Question Active hacker in my phone and this computer Help me - Samsung Galaxy Z Flip 3

So far he has deleted all the bookmarks that I saved from this site. The phone RCS doesn't work anymore. They can listen to phone call and terminate them and spoof incoming calls. I sent one phone to Samsung to be reviewed. At the end of 3 week review they sent me a check for the phone and I bought another one from ATT and I still have this problem. So I would appreciate it if someone could give me some direction for this Flip 3. I like the phone. I am a engineer and designed a few devices using ESP32's. So I know how to flash. I just need to lock this phone down and I will deal with the computer problem later...

Infections across multiple platforms is almost unheard of... what did Samsung find?

It isn't an infection. They are exploiting both devices. I run Norton 360 on both systems. It only slowed them down. And they are 24/7 on me like ex NSA. They haven't stolen anything but they are malicious. Samsung never said. The only thing that said is to buy a different phone. ATT has a open fraud case open because they saw the Tag phone and I changed the phone number several times like some drug dealer with different sim cards.

I feel like I am in the movie Enemy of the State except I am Will Smith and Gene Hackman rolled up into one.

cjdee1 said:
It isn't an infection. They are exploiting both devices. I run Norton 360 on both systems. It only slowed them down. And they are 24/7 on me like ex NSA. They haven't stolen anything but they are malicious. Samsung never said. The only thing that said is to buy a different phone. ATT has a open fraud case open because they saw the Tag phone and I changed the phone number several times like some drug dealer with different sim cards.
Click to expand...
Click to collapse
AT&T has an open fraud case on you... or "them"?
Did malicious things? Losing bookmarks is pretty common and usually has nothing to do with being hacked.
Change Google account and password.
Reset all other accounts the same way on a clean Android. Allow no one physical access to the device and most importantly be careful what you install and download.
Most users don't need a hacker to stalk them; they do it themselves by careless installs and downloads. I'll remind you that XDA is a site filled with hackers... mostly peaceful.

I'm sorry for your troubles, most days hacking isn't needed. Really to get into someone's account these days you need personal information which is freely givin on social media and whatnot. You should get with Google and do a massive security checkup. Change password turn on 2FA...the whole swizzle. If all else fails, create a new account completely separate from the affected account/device and start fresh

I opened the Fraud case. They provided the documentation. This has been going on since last year. There was a white paper that came out in November how the media player was being use to hack in. I deal with this problem every day. One would think they would give up. I have another 20 computers in my office that I am replacing once I get my end under control.

Hmm... maybe move all your info to a new account (make the account on a different IP address so like have a friend make it maybe) cuz from my understanding- the hacker finds you on even a new phone? delete the accounts that are being hacked and uh- idk what else really
delete the apps that are being infected

Purge everything from everywhere and start fresh. Honestly Norton and other programs for virus protection aren't really helpful anymore. I do not see a point in using them when Microsoft does a great job just on their own. It's possible that it could be the cause most of the time anti-virus programs that aren't part of the main OS are the problem

Also another note, anything with a Snapdragon and made for the US is locked down. Means no flashing no anything. Best bet for a device us find a good old phone that has a lot of support and flash anything on it

Dr.Lost said:
Also another note, anything with a Snapdragon and made for the US is locked down. Means no flashing no anything. Best bet for a device us find a good old phone that has a lot of support and flash anything on it
Click to expand...
Click to collapse
If you go below Android 9 you will introduce a slew of high risk vulnerabilities including some the worst rootkits. If you're really concerned use the latest version of 12 with fully active scoped storage and the mess that it is...
In general don't use wifi on Androids.
Keep bluetooth off if not using.
Install only vetted apps. Scan with online Virustotal.
Keep all downloads in the download folder until vetted. Scripted malware jpegs, pngs are real and may evaded conventional detection. If they get into a database they will raise hell until deleted; open all jpegs in download folder before transferring them and check for changes in that folder
Keep all email in the cloud, avoid downloading any attachments unless absolutely necessary.
If malware is suspected, delete it or factory reset within 2 hours. Reset passwords.
Time stagger backups so they don't all get infected if there is an incident. Backup redundantly to 2 or more hdds that are physically and electronically isolated from each other and the PC. Use only a known clean PC to access those backups... cross platform malware jumping is rare, cross drive jumping is not.

