Related
I hope this time it's the correct forum.
So long story short.
I've written an app that allows to hijack FaceBook profiles over the WiFi. So when you're connected to WiFi you can "hack" into other users profiles. It doesn't work for profiles using SSL (yes you have that option in FB). So it can be treated as a "bad app". BUT! it is not dangerous for the one using it. I am aware that this is "questionable" application, but is there any other way to tell people - "HEY! use secure connections, it is not safe to use public WIFI!". I'd bet that a lot of you don't use SSL now and after using/reading this app you will turn SSL on.
That could be the #1 reason for deleting my app.
The second one is that I've put a 'demo' app in the market with a limit to sniffing only 3 profiles. But you could buy it through paypal. And today I've found out that this also could lead to app deletion. However i've bought launcherpro through paypal so I don't see why my app was removed in less than 24 hours.
What is your opinion and what can I do to sell my app somehow (i need my 25$ back that I've paid to register in google wrr...). Is there an option I could do put it in market without google deleting it like putting a disclaimer or something? The app itself is safe for the user downloading it.
Edit: If I put a link to this app here will this thread be deleted? If so, is there an option to promote it here?
Per forum rules, link removed
bponury said:
I've written an app that allows to hijack FaceBook profiles over the WiFi
Click to expand...
Click to collapse
There's your answer.
JamesC_ said:
There's your answer.
Click to expand...
Click to collapse
+1 on that
if it allows you to hijack fb you can steal other information from the users account so why would they allow it and put themselves into a legal bind for doing so
JamesC_ said:
There's your answer.
Click to expand...
Click to collapse
So if it wasn't for this app you would be safe? No, facebook is ignoring users privacy and this app is nothing more then a good way to show people what could be the cost of not using secure connections. Of course this can be used in a bad way, a lot of apps can. Like sms bombing or phone number spoofing. But they are not removed from the marked do they?
Ethics
And even worse you want to get paid for it.
wdl1908 said:
Ethics
And even worse you want to get paid for it.
Click to expand...
Click to collapse
Yes, I know what ethic is however we're not living in a perfect world and just believing that everyone is good and ethical so I can just leave my door open when leaving the house is not going to protect me against the reality. I believe in http://en.wikipedia.org/wiki/Full_disclosure and this case is even better because FaceBook is aware of the problem and just ignore it. A few people are aware that there's an option to use SSL on facebook. In my opinion FB should just get it done right and force users to use it. It's not a problem these days right? And what is wrong in getting paid for my work. I've spent some time developing it. Security by obscurity is not working, really. Take my app for example it would take max 1h to crack it. It's not security it's just being to lazy to secure it. And hoping that no one would care to crack it.
sms bombing is not hacking someones account! you are just spamming someone with messages.
even if it is down to fb to let people know about security, the market owners can be sued for allowing such an app on the market. there are better ways of showing a person how unsecure a connection is without punishing them in such a way.
the secure connection is useful for public connections but some people may not want or need to use it at home so they have the ability to switch it on or off. apparently there are issues with some games on fb that are linked in with the use of the secure connection.
traumatism said:
sms bombing is not hacking someones account! you are just spamming someone with messages.
Click to expand...
Click to collapse
People are killed for spamming in russia (http://www.theregister.co.uk/2005/07/26/russian_spammer_killed/)
And what about spoofing caller id? AFAIK that things are valid in court cases in Poland.
traumatism said:
even if it is down to fb to let people know about security, the market owners can be sued for allowing such an app on the market. there are better ways of showing a person how unsecure a connection is without punishing them in such a way.
the secure connection is useful for public connections but some people may not want or need to use it at home so they have the ability to switch it on or off. apparently there are issues with some games on fb that are linked in with the use of the secure connection.
Click to expand...
