Im keep being hacked by my genius software engineering malignant narcissistic. I've bought over 15 different phones from different carriers and used fake registration info. However, they get hack in 30 mins. I know the fontserver app was remotely downloaded Over the Air because of other apps that are installed to help that process. For ex; GNSS Air Test, Gnss Test 1.2, fused location, gnss log level setting, LAOP test. V1.93, entitlement checkservice , FOTA update, secure ui service, teeservice, dynamic syatem update, hidden menu, hidden operator, G-DEC, GCUV, etc...mobile service apps to install the spyware. From my understanding, all is needed is a phone number to where app is downloaded OTA. Here's the kicker... With every new phone I dont even setup a google acct or call anyone and it get hacked.
So please anyone share your theories or anything about this . i need to stop this bs. Theyve gang stalked me broke in my house numerous time vandalized, hacked my friends and their families threatening them with death threats and non stop harassing calls to my cell and house phones.
So i just need some kind of inkling how this can happen. Sincerely yours truly
Sorry to hear this is happening to you. It is also happening to me by my soon to be ex who is already by ex. I keep being told to buy another phone and I don't because I figure the same would happen to me and the new phone will just get hacked as well by whomever she got to do this to me. I created a post today asking for help, but due to the lack of replies to your post I guess I better not hold my breath that anything can be done. Did you find a resolution to stop from being hacked?
Better check yourself...
Burgrio said:
Hacking attacks are on the rise, and it doesn't seem like there is any way to protect yourself from them.
Click to expand...
Click to collapse
There's plenty you can do. Most devices get compromised because the user did something stupid.
Not always but part of not being stupid is acting as soon as unusual behavior is noticed. Find the cause asap.
Factory reset if you highly suspect being hacked and reset all passwords.
I've been running outdated and unpatched stock Androids for years with no breaches that ever required a factory reset or reflash to purge. It could happen but in practice if you don't do stupid things... it doesn't happen.
Downloading any unvetted files or apks even a jpeg can do it. Do not side load anything unless completely vetted. Lock down install unknown files globally and locally for all apps especially browsers unless you need to sideload. Check those settings at least once a month... and enable them as soon as a sideload is done.
I don't use wifi and keep bt off when not being used. I check my download folder daily for crap I didn't download and for any strange behavior.
All email is kept in the cloud... email and texts are prime perpetrators.
Don't click on anything unknown, delete or close the window. Keep all trashware apps off the device including FB, Twitter, WhatsApp etc.
Scan app permissions, know what's running at startup and why/what's accessing the internet.
Listed System Administrators, who's your daddy?
The list goes on but you get the idea...
♤There's no saving dumb bunnies
Related
Heya everyone!
Okay.
So I had a house theft where my Nexus 10 tablet was stolen.
I had Prey installed, but stupid me, disabled this from the Task Manager thingy thinking that it was eating up the battery, along with the GPS location option.
So both of those were not active at the time of the robbery.
I can go to the Google Play Store and see that it's being used every day, but it can't locate where it might be.
Two months had passed since then where suddenly I saw someone using my Pandora account and even entered in her real name.
After a simple Google search, I found her, including her address, and told a detective about this.
He stopped by to see her and she gave a good explanation, stating she no longer had it anymore.
The last time she used Pandora was the same day the detective was there.
I emailed Pandora if I could get an exact time stamp on the last song that was played and I'm waiting to hear from them.
I have a replacement tablet, another Nexus 10.
I can go online and ring the stolen device, lock it, or even erase it.
The tablet is still in my name even though it's gone.
Is there anything extremely smart I can do with this situation?
Thanks ahead.
-James
Since you are getting a replacement tablet, there is no need to get the original back. However, you might want to wipe it (as you stated you could) so nobody can use your Google account or take advantage of any personal info.
Change your passwords to those accounts you had on your stolen tablet.
Examples of accounts: Google, email(s), Pandora and all others which have a password.
If you had confidential information like your credit card number, etc, you might also wish to get them changed.
You should go online and disable your stolen device - erase and lock it.
Get over it bro. Buy a new one
Since upgrading to lollipop I'd noticed a couple of small niggles with me Galaxy S5. As I've not had to rebuild my phone since purchasing it, I decided a factory reset wouldn't do any harm. Since resetting, Google play services keeps waking my GPS and searching for my location, this happens every few minutes unless I turn the GPS off. I've got all the usual Google stalking features turned off (Google now, location history, location reporting) but I've still got the same issue. I've even reset again and unticked the box to restore my user data... But still Google want to know where I am.