blackhawk said:
Infections across multiple platforms is almost unheard of... what did Samsung find?
Click to expand...
Click to collapse
Unheard of? Absolutely not, rare on a cell phone, maybe? I don't know really but it is possible especially if OP pissed off the government
Good luck OP

When it comes time to switch to a new phone, ATT should be moving you to a new account with a fresh SIM. Don't transfer anything. Install anything you had fresh and set it up fresh. If they are giving you a new SIM or attaching the new phone to the same account and someone gained access to the account, they're still being fed every new number and IMEI.
As for pictures and stuff, get a USB-C compatible hard drive. Move it to that. Make sure your virus scanner on the computer is updated and either yank the LAN cable or turn off the router before connecting and scanning it. Once it's clean, connect the drive to the new phone and not the computer.
Sounds like someone cloned your ESN and SIM based on what they were doing. Synced items could be manipulated through a PC hack and one good run of the right software with your phone on the same network made it a phone issue.
Oh, and if they didn't or don't already do it, make sure ATT logs your previous devices "lost or stolen" to blacklist the IMEI. That should also make a clone useless for as long as it's a clone.

if you are suspecting a hack, then report to samsung members app > get help > error report asap for help from samsung's hacking issue team

luigi90210 said:
Unheard of? Absolutely not, rare on a cell phone, maybe? I don't know really but it is possible especially if OP pissed off the government
Good luck OP
Click to expand...
Click to collapse
If you download malware files a PC is suspectable to, yes, but generally an infection on an Android doesn't cross platform infect a PC.
It's important to nip any malware in the bud and to isolate that device immediately to limit damage. Any device with malware that I can't erraticate completely within 1 to 2 hours gets nuked, data and all, factory reset. Data is restored then via offline backups.
My PC never has internet access and that's one less huge vector for infection. Even then my backup data drives are isolated from the PC unless in use... multilayered security.
If the DOD, AEC, FBI etc are interested in you, you'll never know it unless they want you to know. When on stake out they always operate as teams. One team is high exposure to gain maximum information and maybe detected but a second picket fence approach team is already in place if the primary team is exposed. Of course they share all knowledge gleaned. The second team you will likely never detect.
Fun fact; field FBI Agents blend in, can be wearing blue jeans, orange vest, 3 piece, anything but low key and drive midrange priced cars that are slightly dirty. The way you ID them is by their behavior and at times location.
If you're not on their menu they may even have a benign friendly conversation with you. They are interesting to chat with.

There is an app on the phone com.qualcomm.atfwd Is that a valid program for this phone. I got my old CDMA phone up on t mobile I had the data turned off because it was useless to me. I came back home and I saw the 2 forks moving. The data was turned on and Norton firewall blocked entry and I had the wifi in airplane mode on the computer. Now I have skills, the average person would never know. This is why I need a phone that I can lock down.
I believe it started with the phone and then I used samsung pc software which hacked the computers that I used. I have all the 25 zip files from one phone before it got a change to load. Anybody interested in them?
The phones have 422 files installed.

cjdee1 said:
There is an app on the phone com.qualcomm.atfwd Is that a valid program for this phone. I got my old CDMA phone up on t mobile I had the data turned off because it was useless to me. I came back home and I saw the 2 forks moving. The data was turned on and Norton firewall blocked entry and I had the wifi in airplane mode on the computer. Now I have skills, the average person would never know. This is why I need a phone that I can lock down.
Click to expand...
Click to collapse
WiFi Screen mirroring.

cjdee1 said:
There is an app on the phone com.qualcomm.atfwd Is that a valid program for this phone. I got my old CDMA phone up on t mobile I had the data turned off because it was useless to me. I came back home and I saw the 2 forks moving. The data was turned on and Norton firewall blocked entry and I had the wifi in airplane mode on the computer. Now I have skills, the average person would never know. This is why I need a phone that I can lock down.
I believe it started with the phone and then I used samsung pc software which hacked the computers that I used. I have all the 25 zip files from one phone before it got a change to load. Anybody interested in them?
The phones have 422 files installed.
Click to expand...
Click to collapse
Interested in potentiality infected files?
Wanna do malware jpeg swap?
Seriously... scan them with online Virustotal.