Click to collapse
I don't know how to tell people - secure yourself any other way. I know i'm devils (myself) advocate right now, but really do you think that forgetting about insecurity is a good way? I don't force anyone to use it in a bad way. But after I showed how it works in my house all my room-mates turned SSL on instantly. And they were not mad about it, shocked a bit but now they are safer now. Sure you can just tell people - hey turn ssl on and 90% of them will ignore you. But when you show them - look! i can see your messages that easily if you don't do it. Then they would listen.
haha! So, if someone got a gun and went around shooting people in cars to proove that they should actually have bullet proof windows and burst-proof tyres, that it's all ok, and not in any way shape or form, illegal?
ha. ha.
infact op ip should be reported to facebook
By nature I wouldn't go near this app. If its collecting other peoples info I could be collecting my own. Thats how I see it logically ... people always get screwed when they are doing something they shouldn't be doing.
There is a place for all apps in this world be they good or bad. You could always host a site and put it on there. I wouldn't go near it cause once again I'd be afraid of whats laced on that site.
I was just providing another point of view to the convo.
MarkusPO said:
haha! So, if someone got a gun and went around shooting people in cars to proove that they should actually have bullet proof windows and burst-proof tyres, that it's all ok, and not in any way shape or form, illegal?
ha. ha.
infact op ip should be reported to facebook
Click to expand...
Click to collapse
So if you have a car that can be opened by someone who has a screwdriver wouldn't you want car manufacturer to secure your car. Buying a bulletproof car isn't exactly the same as pushing a button in a web browser isn't it? And you're comparing killing a man to posting "I'm a jackass on someones FB wall". But still, you can buy a gun right? Also pretending that there's no problem isn't fixing a problem.
And hey, this app isn't new you know, if it wasn't for this thread maybe you wouldn't know that people use this apps on PC's maybe one day you would find that all your mail is gone (yes, this app could be modified to work with other sites like this forum). And ask yourself wouldn't you be pissed if you've found out that anyone using your network could get into your bank account? Well I would. But most (all?) banks use SSL by default. Google does. Why FB doesn't?
hazard99 said:
By nature I wouldn't go near this app. If its collecting other peoples info I could be collecting my own. Thats how I see it logically ... people always get screwed when they are doing something they shouldn't be doing.
There is a place for all apps in this world be they good or bad. You could always host a site and put it on there. I wouldn't go near it cause once again I'd be afraid of whats laced on that site.
I was just providing another point of view to the convo.
Click to expand...
Click to collapse
Yes, in fact it needs root to modify iptables and send raw arp messages and I know people get scared when an app needs root. If someone is interested I could write here how it's done and anyone could write it. It's actually nothing magical.
I wrote this app as a project for my mobile programming class. In the first version it also sniffed for Gadu-Gadu messages (it's a polish messenger). But I sure hope that when and if this app let's loose than FB will react and enable ssl by default. Maybe other websites will use it too. It's just that easy to protect your users, I don't understand why they don't do it?
most people who do not want their details stolen, do not use public access internet. does FB take money transactions over their site?
google does and the banks do so they will have a secure section. fb may do this using paypal or google checkout or otherwise so may not need the ssl that the banks need. sure it still renders people vulnerable to attack and theft of other information but even so that information is very limited dependant on the user of the account.
traumatism said:
most people who do not want their details stolen, do not use public access internet.
Click to expand...
Click to collapse
Yes, so other people want their details stolen? You are aware of the problem 'cause your "into computers" but out of 500 milion fb users how many of them ever heard of SSL? How many know that they are unsafe?
well with the amount of messages being spread on fb already about this i think more people will know, but to let people know only by stealing their details is pathetic. sure you may have made this app for a project but why give other people the power to do this. all you are doing is providing more uses for those who like to make other peoples lives a misery. the best thing that could be done with this is to let the website provider know how unsecure their system is. especially if you are aware of the issue and are bothered by it. i know i'd do the same. if that didnt work, sure i'd tell people about it but i wouldnt sell an app on to others so they can make use of it. not even for free.
traumatism said:
well with the amount of messages being spread on fb already about this i think more people will know, but to let people know only by stealing their details is pathetic. sure you may have made this app for a project but why give other people the power to do this. all you are doing is providing more uses for those who like to make other peoples lives a misery. the best thing that could be done with this is to let the website provider know how unsecure their system is. especially if you are aware of the issue and are bothered by it. i know i'd do the same. if that didnt work, sure i'd tell people about it but i wouldnt sell an app on to others so they can make use of it. not even for free.