Any ideas how to resolve this one? It's a pain if I have to keep turning my GPS off when I'm not using it, especially when I had no issue prior to factory resetting.
clattewell said:
Since upgrading to lollipop I'd noticed a couple of small niggles with me Galaxy S5. As I've not had to rebuild my phone since purchasing it, I decided a factory reset wouldn't do any harm. Since resetting, Google play services keeps waking my GPS and searching for my location, this happens every few minutes unless I turn the GPS off. I've got all the usual Google stalking features turned off (Google now, location history, location reporting) but I've still got the same issue. I've even reset again and unticked the box to restore my user data... But still Google want to know where I am.
Any ideas how to resolve this one? It's a pain if I have to keep turning my GPS off when I'm not using it, especially when I had no issue prior to factory resetting.
Click to expand...
Click to collapse
It's more likely one or several of the myriad of apps/services on your phone. Do you have a weather app on your phone? Well, how's it going to know how the weather is, if it doesn't know where you are? Facebook by default wants to know where you are so when you post or send a message, it tells everybody where you are. Even apps like music streamers want to know where you are so they can tell you where you were when you heard something. Lots of apps that you wouldn't expect to use GPS in fact do. The vast majority of this data collection is completely innocuous and harmless, but you always have the option to disallow it. Or not use the app(s) as well; remember, it was you that granted the app GPS permissions when you installed it.
Planterz said:
It's more likely one or several of the myriad of apps/services on your phone. Do you have a weather app on your phone? Well, how's it going to know how the weather is, if it doesn't know where you are? Facebook by default wants to know where you are so when you post or send a message, it tells everybody where you are. Even apps like music streamers want to know where you are so they can tell you where you were when you heard something. Lots of apps that you wouldn't expect to use GPS in fact do. The vast majority of this data collection is completely innocuous and harmless, but you always have the option to disallow it. Or not use the app(s) as well; remember, it was you that granted the app GPS permissions when you installed it.
Click to expand...
Click to collapse
Thanks for your suggestion, I don't think it is another app though. Prior to resetting my phone the 2nd and 3rd time I uninstalled any suspect apps one by one to see which one was the culprit. In the end I just went through the entire apps list and uninstalled/disabled everything I could, it made the phone really unstable and practically unusable but still didn't stop Google Play Services using my GPS every few minutes.
Any other ideas?
clattewell said:
Thanks for your suggestion, I don't think it is another app though. Prior to resetting my phone the 2nd and 3rd time I uninstalled any suspect apps one by one to see which one was the culprit. In the end I just went through the entire apps list and uninstalled/disabled everything I could, it made the phone really unstable and practically unusable but still didn't stop Google Play Services using my GPS every few minutes.
Any other ideas?
Click to expand...
Click to collapse
Try this:
http://androidforums.com/threads/is-there-an-app-to-track-which-app-uses-gps.732746/
how about "Android Device Manager " .. is that disabled?
There are a lot of guides about how to fix this. It isn't always the same service that is an issue...but you can try and disable some of the ones that are known to be problematic. For example see post #3 in this thread: http://forum.xda-developers.com/showthread.php?t=2785128
Sent from my Nexus 5 using XDA Premium 4 mobile app
Hi guys!
Tried the search but came up with nothing so here goes...
I must admit I'm not very tech savvy but I can follow instructions no worries
I joined mainly because my Samsung Galaxy S8+ (un-rooted) started to behave very strangely early this year.
(and I want to trick it up after warranty expires in August ?)
Short story is that my Samsung account got hacked (or it at least seems like it) and the perp was then able to control my phone remotely. It was incredible watching my phone do as it pleased and all I could do was sit back and watch. Funny thing is that I've never actually toggled the RC switch (find my phone)...
My local carrier (Telstra Bigpond - Australia) account as well as my Google account got taken over shortly after. This would have given whoever it was access to my 3 cloud accounts which add you can appreciate would contain some sensitive material.
Whoever is responsible could well be a member on here so "Hi, there!! "
I pulled my sim and sd card and switched the phone off so I could decide what to do next.
I got a password manager app, changed all passwords (lucky my partner had a spare iPhone 5S sitting around up I could get online) and factory reset the phone.
All seemed to be going well until a few days ago...
I got "timed out" on my Samsung account (is that even possible?!) and while I was putting the password in (on the Samsung website - silly mistake!) just as I hit next I noticed a few dots in a square pattern that did a spinning type of graphic over the password entry box.