I guess that could start over as a last resort. The funny thing is I don't do anything illegal. Who ever it is will be wasting time and costing me time. I am sure they are getting screenshots but I don't think that they do it live. On the PC I have zero'd out the drive but the bios is another way. It started when I backup the phone using different computers on my network.

cjdee1 said:
I guess that could start over as a last resort. The funny thing is I don't do anything illegal. Who ever it is will be wasting time and costing me time. I am sure they are getting screenshots but I don't think that they do it live. On the PC I have zero'd out the drive but the bios is another way. It started when I backup the phone using different computers on my network.
Click to expand...
Click to collapse
Is the router updated and secured? Lock it down even if you need help to set it up.
On the PC you should try to ID what the malware is and make sure the databases are clean of it before reloading. Protect all backup drives until the PC is known clean.
The bios can easily be reflashed.

Related

Anti-Theft Software for Windows Mobile

Greetings,
I recently had my phone stolen when someone smashed my car window and grabbed my phone and GPS unit. I was thinking about ways to either deter theives or perhaps even catch them after the fact.
My first thought was some sort of program on the phone that would send information about the phone back to a user specified email address. For example, let's say the person installs a new SIM card and powers up the phone. The program could auto-run and send you the new phone number now assigned to the phone. I am not sure how this would work for non-SIM phones as I don't understand how those phones get their "phone number". In addition to the phone number it could send any informaiton like Owner Info that also might help identify the person now in possession of the phone.
My second thought was why not tap into the GPS device that so many phones are now equipped with and send GPS coordinates as well. This might be difficult if the phone company locks access to the GPS functionality.
Last but not least I was wondering if there might not be a way to determine that a new SIM card was installed, even if a master reset was done on the phone. The big problem here is that you would need to have the code included as part of the firmware as a master reset might possible wipe out any internal memory on the phone. It might be interesting to flash a warning on the main screen of the phone indicating that "This Phone is Stolen" if someone tried to put their own SIM or reprogram the phone with their phone number.
Naturally I know you can "lock" the phone which will render it useless but that won't necessarily help you get it back. I figure most of these "smartphones" have enough intelligence to at least send out a text message or something.
Has anyone seen anything like this or have any ideas on what might be possible?
Thanks
TC
There are several different software packages that already do this. One is called W.I.M.P. - Where Is My Phone:
http://www.wimp-software.co.uk/
Doh! I should have used Google.
Thanks for the tip.
Anyone using WIMP? I have the demo version and am having issues getting the GPS to work. Windows Live and Google Maps work fine. Not sure why WIMP is having issues.
What???
cowboyshootist said:
I recently had my phone stolen when someone smashed my car window and grabbed my phone and GPS unit.
Click to expand...
Click to collapse
Why would you leave this laying around in you car? My Tilt (or any phone for that matter), electronic device, and wife () always leave the car with me....
mchapman007 said:
Why would you leave this laying around in you car? My Tilt (or any phone for that matter), electronic device, and wife () always leave the car with me....
Click to expand...
Click to collapse
Well, I was heading into the LA Fitness gym in Mill Creek WA. There are generally lots of people coming and going in and out of the gym and Mill Creek is not what you would call a high crime area. The phone was not in plain sight but in the cup holder between the front seats and you would have to look real hard to even know it was there.
It was actually the GPS unit that attracted the thief. Normally I put that in the glove box and take my phone with me but as I mentioned above I didn't think I was in an area where I had to worry about car break-ins.
Even so, phones get stolen all the time. My daughter had hers stolen right out of her purse at her High School. It can happen even when you don't think it can. Applications like WIMP or PhoneBak are the only defense you have against something like this. Given the technology that exists in smartphones there's no reason they can't report themselves stolen and if they have gps (like the Moto Q9) even give you their location.
The funny thing is the thief was stupid enough to put his contacts onto the phone without having done a hard reset. The next day all his contacts were synch'd to my new phone and I now know who stole the phone.
Sprite Terminator is another one that does all of the things you want, remote lock / wipe / gps , etc
Thanks Dave.
KMS
Dave G said:
Sprite Terminator is another one that does all of the things you want, remote lock / wipe / gps , etc
Click to expand...
Click to collapse
There's also Kaspersky Mobile Security for XDAs - you can block sms acces, wipe PIM data and it has a nice little feature that will send out SMSs to two numbers of your choice if the SIM is swapped, then block the unit until you enter a code - thus giving you the new mobile number to take to the police! only takes them about 20 mins to find the name and address of the thief!
http://www.kaspersky.co.uk/kaspersky_mobile_security
And it's got a firewall and antivirus thrown in, too!
Bird
Bird_FAT said:
There's also Kaspersky Mobile Security for XDAs - you can block sms acces, wipe PIM data and it has a nice little feature that will send out SMSs to two numbers of your choice if the SIM is swapped, then block the unit until you enter a code - thus giving you the new mobile number to take to the police! only takes them about 20 mins to find the name and address of the thief!
http://www.kaspersky.co.uk/kaspersky_mobile_security
And it's got a firewall and antivirus thrown in, too!
Bird
Click to expand...
Click to collapse
Thanks. I was aware of this product. I am not too keen on annual subscriptions but it certainly seems to have all the features you might want for cellular phone security.
Mobile justice, it's freeware.
Bye
Hi if you installed kaspersky mobile security latest version, and you forgot the code? how can you reset code or change code to newone?
Thanks

