LG G3 (D855) phone running Android 6.0_EU. My phone has been rebooting itself numerous times a day with the message that the SIM card was removed. It starts back up and usually works without a hitch. Checking my carriers log, I see that every reboot correlates to a sent text to Singapore at the exact time the phone was booting up again.
There is absolutely no evidence as far as I can tell that these messages are sent from my phone.
As I only just recently discovered this, I started investigating. I flashed my phone with a 6.0 KDZ from a thread on this forum, but it still rebooted afterwards and sends texts. I placed my SIM into my wifes D855, and it started experiencing the same issue. When we placed her SIM back into her phone, we could see that her phone number had ALSO started sending texts to Singapore.
We flashed her phone, put in a completely fresh SIM with an unused phone number, and that number started sending texts as well.
This leads me to thinking that there was a virus or malware on my own SIM and phone which then was tranferred to my wifes phone via my SIM and then from her phone onto the fresh SIM.
My question is this:
Has anyone ever heard of a malware/virus capable of replicating itself in such a degree that it exists on SIM cards and on the phone while it survives reflashing a stock ROM?
Also, is there any way to competely, and i mean completely wipe a phone so a bootkit is removed as well?
I hope there are some wise heads out there who has any idea regarding this.
According to Google there aren't really an precidences of what we are experiencing.
Infection has now been removed
Persistent memory can be a nuisance.
Confirmed infection has been removed by two days of inactivity on a fresh SIM-card by doing the following:
Rooted the phone using KingRoot and a guide here on XDA
Installed the custom Recovery TWRP
Installed the Lineage OS 7.1.1 custom Firmware
Through this, we can with a 95% certainty determine that the virus/malware resided in the recovery partition and the reflash of stock ROM did not flash the recovery partition.
In fear of being reinfected, I have not inserted an infected SIM into the new environment test test, whether or not it would be reinfected.
I hope this helps anyone who may experience this gnarly situation.

anyone else having issue upon reboot "no sim" sometimes

i have a KB2005 rooted with Magisk Canary, Clean Slate Kernel, on OOS 5.6 and sometimes when i reboot i get the "no sim", i have to keep rebooting until its detected. im not sure if it has to do with Magisk cause i rooted my phone as soon as i got it. at first i thought it was the module with the OnePlus Dialer App but i uninstalled it for a little while and it still happened sometimes, so i just reinstalled it. im just curious if anyone else has experienced this issue? its no biggie for me its just i dont notice it sometimes cause i disabled all the icons in my status bar cause im trying to prevent a burn in of the icons on the status bar.
I've had the 7pro since the day it came out and maybe this is a coincidence but I got the T-mobile 7pro (doesn't come with dual sim card tray) so till I got the dual sim card tray it did the exact same thing yours is doing.. Now I do have a hard time thinking it's the tray itself but I haven't had a single problem after I replaced it.
I have the 8t on T-Mobile rom and rooted and occasionally on reboot I do see the no sim for literally less than 2 seconds after unlocking the first time then it's normal and when I say occasionally it's probably like 2/7 reboots
Weird. I have the dual sim tray (original, came with phone). Wonder why I seem to be the only one with this issue. I only have a few apps installed, no social media or messenger apps except the stock mms app(which is Google messeges). I have apps, Servicely, Naptime, FKM, Viper4Android, Amazon Music, Adobe PDF, Call of Duty, Gendroid, Chess, Termux, Unit Converter.
QUESTION FOR THE ANDROID PROS, Is there a way I can diagnose this? Thanks
I see this on my 8T (KB2005AA) for a couple of seconds on bootup as well. My pixel 3 used to do the same. Verizon network.
Seems to not affect anything..

Phone downloaded apps by itself, even without data enabled.