Continuing onto the next screen where the two step verification was, which was to send a text to my phone to receive a code and bang! Before I even received the text a six digit code appears in the fill box on the screen (same spinning dots in a square pattern) right before my eyes and then I receive the text afterwards! The numbers matched!!
I’ve also been asked to enter my Google credentials on more than one occasion lately from being “signed out”...
I don't know what to do!
I've tried all of the popular virus type apps and a few file managers to no avail. More like I've been hacked than a virus?
I've removed apps and shut down almost all of them as well as toggling between mobile data and WiFi and restored the phone twice back to earlier backups from over 6 months ago.
I've only ever downloaded from the Play Store apart from just the once getting your better version of the Play Store XDA (LABS) app.
What might be noteworthy is when I was using Google's help function it said that I had a "modified Android" and to contact manufacturer. I can guarantee the phone has never been cracked open.
I can provide screen shots from DevCheck (FLAR2) but I really don't know what I'm looking at. I also don't have any unknown apps etc...
I really don't know what to do next...
Any advice please??
Sorry about the long post.
All the best,
Crackles
Took phone to Samsung and they wiped the device and installed current (Android Pie 9 w. Feb 01 security update) so was looking forward to having a play with the new os until I went to add my Samsung account details...
Entered the password then the 2-step security kicked in to send a text to my number.
The earlier 4 circling dots dropped the 6 digit code into the fill box before I even received the sms! Device (on it's own jumped straight to the remote control button in the Find my Device security section) then attempted to change the password!
Only thing that prevented that from being carried out was I had biometrics activated and stopped the action using my fingerprint.
Seriously no one has any idea on what to do?!
I also had installed a replacement sim card.
I also can't uninstall updates on certain apps like Google Play Services etc, and some apps either have a dead link (press it and nothing happens) or Play Store can't find the app when I hit the downloaded from Play Store thingy at the bottom of the app description page. Hope that makes sense.
As you said, they wiped the phone, which means they most likely flashed the whole firmware, so there's no way for any malware to remain installed. But for what it's worth, you can try to re-flash the firmware yourself using Oding to make sure the whole flash is clean.
If your phone really was infected with any kind of malware, it must have been a 3-rd party app you have (repeatedly) installed. Some apps like Google Play Services cannot be uninstalled because they are vital for system's (or rather apps installed from Play Store) propper functioning.
Also, even if you had infected your device, it would not be able to take control of your device to the extent you described because of app sandboxing, which cannot be broken unless the app constitutes itself as a system app (because every part of the system has to be cryptographically signed, this would break the boot and brick your device) or the user (you) would have to allow the app the necessary permissions to carry out these tasks.
Hey Kernel thanks for the reply ?
Yes I know what I'm saying sounds crazy and even the missus said I was nuts till I showed her.
I can't screen record any more either...
I'm noticing odd little things like when I pull the notifications screen down for a second or so the NFC, Bluetooth and nearby icons are lit up but then revert back to a if they were off. I've switched all of these items off in the settings so are they being sneaky?
So far nothing really bad has happened apart from not being able to put my credentials into the PayPal app. That's using both Last Pass auto-fill and manually entering the email and password. I've un-installed and re-installed many times and it's the same. I'm not going to add any banking apps just yet.
Facebook also got installed in the background about 4 times within a few minutes. Seemed odd to me. I think I've got a screenshot of that.
Malwarebytes found an issue with I'm guessing a theme I got from the Samsung Galaxy Store so I removed it, chose another and it seems OK.
There's still a few odd things happening like certain settings reverting back to something different from what I'd set.
I'll keep tinkering and post anything that stands out.
Is there an app or something that can check every file on my phone and tell if something isn't quite right?
I don't have a pc at the moment but when I do I'll look into Odin.
Thanks again for taking the time I know I sound like a lunatic and tbh I really wish I was haha!! :laugh:
Hmm interesting...
When I tried to upload the screenshot it stopped and said "bad request"...
Sent from my SM-G955F using XDA Labs
Could all this weird bs be happening if the home WiFi has been hijacked?
Sorry for dumb questions.
Sent from my SM-G955F using XDA Labs
Whatsapp does the same thing, autocompletes the code, before de sms is coming. This is not a malware. But, don't use password manager... Those can be hacked.
Really my password manager can be hacked?!
I'm using Last Pass.