Got my stolen phone back!!!! Things to be considered...

Hi developpers. I
My droid phone verson 4.1.2 was stolen last friday. But I was able to track the phone, confront with the thief and recover my phone two days later.
And that's why I am writing in this forum, because I want to share my experience and see if things can be done.....
The thief, stupid guy, removed all my sim cards (dual sim) and removed the memory card, but failed to do the necessary resets and did not remove my google account.
I don't want any lock screen system on my phone. And I strongly recommend everybody not to put a lock screen protection on your phone, because if there is one, the phone might just end straight into the trash bin, and you'll be left with no chance to find back your beloved Droid.
Let the thief in his beliefs it's his lucky day.... he has a nice unprotected full useable phone....
Also have Remotely locate this device enabled in the google settings, or get one of these hidden tracking apps on your phon.. Also enable allow remote lock and factory resets. The thief was so stupid he forgot to disable this feature of the phone.
Now here is my point. The Google Settings should be password protected. And it should be a shared password with the phone settings/Personal/ BACKUP AND RESET option.
At least, password protecting these two sections of the phone will avoid the thief to:
1. Disable the geo location of your phone
2. Doing a factory reset or remove any of the accounts on your phone.
Unless the thief is also a hacker, you will always be able to track your phone and get it back.
In my case, I tracked down the thief, up to 4m accuracy. I also have a Bluetooth speaker. I went to the Geo location and my Bluetooth speaker confirmed big time the phone was at this location.
Another thing to consider is to build INTO the OS itself is the option to track your phone. There are many programs on Google Play, but they can all be removed easily with a simple factory reset. This kind of software should be build in INTO the phone's OS itself.
Good luck to all of you who get your phone stolen!
oz457 said:
Hi developpers. I
My droid phone verson 4.1.2 was stolen last friday. But I was able to track the phone, confront with the thief and recover my phone two days later.
And that's why I am writing in this forum, because I want to share my experience and see if things can be done.....
The thief, stupid guy, removed all my sim cards (dual sim) and removed the memory card, but failed to do the necessary resets and did not remove my google account.
I don't want any lock screen system on my phone. And I strongly recommend everybody not to put a lock screen protection on your phone, because if there is one, the phone might just end straight into the trash bin, and you'll be left with no chance to find back your beloved Droid.
Let the thief in his beliefs it's his lucky day.... he has a nice unprotected full useable phone....
Also have Remotely locate this device enabled in the google settings, or get one of these hidden tracking apps on your phon.. Also enable allow remote lock and factory resets. The thief was so stupid he forgot to disable this feature of the phone.
Now here is my point. The Google Settings should be password protected. And it should be a shared password with the phone settings/Personal/ BACKUP AND RESET option.
At least, password protecting these two sections of the phone will avoid the thief to:
1. Disable the geo location of your phone
2. Doing a factory reset or remove any of the accounts on your phone.
Unless the thief is also a hacker, you will always be able to track your phone and get it back.
In my case, I tracked down the thief, up to 4m accuracy. I also have a Bluetooth speaker. I went to the Geo location and my Bluetooth speaker confirmed big time the phone was at this location.
Another thing to consider is to build INTO the OS itself is the option to track your phone. There are many programs on Google Play, but they can all be removed easily with a simple factory reset. This kind of software should be build in INTO the phone's OS itself.
Good luck to all of you who get your phone stolen!
Click to expand...
Click to collapse
This is why you should use Software to prevent this. There are lots of tracking/AntiThief Software available. Noone will put it to trash when its locked,
mynote said:
This is why you should use Software to prevent this. There are lots of tracking/AntiThief Software available. Noone will put it to trash when its locked,
Click to expand...
Click to collapse
The question is if software will really help....
You're lucky.
The thief, stupid guy. If He smart than, he can google and reboot your phone in to recovery, and he can Wipe all of your data.
And your phone will gone forever
andy-q said:
The question is if software will really help....
Click to expand...
Click to collapse
Yes. It is. 9 of 10 of my customers are happy and got ist device back after stolen/lost.
Just for the statistics..