Click to expand...
Click to collapse
Sure I could write an e-mail to facebook, but this issue is known for years! http://en.wikipedia.org/wiki/Session_hijacking I am sure FaceBook is aware of it. In fact they've enabled SSL only a month ago (maybe two months) but why it isn't enabled by default?
who knows. perhaps issues with other applications on the website, or applications made to access facebook. they may have left it so they can cater for other applications for and on the site. only they can answer that question.
anyway, he just showed the spirit of a developer and created something new
he never told anyone "hey go hack facebook profiles" or "sniff those profiles, its fun"
he just showed the possibilites of android development and did nothing wrong in my opinion
it's not his fault if facebook is unable to close a security leak known for a long time
yeah dont get me wrong blezz i understand that completely. but the argument was as to why they would remove it. legality reasons would be tne main issue. to cover their own backs as they can in fact face legal action for allowing the app to become available in their market.
I don't see anything wrong with the app.
It shows the flaws of facebook, and the fact that no one in facebook cares enough to do anything about it. But then I understand whygoogle would remove it... If facebook decided to sue for this google would be sued not YOU.
so it would be best if you released it HERE on xda rather than the market
Hi ppl in the xda hood
I just write to let you know that ChompSMS has now been flagged as malware, both on 2 phone here locally with Avast as scanner, and subsequently by upload to Virustotal, and flagged by some of the major names too.
This concerns both the 5.30 and the update from tonight to v5.31
As Im new, I cannot post urls, but you can dump the apk from both versions, upload for a scan, and have a look at the report yourself from virustotal dot com
XDA must decide if its worth it alarming the community, but better safe than sorry, right?
I guess it could be a false positive, and I do know things should not be rushed about accusations of malware developing, but seeing that several of the major scanners is flagging it both before and after the update, certainly raises my concerns.
I hope those of you who knows your way around decompiling and analyzing code will look into this, so that we can get more eyes on it than "just" the AV companies reports.
Sincerely, Omnius
After a bit of micro-investigating I have so far found these domains in the code, so if you do HAVE to use ChompSMS, (I do) you can ad them to your HOST file, just for the sake of it.
I dont know when or why they will be used but as they are in the code, there is a potential connection lurking in it. Decide for yourself, untill further ppl have a close look than mine.
Im not a dev of any sort, but I do know how to poke around to learn. Therfore please do not just take my words for granted until more competent ppl here have their say.
I do know that a few of these is for "normal" android app ads, and analytics and so on, but these are my finding so far, so filter our what you like it to connect to yourself. If you dont mind ads connections in-app, serve your wish, so to speak.
millennialmedia.com
gateway.textfreek.com
report.bitesms.com
nexage.com
inapp.chompsms.com
adserver.com
greystripe.com
smsgateway.chompsms.com
m.advc.us
cvt.mydas.mobi
rest.starttalking.com
mobileads.google.com
I used to love chompsms... now i guess I'm using GoSMS...
Sent from my Nexus S using XDA App
All of them appear to be valid to the program. Half are ad for ads, the other half are for functionality in ChompSMS.
I would be careful on using go SMS as well.
Antivirus apps will pick up any app that by passes any normal OS use. This always has been and always will be the case.
Anything with ads will always be flagged as it connects to an unknown server.
zelendel said:
I would be careful on using go SMS as well.
Antivirus apps will pick up any app that by passes any normal OS use. This always has been and always will be the case.