So moving on I started to poke around the WiFi router and found the PnP enabled and my device was sharing with another device. I did not authorise this. I've since reset the router, changed the pin and access code, disabled the WPS and also factory reset the device that was "sharing" with mine... The owner of said device no longer lives with me. I'm just glad I confiscated the phone from him before he left.
When I'm researching possibilities of what could be going on with my phone the pages won't load. It's like my searches are being monitored and the data is being stopped. I tested this with my partner's phone (on mobile data) and the exact Web pages loaded right up on her's without a hitch! I tried again on mine and they just stopped. Pages would load straight away on mine if searching for something completely different like rc cars or bmx related content. Stuff to do with my phone just won't work ffs!
Like when I tried my first post on here. It simply would not post it up! I ended up having to copy/paste the draft and emailing it to another account that I made up on the spot on her phone. Hence the two usernames in this thread.
I got the 3C TOOLBOX app and in the app management section, Task Manager under service many of them are "custom entries" and I cannot un-tick, modify or reset back to the original version of any of these apps. Google Play Services was the worst. Pretty much every thing it was capable of doing had a "custom action" and I could not do anything with it.
Am I doing something wrong or do I have a serious invasion of my phone..?
Thinking about smashing this thing to bits and getting an S10+ ??
Also the Bluetooth, NFC & Nearby buttons almost any me of the day/night are on for a split second when I drag the motivation panel down. These are all set to "OFF" in settings...
What
The
F--k?!?!?!
Sent from my SM-G955F using XDA Labs
Hi Guys,
I got a strange email in my emails, when looking at the email from / to it looked spoofed and I was about to click back but I accidentally clicked 'Download images', the ones that are usually blocked when opening an email, not actual attachments. Can JPEGs etc... contain anything malicious?
I factory reset my phone after that happened but that didn't stop my getting 3 calls from Africa this morning, 2 within one minute.
phoneNoob2020 said:
Hi Guys,
I got a strange email in my emails, when looking at the email from / to it looked spoofed and I was about to click back but I accidentally clicked 'Download images', the ones that are usually blocked when opening an email, not actual attachments. Can JPEGs etc... contain anything malicious?
I factory reset my phone after that happened but that didn't stop my getting 3 calls from Africa this morning, 2 within one minute.
Click to expand...
Click to collapse
They can, eg Stagefright or later in 2016 this
https://www.forbes.com/sites/thomasbrewster/2016/09/06/google-android-one-photo-hack/
or just last year
https://www.komando.com/security-pr...e-over-an-android-phone-with-an-image/543634/
which you phone may be vulnerable to if not still getting regular updates
and just this month patch also has media framework bug allowing possible escalation of privileges
https://9to5google.com/2020/06/01/pixel-june-20-security-patch/
however it could just be a coincidence you got a storm call, they just use computers to call from a number list or random numbers.
A factory reset may not get rid of malware that has been able to install itself in the system partition. You need to reflash the full factory image again. Or if your phone not getting updates any more from manufacturer you should ALSO flash a trusted custom rom ie Lineage OS from official source (hopefully there is one for your EXACT model) after you have clean flashed the most recent manufacturer ROM.
I use Android 10 with security patch from April.
Would I be right in assuming that the phone needs to be rooted for anything to be installed on the system partition? I don't have mine rooted.
Last time I reflashed a device, even with official firmware it stopped me getting updates.
It is quite annoying since pretty much everybody keeps saying it is safe to open a spam email as long as a link is not clicked or attachment downloaded but that appears to be rubbish since the images rendering within an email seem to be enough for a phone to be hijacked.
phoneNoob2020 said:
I use Android 10 with security patch from April.
Would I be right in assuming that the phone needs to be rooted for anything to be installed on the system partition? I don't have mine rooted.
Last time I reflashed a device, even with official firmware it stopped me getting updates.
It is quite annoying since pretty much everybody keeps saying it is safe to open a spam email as long as a link is not clicked or attachment downloaded but that appears to be rubbish since the images rendering within an email seem to be enough for a phone to be hijacked.
Click to expand...
Click to collapse
You should be pretty much covered for known security issues as you are on April security patch. Though there are of course likely be other unpublished vulnerabilities. You can try submit suspect images to virustotal.com see if it's already known.
Unfortunately malware can install into system partition even if you have not rooted your phone in some cases eg if vulnerability is in already privileged process. (note: I'm not security expert)
Given you are pretty much up to date with known patches I think the phone calls likely just a coincidence, unless you have more indications of hacked phone or other accounts etc.