The only shortcoming with the tracking/remote lock/wipe abilities is that they can still be defeated through CWM or whatever recovery is being used. That said, in most situations involving theft the thief doesn't have this level of knowledge to consider this step.
What's interesting to me is that so many people still steal phones for personal use, but I guess the stolen ESN database isn't far reaching enough yet to make it a stolen phone worthless for use yet. There is still some cash to be made selling them off for the hardware, but grabbing someone's phone doesn't seem worth a felony IMO.
As to the OP, a lock screen isn't worthless, especially if you have a non-removable battery. Most phones with them--an active lock screen I mean--either won't allow or can be set to disallow the phone being turned off without the code/pattern/password being entered, meaning if your phone is tossed in the trash it can still be recovered. That is one feature that will always make an integrated battery a plus. Even without one, there's the chance that the thief isn't going to take the time to pull the battery once he see's there's active security anyway.
MissionImprobable said:
The only shortcoming with the tracking/remote lock/wipe abilities is that they can still be defeated through CWM or whatever recovery is being used. That said, in most situations involving theft the thief doesn't have this level of knowledge to consider this step.
What's interesting to me is that so many people still steal phones for personal use, but I guess the stolen ESN database isn't far reaching enough yet to make it a stolen phone worthless for use yet. There is still some cash to be made selling them off for the hardware, but grabbing someone's phone doesn't seem worth a felony IMO.
As to the OP, a lock screen isn't worthless, especially if you have a non-removable battery. Most phones with them--an active lock screen I mean--either won't allow or can be set to disallow the phone being turned off without the code/pattern/password being entered, meaning if your phone is tossed in the trash it can still be recovered. That is one feature that will always make an integrated battery a plus. Even without one, there's the chance that the thief isn't going to take the time to pull the battery once he see's there's active security anyway.
Click to expand...
Click to collapse
yeah, true. Anyway. Even if you are just loosing your phone instead of getting stolen..
I consider that the thief will trash the phone when there is a lockscreen. Mostly the thief will try to look for "Reset-Possibilities". If you have a good AntiThief Software you may also disable the lockscreen when you feel that its the only way to get it back.
Anyway, there is Google Android Device Manager now which can get your device back easily..
When stolen/lost phone comes back I would check it for spyware
2 stolen phones never came back to me. :'(
Grievances. RIP .
alaminok said:
2 stolen phones never came back to me. :'(
Grievances. RIP .
Click to expand...
Click to collapse
I never got my stolen items back either but grats to the OP
This is the perfect thread for a question I've had ever since I came to the Android family from my iPhone.
On my Jailbroken iPhone I was able to download an app that took a picture with the front camera and sent it to the email of my choice every time the wrong password was entered, the photo came along with the GPS location of the phone and time.
Is there anything like this available for us
Sent from my SM-N900P using Tapatalk now Free
yoboyheartless said:
This is the perfect thread for a question I've had ever since I came to the Android family from my iPhone.
On my Jailbroken iPhone I was able to download an app that took a picture with the front camera and sent it to the email of my choice every time the wrong password was entered, the photo came along with the GPS location of the phone and time.
Is there anything like this available for us
Sent from my SM-N900P using Tapatalk now Free
Click to expand...
Click to collapse
Here Try Ceberus, its a paid app but worth it and you can have up to 5 devices at once, it even disguies itself as a system app you can view calls, text messages and even make the phone call any other phone track it via GPS..... a bunch of features
(Heres some features It has three ways to protect your device:
- Remote control through the website www.cerberusapp.com
- Remote control via text messages
- SIM Checker (for devices that have a SIM card): you will automatically receive alerts if someone uses your phone with an unauthorized SIM card
Remote control allows you to perform many operations on your device, like:
- Locate and track it
- Start a loud alarm, even if the device is set to silent mode
- Wipe the internal memory and the SD card
- Hide Cerberus from the app drawer
- Lock the device with a code
- Record audio from the microphone
- Get a list of last calls sent and received
- Get information about network and operator the device is connected to
- And much more!)
Link---> https://play.google.com/store/apps/details?id=com.lsdroid.cerberus
if thieves are smart, they would have been reading xda