Anything with ads will always be flagged as it connects to an unknown server.
Click to expand...
Click to collapse
chomp was never flagged before the 5.30 update a few days ago...
really bothers me, i love chomp. i donated to remove the ads. i'm hoping they fixed it with 5.31 and the virus scanners are just still reporting it as a false positive. until it's sorted out though, i uninstalled...
Update : avg doesn't detect anything wrong with the newest version, 5.31.
Lemme tell you...
I noticed the new permissions requested in 5.30 (special access to browser history/bookmarks), and kinda shrugged it off. Dumb move on my part. Immediately upon launching 5.30, I get a notification from ADWLauncher that it cannot fit a new shortcut on my desktop (because the main page was full). So I'm naturally all like WTF... so I flip through my desktop pages to notice that ChompSMS had made itself a shortcut to searchmobileonline.com.
I also heard that it replaces your default browser home page and search method with the same. I use xScope exclusively, so I haven't been able to check that yet.
Delicious, Inc. has really crossed the line with this latest stunt. What were they thinking!? ChompSMS was the best Android messaging app IMHO. Why jeopardize such a great reputation? If it's money they were after, I'd imagine they could've raked in a nice bundle of cash for selling the product to another company.
Does anyone have a copy of this apk that I could take a look at?
kyokeun1234 said:
I used to love chompsms... now i guess I'm using GoSMS...
Sent from my Nexus S using XDA App
Click to expand...
Click to collapse
GoSMS is a security risk
Sent from Narnia
xHausx said:
Does anyone have a copy of this apk that I could take a look at?
Click to expand...
Click to collapse
I know this is a old thread but better than starting a new one.
I would like to ask if there is any news on this. I love chomp SMS, imo the best messanger for my taste. I have bought the pro version, to stay away from ads and unnecessary internet data. I have chomp on a brand new phone, no sim card, no messages, just activated chomp and my firewall instantly found chomp active on internet. I watched this for some time and really chomp was trying to do something even I did nothing with it.
important note: there is no data mining in any of their terms. Or at least I did not find anything.
So I contacted chomp about the behavior and they said that "they never seen this before" and suggested reinstall. I did, didn't help.
On the second try, they told me that it is connecting because of ads, but I had the pro version (and they knew it). So no luck.
After the third attempt, they said that chomp is sending once a day info that it is installed so they know how many installs they have.
This sucks a lot. Security concerns appears instantly.
I think it would be worthy to literally sniff a bit around this, since so many people is using chomp.
Hey everyone,
As some of you may know, the Honor 8 (and other Huawei devices as well) have an issue with SMS syncing apps such as Pushbullet and MightyText.
After spending hours playing with various settings and testing like crazy, I have come to the following conclusion: There is something running in the background on this device preventing the messages from syncing back to the phone.
When sending a message from Pushbullet from my PC, it is delivered just fine to the recipient, however it shows stuck in pending status, and doesn't show in Textra, stock messaging app, Google Messenger or any other SMS app I've tested, even though it was delivered to the other recipient just fine.
Here's where it gets interesting...I installed Yappy on my PC, along with on the Honor 8, and installed both EvolveSMS and QKSMS. There are settings in both Evolve and QKSMS to enable Yappy integration. When turning this on, Yappy works perfectly. Messages sync properly, everything works great. My guess is that the messages are being routed through Yappy's servers and then synced back into the SMS apps. This is a half baked solution that myself, and I'm sure many others will not feel satisfied with, but it is a working temporary bandage.
The question is - what is causing Huawei devices to be preventing the messages from syncing? Adding it as a protected app doesn't help, and from what I have gathered from my testing, there is no setting that has helped it work. I think there's a possibility of the Huawei messaging process running in the background blocking the sync from happening, which brings up the question, how do we disable that process entirely and remove it?