Hi all.
I have searched quite a bit and have found no answer to this problem yet.
So the phone is fresh from factory reset. Phone is pre-owned. Never connected to any wifi network and the wifi always remained off. Same goes with mobile data, never turned on. What's even more interesting is the sim is a prepaid simcard with no credits and no data. The simcard is intended to receive text and calls. (No cost to receive calls or sms). So data leak from that isn't possible either.
I have seen hidden downloaders from carrier that downloads bloatware by itself before. But this is the first time I've ever seen it self download apps without any data connection.
The built-in data usage counter still shows 0. The phone has never connected to anything. But now several bloatware apps just showed up. And those apps do work and storage used has increased. I noticed this around 24 hours after the reset.
Can someone please explain what is going on?
Do phones have secret functions to access data undetected by wifi or carrier?
The phone manufacturer is a one of the major brands and probably the largest that don't have access to GMS.
WishTime said:
Hi all.
I have searched quite a bit and have found no answer to this problem yet.
So the phone is fresh from factory reset. Phone is pre-owned. Never connected to any wifi network and the wifi always remained off. Same goes with mobile data, never turned on. What's even more interesting is the sim is a prepaid simcard with no credits and no data. The simcard is intended to receive text and calls. (No cost to receive calls or sms). So data leak from that isn't possible either.
I have seen hidden downloaders from carrier that downloads bloatware by itself before. But this is the first time I've ever seen it self download apps without any data connection.
The built-in data usage counter still shows 0. The phone has never connected to anything. But now several bloatware apps just showed up. And those apps do work and storage used has increased. I noticed this around 24 hours after the reset.
Can someone please explain what is going on?
Do phones have secret functions to access data undetected by wifi or carrier?
The phone manufacturer is a one of the major brands and probably the largest that don't have access to GMS.
Click to expand...
Click to collapse
Some devices have system apps that can be "uninstall", but they don't actually uninstall completely because the uninstalled apps are stored in a hidden partition. But, once uninstalled, if the device is factory reset, the apps automatically reinstall themselves from the hidden partition, similar to when resetting a PC to factory defaults. I had a tablet that would do this, the apps were definitely uninstalled but would reinstall from the hidden partition when I would factory reset the device, then I would have to uninstall those apps again. This would happen every time I did a factory reset.
Droidriven said:
Some devices have system apps that can be "uninstall", but they don't actually uninstall completely because the uninstalled apps are stored in a hidden partition. But, once uninstalled, if the device is factory reset, the apps automatically reinstall themselves from the hidden partition, similar to when resetting a PC to factory defaults. I had a taste would do this, the apps were definitely uninstalled but would reinstall from the hidden partition when I would factory reset the device, then I would have to uninstall those apps again. This would happen every time did a factory reset.
Click to expand...
Click to collapse
Thanks for the answer.
Yes I understand that part of uninstall. But the difference here is those apps never returned fresh from factory reset. It returned hours after using the phone. The first few hours of using the phone, those apps doesn't exist, doesn't even show up on the free space count. It wasn't until the next day those apps appear.
I did suspect what you said too, but I can't explain why it waited at least 18-24 hours delay before installing itself and show up on the phone. If that was the case, it should have appeared right after the reset.