Edit: PS even if those images were malicious you may be OK as you have recent security patch so they might not have been able to compromise your phone.
IronRoo said:
You should be pretty much covered for known security issues as you are on April security patch. Though there are of course likely be other unpublished vulnerabilities. You can try submit suspect images to virustotal.com see if it's already known.
Unfortunately malware can install into system partition even if you have not rooted your phone in some cases eg if vulnerability is in already privileged process. (note: I'm not security expert)
Given you are pretty much up to date with known patches I think the phone calls likely just a coincidence, unless you have more indications of hacked phone or other accounts etc.
Edit: PS even if those images were malicious you may be OK as you have recent security patch so they might not have been able to compromise your phone.
Click to expand...
Click to collapse
Strange thing is Tuesday night before this, I got a reset password email for Netflix... i didn't think too much of it and don't know why they would do that.
That is before Thursday when I accidentally opened a spam mail then later on Thursday got a few calls from an African Number.
Then today I got 3 password reset emails from my other email account, of course the reset requests went to my email.
Microsoft really suck too because I cannot get on my email account from a browser since when I put my phone number in it says, try again later. I am already logged in through the app though.
phoneNoob2020 said:
Strange thing is Tuesday night before this, I got a reset password email for Netflix... i didn't think too much of it and don't know why they would do that.
That is before Thursday when I accidentally opened a spam mail then later on Thursday got a few calls from an African Number.
Then today I got 3 password reset emails from my other email account, of course the reset requests went to my email.
Microsoft really suck too because I cannot get on my email account from a browser since when I put my phone number in it says, try again later. I am already logged in through the app though.
Click to expand...
Click to collapse
so many reset password requests suggests something is going on, possibly your phone but maybe more likely just one of your online accounts passwords leaked, there were a couple of big ones recently, check haveibeenpwnd or is it just that you reset your phone?
Yeah, I always need to change my browser to old IE to log in to MS cause of my settings/addons
IronRoo said:
so many reset password requests suggests something is going on, possibly your phone but maybe more likely just one of your online accounts passwords leaked, there were a couple of big ones recently, check haveibeenpwnd or is it just that you reset your phone?
Yeah, I always need to change my browser to old IE to log in to MS cause of my settings/addons
Click to expand...
Click to collapse
Well I got myself an Iphone SE for now, heard that they are sandboxed as long as they are not jailbroken.. however I removed the native mail app since that has a vulnerability now which is quite famous.
I know it iPhone is a bit of a swear word around here, but it is the best option until re-installing the OS on Xioami mi 8 pro.
Hopefully there is a way to set mi 8 into recovery without using third party tools, XZ1 had a feature to re-install android but that was pretty rare. It is a shame the storage space is so awful on it or I wouldn't have wanted to change phone
Motorola stylus 5g (2022)
I'm sorry to come here but I appreciate your help. I know the basics but not the inside of the phone. I had to get a new phone so I got a new number. I got the Motorola stylus 5g (2022). Free through Metro T-Mobile. Try to restart it a couple of times. I'm just wondering is it normal to have 440 system apps on your phone. I'm trying to sign in on my backup but not downloading the extra apps. Then I feel like it's throwing third party apps in there and there's so much crap on there and I'm just so confused and I don't understand why it's so difficult. I ran a test and it had system apps from Android 6th through 11. I think is odd but I could be wrong. I try to stay away from Google but I do sign in with a Gmail account that I don't use anymore. I was trying to get all my stuff moved over and saved on a different iCloud. I have a couple of reports I did if it's helpful I could try to send them. I try to keep Google out of my privacy but I know that's impossible if you have anything lying around. Maybe that's what's messing it up. Also this phone is supposed to be a 4G but it's connecting to five UC T-Mobile which is I know.
I'm pretty detailed oriented and I'm can follow directions easily but I don't always explain myself well.
startingover72 said:
Motorola stylus 5g (2022)
I'm sorry to come here but I appreciate your help.
Click to expand...
Click to collapse
You've come to the right place then. We appreciate you taking the time to find the right section to post in, when many new users don't.
startingover72 said:
I know the basics but not the inside of the phone. I had to get a new phone so I got a new number. I got the Motorola stylus 5g (2022). Free through Metro T-Mobile. Try to restart it a couple of times. I'm just wondering is it normal to have 440 system apps on your phone. I'm trying to sign in on my backup but not downloading the extra apps. Then I feel like it's throwing third party apps in there and there's so much crap on there and I'm just so confused and I don't understand why it's so difficult. I ran a test and it had system apps from Android 6th through 11. I think is odd but I could be wrong. I try to stay away from Google but I do sign in with a Gmail account that I don't use anymore. I was trying to get all my stuff moved over and saved on a different iCloud. I have a couple of reports I did if it's helpful I could try to send them. I try to keep Google out of my privacy but I know that's impossible if you have anything lying around. Maybe that's what's messing it up. Also this phone is supposed to be a 4G but it's connecting to five UC T-Mobile which is I know.