If anyone has any ideas or further input, please share. Let's work together and axe this issue once and for all. There has to be lots of other Huawei users out there having the same issues!
spaceduck107 said:
Hey everyone,
As some of you may know, the Honor 8 (and other Huawei devices as well) have an issue with SMS syncing apps such as Pushbullet and MightyText.
After spending hours playing with various settings and testing like crazy, I have come to the following conclusion: There is something running in the background on this device preventing the messages from syncing back to the phone.
When sending a message from Pushbullet from my PC, it is delivered just fine to the recipient, however it shows stuck in pending status, and doesn't show in Textra, stock messaging app, Google Messenger or any other SMS app I've tested, even though it was delivered to the other recipient just fine.
Here's where it gets interesting...I installed Yappy on my PC, along with on the Honor 8, and installed both EvolveSMS and QKSMS. There are settings in both Evolve and QKSMS to enable Yappy integration. When turning this on, Yappy works perfectly. Messages sync properly, everything works great. My guess is that the messages are being routed through Yappy's servers and then synced back into the SMS apps. This is a half baked solution that myself, and I'm sure many others will not feel satisfied with, but it is a working temporary bandage.
The question is - what is causing Huawei devices to be preventing the messages from syncing? Adding it as a protected app doesn't help, and from what I have gathered from my testing, there is no setting that has helped it work. I think there's a possibility of the Huawei messaging process running in the background blocking the sync from happening, which brings up the question, how do we disable that process entirely and remove it?
If anyone has any ideas or further input, please share. Let's work together and axe this issue once and for all. There has to be lots of other Huawei users out there having the same issues!
Click to expand...
Click to collapse
I am not sure but some thread mentioned that MySms app works fine while others don't. Mean sync is not an issue for that if it is set as default app.
May be that can help someone in troubleshooting the exact problem.
(Just sharing what I read, not my personal observation)
Sent from my PLK-L01 using XDA Labs
MySms works absolutely fine, don't about pushbullet
I have the same problem with me Huawei P9
VINTAGEFRAMES said:
I have the same problem with me Huawei P9
Click to expand...
Click to collapse
This seems to be an issue with all Huawei devices from what I gather. Something within EMUI or their default messaging app seems to be causing the issue. It's definitely a dark cloud hanging over otherwise wonderful devices. Also, MySMS seems to be hit or miss as well. It's definitely a far cry from Pushbullet even if it does work.
Mods: Is there any way we could have this thread moved to a larger Huawei section for better visibility?
I have the same issue with EMUI 4.1 on the Honor Note 8. It seems to be related to EMUI shutting down background apps so the comms between the SMS app and the phone is not completed.
Will it work with a different launcher? or do a have to get a different rom?
VINTAGEFRAMES said:
Will it work with a different launcher? or do a have to get a different rom?
Click to expand...
Click to collapse
A different ROM is the best choice (not available for honor 8) and a launcher wouldn't change anything
spaceduck107 said:
This seems to be an issue with all Huawei devices from what I gather. Something within EMUI or their default messaging app seems to be causing the issue. It's definitely a dark cloud hanging over otherwise wonderful devices. Also, MySMS seems to be hit or miss as well. It's definitely a far cry from Pushbullet even if it does work.
Mods: Is there any way we could have this thread moved to a larger Huawei section for better visibility?
Click to expand...
Click to collapse
Just exchanged an S7 Edge for the Honor 8 yesterday. You're right about MySMS being hit or miss. I had it working the 1st time when I installed it and couldn't replicate it to work again after trying out AirDroid last night. lol I spent a good part of my morning trying to get it to work again and stumbled onto something. So far, it works great if I set MySMS as the default "Messaging" app on my Honor 8 and use it for my SMS/MMS needs. You still need to use the stock messaging app if you want to blacklist folks, though, but only for adding the entries and viewing any blocked messages.
Is there any solution for the original problem?