WishTime said:
Thanks for the answer.
Yes I understand that part of uninstall. But the difference here is those apps never returned fresh from factory reset. It returned hours after using the phone. The first few hours of using the phone, those apps doesn't exist, doesn't even show up on the free space count. It wasn't until the next day those apps appear.
I did suspect what you said too, but I can't explain why it waited at least 18-24 hours delay before installing itself and show up on the phone. If that was the case, it should have appeared right after the reset.
Click to expand...
Click to collapse
Yes, I considered that also. The only other thing I could imagine is that maybe you installed something and then whatever that was installed the additional apps.
Questions of a hidden Google mesh network come to mind after reading this. I guess it's theoretically possible via Wi-Fi or Bluetooth between devices. I don't know.
So after trying to gather more information.
I believe it is installed from some "hidden partition" by some hidden app installer.
The reason is.
1. No data of what so ever is connected.
2. The installed app version is old, as in few months before the official release.
What is intriguing is.
1. The delay before installing this app (and through an installer), rather than just install it fresh from reset.
2. It doesn't appear to be consuming and storage, as if this hidden partition cannot even be seen. Once the app appears, the storage usage increases.
zpunout said:
Questions of a hidden Google mesh network come to mind after reading this. I guess it's theoretically possible via Wi-Fi or Bluetooth between devices. I don't know.
Click to expand...
Click to collapse
I actually believe it is a thing. I vaguely remember that my brand new iPhone detected and recommended my current location region without even inserting a simcard or connecting to wifi yet. The kicker is, phone was purchased in another country that is separated by vast ocean and several time zones.
To this day I still can't figure out how did the iPhone know that. I suspect that the wifi routers broadcast more than just SSID to any device that is not connected. Or it could be from another iPhone. Maybe some similar bluetooth tech that predates "Airtag". This was about 3-4 years ago, likely it was the X.
WishTime said:
So after trying to gather more information.
I believe it is installed from some "hidden partition" by some hidden app installer.
The reason is.
1. No data of what so ever is connected.
2. The installed app version is old, as in few months before the official release.
What is intriguing is.
1. The delay before installing this app (and through an installer), rather than just install it fresh from reset.
2. It doesn't appear to be consuming and storage, as if this hidden partition cannot even be seen. Once the app appears, the storage usage increases.
I actually believe it is a thing. I vaguely remember that my brand new iPhone detected and recommended my current location region without even inserting a simcard or connecting to wifi yet. The kicker is, phone was purchased in another country that is separated by vast ocean and several time zones.
To this day I still can't figure out how did the iPhone know that. I suspect that the wifi routers broadcast more than just SSID to any device that is not connected. Or it could be from another iPhone. Maybe some similar bluetooth tech that predates "Airtag". This was about 3-4 years ago, likely it was the X.
Click to expand...
Click to collapse
Location is detetmined by more than just mobile data and Wi-Fi, it also uses the regular cellular part of the radio. The cellular part of the radio works even without an active SIM. That is why the emergency location and emergency call features work even without the device being activated on a network so that you can make emergency calls and your location can be tracked in emergency situations so that you can be found if you need help or rescue.