I'm pretty detailed oriented and I'm can follow directions easily but I don't always explain myself well.
Click to expand...
Click to collapse
I have noticed that my Pixel 5 automatically downloads Verizon apps after a factory reset, even though I've never used any of them. It's definitely possible in your case. However, they install as "user" apps, not system apps.
startingover72 said:
Motorola stylus 5g (2022)
I'm sorry to come here but I appreciate your help. I know the basics but not the inside of the phone. I had to get a new phone so I got a new number. I got the Motorola stylus 5g (2022). Free through Metro T-Mobile. Try to restart it a couple of times. I'm just wondering is it normal to have 440 system apps on your phone. I'm trying to sign in on my backup but not downloading the extra apps. Then I feel like it's throwing third party apps in there and there's so much crap on there and I'm just so confused and I don't understand why it's so difficult. I ran a test and it had system apps from Android 6th through 11. I think is odd but I could be wrong. I try to stay away from Google but I do sign in with a Gmail account that I don't use anymore. I was trying to get all my stuff moved over and saved on a different iCloud. I have a couple of reports I did if it's helpful I could try to send them. I try to keep Google out of my privacy but I know that's impossible if you have anything lying around. Maybe that's what's messing it up. Also this phone is supposed to be a 4G but it's connecting to five UC T-Mobile which is I know.
I'm pretty detailed oriented and I'm can follow directions easily but I don't always explain myself well.
Click to expand...
Click to collapse
First off disable auto update in the Google store,
Second you should be able to go under settings and apps and disable all those unwanted apps you won't be able to remove them but you might be able to disable them.
As far as your connection type to the cell towers the phone might need to be reprovisioned or your APN is wrong.
You can try *#*#4636#*#* and make sure your band select is on auto there might be an active provisioning key near the bottom you can try using that too.
Sad to say since Motorola mobility was bought out by Lenovo and then the Chinese it's become one big trash heap
You should try to unlock your bootloader I believe it's 160 days of service I may be wrong and root it give you a lot more control over all that pre-installed stuff.
maddog3030 said:
First off disable auto update in the Google store,
Second you should be able to go under settings and apps and disable all those unwanted apps you won't be able to remove them but you might be able to disable them.
As far as your connection type to the cell towers the phone might need to be reprovisioned or your APN is wrong.
You can try *#*#4636#*#* and make sure your band select is on auto there might be an active provisioning key near the bottom you can try using that too.
Sad to say since Motorola mobility was bought out by Lenovo and then the Chinese it's become one big trash heap
You should try to unlock your bootloader I believe it's 160 days of service I may be wrong and root it give you a lot more control over all that pre-installed stuff.
Click to expand...
Click to collapse
"Sad to say since Motorola mobility was bought out by Lenovo and then the Chinese it's become one big trash heap!"
This right here is right on it!I wouldn't buy a MediaTek device if it was the last device on earth!They're slow,and constantly have freezing issues!Tablet issues were the worst!
Moto phones are relatively clean, they only really come with gapps, carrier apps, and Facebook.
When you do the initial setup and sign in with a Google account, it will queue up a bunch of Google apps. You can stop the download from the Play Store or just uninstall them afterward.
MCM Client(check through your installed apps, MCM are the two with the icon of a queen chess piece) will enable any carrier apps and queue any that are not already baked into the rom. These can all be uninstalled or disabled.
You can also uninstall Facebook, but it has some hidden packages as well. Go into Settings -> Apps -> See All, select the three dot menu at the top right an press 'Show system apps', and search for 'meta'. There will be 'Meta App Installer', 'Meta App Manager', and 'Meta Services' that all can be disabled.
5GUC is T-Mobile's extended 5G network. If you just want 4G, go into Settings -> Network & internet -> Mobile Network and disable the toggle for 'Allow 5G'. It's normal to have a bunch of apps. Most of them are part of Android, customizations and apps added by Motorola, radio support libraries, and carrier support apps. Nothing to really worry about.