I'm using MS Cortana for the same purposes and actually I did not recognise this issue untill I read this post and found out I have this problem as wel.
muradulislam said:
I am not sure but some thread mentioned that MySms app works fine while others don't. Mean sync is not an issue for that if it is set as default app.
May be that can help someone in troubleshooting the exact problem.
(Just sharing what I read, not my personal observation)
Sent from my PLK-L01 using XDA Labs
Click to expand...
Click to collapse
Does the same problem occur if you were to use different SMS app.
Another option could be to try something else, yappy perhaps?
Let us know if you find anything
dmooney7291 said:
Does the same problem occur if you were to use different SMS app.
Another option could be to try something else, yappy perhaps?
Let us know if you find anything
Click to expand...
Click to collapse
If I remember correctly, there were at least two or three apps mentioned which were experiencing synchronization problems. Not sure whether yappy was one of them or not.
Ya. I use JIO messenger (JIO Voice) as default app in India. I also do have sync problems in my Honor 5X.
Couldn't find anything in XDA Rules about thread necromancy so I figured I'd reply here instead of making another thread. Has anyone found a solution to this problem? Hopefully one that does not involve upgrading to Nougat... Since I'm here, I'll throw up more info:
Sending a picture or a text to multiple people does work fine, the texts will show up. Looks like whatever is going on affects only SMS and not MMS.
I am able to send texts fine from my car's (2014 Honda Accord) bluetooth headset, they show.
Tasker also does not work.
Apparently not. P9 here. Just done a reset assuming it was something I'd installed. Pushbullet and Mightytext both still not working.
EVA-L09C432B378 (EMUI 5.0/Android 7.0)
I just got a P9 and have the same problems as everyone else. I have used mighty text for years without a glitch and now it's not sending my messages written on my computer back to the phone. What a drag. I just got the phone so I will send it back for an exchange. I does prevent other services like pushbullet as well. So bye Huawei.
aaa
Honor 8 here. MySMS works pretty well, only that the Win10 app sucks. Pushbullet and Airdroid don't work. The difference is that MySMS becomes the default messaging app and the others don't. That's all I can contrubute. This sucks. Lost half day today so far, especially with my very limited android knowledge...
Replaced my P9 with Moto. Everything functions as intended. Glad to get rid of the P9. Too many apps won't work.
Sent from my Moto G (5) Plus using Tapatalk
KURT.Beadles said:
Replaced my P9 with Moto. Everything functions as intended. Glad to get rid of the P9. Too many apps won't work.
Click to expand...
Click to collapse
EMUI is crap.
sniperlife:D said:
EMUI is crap.
Click to expand...
Click to collapse
It actually is. A modern crappy horror story. Which makes a LOT of apps unworkable.
Sent from my Moto G (5) Plus using Tapatalk
Here is a Link a video I just posted on YouTube showing what I'm referring to below did blur out any and all of my personal information, I hope that it does not violate and rules, laws, or policy's. *Side note I somehow messed up the audio & I don't usually sound like a dude
I don't know the correct place for this post even after reading the thread for such things and I did try the search function and still was unsure.
If this post is deleted for incorrect topic forum please advise me of the correct place, if there is one.
I am having this weird thing going on with my phone and I cannot find anything similar to the issue online, and it's highly probable it's somehow user error.
Since I don't know where to turn to for advise (I am aware factory resetting it will probably resolve it but I want to know what is causing it as well as fixing the issue), I figured I would start here as this has been the best source of information on past android questions I've had in the past.
I have contacted the Varo Bank (the new Varo Bank app) support and their developers through the their beta tester app. No response yet (5 days).