Question S22 Ultra: SIM card required to start setup (T-Mobile version from Samsung.com)

Hi. I received my Samsung Galaxy S22 Ultra 5G smartphone, which I ordered from Samsung.com (I chose the T-Mobile version when ordering). After turning on the phone for the first time, at the Welcome screen, when I click the Start button, I get the message, "Insert SIM card from your service provider for network service."
I can't find a way to bypass this message. I was initially thinking if I could connect to my WiFi, it'd go away, but there's absolutely no way to connect to WiFi or access any settings.
I upgrade my smartphones every 15 months and have had T-Mobile for nearly a decade, and this is the first time I've seen such a thing during setup. I like to keep my SIM card in my current smartphone until the new one is fully set up, at which point I would transfer the SIM card over. I have a lot of services I use that rely on SIM card (i.e., not fully cloud-based and are tied to the SIM card), and not having that service during setup may be an issue. Also, I have received brand new phones that have had issues in the past (e.g., poor battery life, screen problems), so I'd rather fully test the new phone before transferring my SIM over.
The workaround I thought of: Put in a temporary T-Mobile SIM card, just to complete the setup process. Once setup has completed, I'll put my actual SIM card into the phone, or have T-Mobile transfer my phone number to the new SIM card. Thoughts?
Thank you.
It's because you got the T-Mobile phone so it wants you to connect to the network first before using it or continuing with setup. A way to get around that is to install the u1 firmware.
IIRC you can hold the volume down button for 5 seconds at the sim required screen to bypass the requirement. There's a help article somewhere that documents this.
As far as I know, Samsung requiring a SIM card during initial setup has been around for a long time. Nothing to do with your carrier. Even my unlocked phone from Samsung required a SIM card on first boot before continuing. There are of course ways around that, but beware. I bypassed the SIM card requirement setting up my S21 Ultra and spent a day configuring it to my liking. Then I popped the SIM card in from my old phone and it caused a factory reset erasing all my hard work. Probably because my carrier wanted to install all their software and settings. Not saying the same thing will happen to you, but just something to be aware of.
Here is the link to the eSIM setup (bypass SIM requirement)
Samsung eSIM to eSIM first time use
Visit T-Mobile Support for help with phones & internet devices, plans & services, billing, and more!
www.t-mobile.com
Sticking a SIM from another carrier after eSIM set up should not cause a hard reset under normal circumstances, it does cause a reboot into bootloader to deploy the new carrier specific customizations from cache, but this is supposed to be transparent to user data. It broke if it caused a hard reset ;\
Da_G said:
IIRC you can hold the volume down button for 5 seconds at the sim required screen to bypass the requirement. There's a help article somewhere that documents this.
Click to expand...
Click to collapse
Technically, this worked, but this burned me badly. I appreciate the workaround, but I highly recommend against it. See below.
SloPoke23 said:
I bypassed the SIM card requirement setting up my S21 Ultra and spent a day configuring it to my liking. Then I popped the SIM card in from my old phone and it caused a factory reset erasing all my hard work. Probably because my carrier wanted to install all their software and settings. Not saying the same thing will happen to you, but just something to be aware of.
Click to expand...
Click to collapse
This is exactly what happened to me on the Samsung Galaxy S22 Ultra. This is literally the most annoyed I have ever been at an electronic consumer device.
I spent over 21 hours over the span of 6 days setting up the phone. I put in the SIM card and was presented with a message stating, "SIM card detected. Restart your phone to start using your new SIM card." I could not use the phone at all, so my only option was to restart. After I hit the Restart button, the phone restarted. For less than 3 seconds, it showed a black screen with a small Android logo, with the small text "Erasing." Then the phone started up and everything is as if it's a brand new phone. Everything I've spent time working on is all gone.
Hello Team, important information, when it is asking for the carrier sim card, you need press volumen up + volumen down + power button at the same time for few seconds, then it will say a message like "Unlocked" then proceed with the first configuration.
This is for people who is going to use with a different provided, please let me know if you heard or read this info in another link (because i did not find that)

Question "IMEI (or MEID) is empty" error message

Galaxy S22 Ultra (SM-S908U1) USA model unlocked purchased directly from Samsung.
Running on T-Mobile. I replaced the original SIM card with eSIM several months ago so I have two different IMEI numbers.
Just updated the phone OTA to the June security update a couple of days ago when it finally became available for my phone.
Yesterday I tried to update some apps in the Galaxy Store and they wouldn't update. The screen just sort of jumped up a little, then down. After trying numerous times without success, I decided to try first signing in and out of my Samsung account which didn't work, then I tried deleting my Samsung account. When I tried to go back into Settings/Samsung account, I got an error message every time: "IMEI (or MEID) is empty". This same error message shows up when I try to sign into Samsung Pass, Accounts/Backup data, Biometrics and security/Find my phone, Galaxy Store app, pretty much anything that seems to have a tie in to my Samsung account.
I did a full factory data reset, but the problem is still there. I sort of remember updating a couple of apps in the Galaxy Store a couple of days ago and it worked fine. Could the June update process have done something to my phone, and how do I fix it?
Could be the esim that's at fault. Can you revert to sim card?
I still have the old SIM card, but it was deactivated when I had the eSIM activated.
raul6 said:
Could be the esim that's at fault. Can you revert to sim card?
Click to expand...
Click to collapse
Well, well. I decided to try your advice and inserted the old SIM card, then restarted the phone and...voila! I now have access to my Samsung account and the Samsung apps work. Thanks very much for your advice!
Missed this. Yes, if you insert ANY sim card, even a new, unused one will fix this. Once you sign in to the app successfully, you can remove that sim. Seems to be a bug introduced in the JUNE update.
That works for me until I turned the phone off in which case it lost the MEID again until I used another SIM.
if you use a non-working simcard, you will have problems with Apps & downloading. It stands to reason that this will occur. Plus ESIM is a relatively new addition and there will be bugs.

Categories

Resources