The reason for this post... Over the past 2 weeks or so I will hear a (new) tone then my phone opens up my main banking app (Varo Bank). This happens again and again sometimes it only happens a few times a minute others it's 6-7 times in a minute to where my phone is nearly unusable. It can happen anytime my phone is unlocked including while I'm on a call, after restarting phone, on and off wifi, cellular, &/or airplane mode, even while I am already in the banking app. I originally assumed it had to do with some sort of shortcut or where it was located on my home screen. So first I moved it, then when that didn't work, I deleted it for every page except my app drawer. Since non of those issues resolved the issue, I checked for software updates of both my phone and the app itself, yet they were both at the most recent versions. Although I NEED the app for obvious reasons, I decided to uninstall the app. After it was uninstalled I restarted my phone and as soon as I unlocked it I heard the "Ba Ding" sound again, but this time it took me to the Google play store for the same Varo Bank app I had just uninstalled. At this point I joined their beta testers then reinstalled the Beta version of the Varo Bank hoping that if it is the banking app that's causing the issue that would resolve it or I would have a better chance of contacting their developer's or technical support. I have sent 2 emails to their general Support and left a comments on the play store for the app which goes to the developers and is not a public comment. It has been 5 days and I have yet to get a response that wasn't autogenerated.
Sorry for the poorly written, LONG post, this is just driving me crazy. Thanks in advance for any advice, comments or possible direction on where to turn for answers or support.
Lisa Nicole
Hi, to me this sounds like a really terrible bug on the banking app you are using or a virus. Would assume the latter.
I have two separate banking apps on my phone and never ever experienced my apps opening on thier on, even redirecting me to install it again after uninstall.
If it were a phone bug, it would do this with any app not just your banking app.
I could be wrong in my assumptions, just trying to advise you to be careful.
I would, backup my data, format and start fresh.
@soka said:
Hi, to me this sounds like a really terrible bug on the banking app you are using or a virus. Would assume the latter.
I have two separate banking apps on my phone and never ever experienced my apps opening on thier on, even redirecting me to install it again after uninstall.
If it were a phone bug, it would do this with any app not just your banking app.
I could be wrong in my assumptions, just trying to advise you to be careful.
I would, backup my data, format and start fresh.
Click to expand...
Click to collapse
Ya I figured as much, I just really loathe the thought of having to do a fresh install, because my phone storage organization is non existent. Regardless I'm hoping to draw some attention to the issue, with whatever the issue may be. Varo the name has been around for awhile, but they just recently became an actual independent bank (they were under Bank Corp before.
I can't be, nor will I be the only customer with this issue not to mention it's my understanding that you "have" to use the app, due to very limited web capabilities. I have not verified that myself though.
So we'll see if this helps get since attention for the issue
I am getting the same error, but only with the Varo app, nothing else.
I have the same issue that just started this week on my Pixel 7. Did you just add it to your GPay or Wallet recently?
I've known for 2 years I've been hacked. Everyone I know thinks I'm crazy because for 2 years I've been convinced that my phone was being controlled remotely even though I've changed devices, profiles, and deleted more apps than I can count. Finally yesterday I dicovered Total Virus Scan and it found this. I've had at least 50 antivirus apps with no success and I was not sure if maybe I wasn't a going crazy. I even would stop using my phone for a month or more at a time because that was the only time I had issues. Whoever is behind this has taught me everything I know about android and hacking by directing me in a way that is hard to explain. I'd just see what they wanted me to do by a random page that would pop up, or sentence highlighted, or other discreet cues. If I have not had 100% accuracy on certain issues I've been informed about by following these cues I would be certain I was crazy but there has been like 50 personal issues I've been informed about by following these cues and not a single time has it been we wrong. Unfortunately I let it consume me for about a year and almost ruined my life because of it and what I've learned has seriously altered my life. Yesterday Total Virus Scan found this Keylogger, 2 Trojan, RAT in OS. How do I remove these from my OS andcatch who is behind this? Attached is screenshot of the 4 issues found. Also on SD Maid it said my device wasn't rooted but had a built-in superuser app. Can't find the screenshot I had of that but had a url of toybox. A bunch of numbers then said [email protected] something. Any help will be much appreciated. Thank you in advance.
Could you try to create a backup of those apps and upload somewhere? Maybe it is possible to check it
Try to uninstall those apps with an app uninstaller
If you are unable to uninstall those apps they might be deeply installed? Ive been under the same situation 4-5years ago
Maybe a firmware reflash would do the job but everything will get deleted so try to backup everything
DrunkTrooper said:
Could you try to create a backup of those apps and upload somewhere? Maybe it is possible to check it
Try to uninstall those apps with an app uninstaller
If you are unable to uninstall those apps they might be deeply installed? Ive been under the same situation 4-5years ago
Maybe a firmware reflash would do the job but everything will get deleted so try to backup everything
Click to expand...
Click to collapse
It's not the apps. From what I've read one of the Trojans, the one in Google framework, is a dropper and reproduces and hides them in legit clean apps. That is why antivirus software doesn't pick them up. I've done at least 100 scan's with every malware finder I can find and this is the first time I have gotten a hit on anything but I know for a fact it's been there for at least 2 years. Everything I know about android whoever this person is taught me. It's almost as if they are a friend because they've directed me to learning about someone close to me who was doing me wrong, taught me everything I know about android and hacking, it's crazy man. I can't explain how they communicate with me all I can say is I will just see it and know. Something highlighted briefly, a random page popping up that directly coorilates with what is happening in my life, but also have tried getting money out of me and removed pictures of my wife from my device. I want to find out if it's someone I know before I remove it. If so, I'm thinking criminal charges and anything else I can do to mess with their life like they have mine. They truly destroyed my life for about 18 months and just now getting everything back together. I don't really talk about it anymore because everyone thought I went crazy but still privately search for the cause and who wmis behind it and yesterday I finally found it. Showed my mother and step son and even with these screenshots they still say I'm crazy and seeing things. Just glad I finally have proof. I can't explain what it's like to have EVERYONE around you saying you are crazy and seeing things that aren't there and knowing you aren't. It really sucks and I wouldn't wish what I've experienced the last couple years on my worst enemy.
EJay80 said:
I've known for 2 years I've been hacked. Everyone I know thinks I'm crazy because for 2 years I've been convinced that my phone was being controlled remotely even though I've changed devices, profiles, and deleted more apps than I can count. Finally yesterday I dicovered Total Virus Scan and it found this. I've had at least 50 antivirus apps with no success and I was not sure if maybe I wasn't a going crazy. I even would stop using my phone for a month or more at a time because that was the only time I had issues. Whoever is behind this has taught me everything I know about android and hacking by directing me in a way that is hard to explain. I'd just see what they wanted me to do by a random page that would pop up, or sentence highlighted, or other discreet cues. If I have not had 100% accuracy on certain issues I've been informed about by following these cues I would be certain I was crazy but there has been like 50 personal issues I've been informed about by following these cues and not a single time has it been we wrong. Unfortunately I let it consume me for about a year and almost ruined my life because of it and what I've learned has seriously altered my life. Yesterday Total Virus Scan found this Keylogger, 2 Trojan, RAT in OS. How do I remove these from my OS andcatch who is behind this? Attached is screenshot of the 4 issues found. Also on SD Maid it said my device wasn't rooted but had a built-in superuser app. Can't find the screenshot I had of that but had a url of toybox. A bunch of numbers then said [email protected] something. Any help will be much appreciated. Thank you in advance.
Click to expand...
Click to collapse
You need to utube Beef, it's a exploit that takes over your browser that's started with script embedded in a web page, text, messenger msg, etx. You may confuse it with malware because the attackers will gain the same info if not more by using social engineering.
remove all google accounts from settings, perform a factory reset, create new google account and check Total Virus Scan again.
You can use same google account just don’t restore data
Arealhooman said:
You can use same google account just don’t restore data
Click to expand...
Click to collapse
I don't recommend this as google account is device administrator, anyone knowing that password can remotely install apps