but thanks
If thieves were smart, they would be educated enough to get a job and buy their own sh*t!
I use Cerberus as well on both my droids. Very neat app, and even more advanced than FindMyiPhone or whatever it's called again. Recommended with root for all features though.
Glad you got lucky and a non-tech savvy thief stole your phone.
cerberus
Cerberus celebrates 3rd birthday with free licenses for the next 30 hours
http://phandroid.com/2014/04/24/cerberus-3rd-birthday-free-license/
I had a phone lost/stolen. It is such a personal item it is like having your wallet stolen. Fortunately I never use the remember password feature for any apps, and have an encrypted password file I keep up to date and backed up.When I lost my phone I went to all the sites and changed my passwords. What a pia, but it is some peace of mind. Took many hours.
With t-mo, they have this feature available that takes a picture after 5 mis-trys and emails it along with the location, T-mo will also erase the phone and reset the lock screen pattern, It works pretty good because I have sent numerous pics of myself from fatfingerin the unlock.and checked the map to verify.
I prefer Cerberus...
oz457 said:
Hi developpers. I
My droid phone verson 4.1.2 was stolen last friday. But I was able to track the phone, confront with the thief and recover my phone two days later.
And that's why I am writing in this forum, because I want to share my experience and see if things can be done.....
The thief, stupid guy, removed all my sim cards (dual sim) and removed the memory card, but failed to do the necessary resets and did not remove my google account.
I don't want any lock screen system on my phone. And I strongly recommend everybody not to put a lock screen protection on your phone, because if there is one, the phone might just end straight into the trash bin, and you'll be left with no chance to find back your beloved Droid.
Let the thief in his beliefs it's his lucky day.... he has a nice unprotected full useable phone....
Also have Remotely locate this device enabled in the google settings, or get one of these hidden tracking apps on your phon.. Also enable allow remote lock and factory resets. The thief was so stupid he forgot to disable this feature of the phone.
Now here is my point. The Google Settings should be password protected. And it should be a shared password with the phone settings/Personal/ BACKUP AND RESET option.
At least, password protecting these two sections of the phone will avoid the thief to:
1. Disable the geo location of your phone
2. Doing a factory reset or remove any of the accounts on your phone.
Unless the thief is also a hacker, you will always be able to track your phone and get it back.
In my case, I tracked down the thief, up to 4m accuracy. I also have a Bluetooth speaker. I went to the Geo location and my Bluetooth speaker confirmed big time the phone was at this location.
Another thing to consider is to build INTO the OS itself is the option to track your phone. There are many programs on Google Play, but they can all be removed easily with a simple factory reset. This kind of software should be build in INTO the phone's OS itself.
Good luck to all of you who get your phone stolen!
Click to expand...
Click to collapse
Thank you so much for all the info. My biggest concern would be confronting the thief. What did you do? Wait for them to leave their house/apartment and confront them? Or did you confront them in some other way? I guess I would struggle between wanting my beloved phone back and being worried about the thief being a crazy person who might shoot me or something.
This Was Very Helpful
This is Very Helpful, We Wish We Had Known this when we had our phone stolen, I spent endless hours trying to locate my phone to no avail, thank goodness the Police were able to recuperate the phone, but only because the thief had stolen a number of other devices in the area, if I had known this information I would have saved myself hours of frustration !! BTW, Thank You For Sharing This !

Security to phone, computers, email, entire network is compromised

My question or rather my pleed for answers does not just pertain to android os but I have relied on this site for many answers and have always found a solution just from searching around on here so I know there are very capable members on this site that can help. My problem began over 4 months ago when my home computers were compromised. I assumed it was just a simple virus but soon learned that someone had actually hacked into my home network for what I believe is or was an attempt to retrieve trade secrets. Shortly after i realized that data was being sent to someone through the fax system on my pc and data distribution software had been installed along with a large amount of .dll and legacy items, The admin rights were taken from me and the registry was completely modified which disabled me from having any permissions and kept me from doing anything on the pc. I went out and purchased a new router, got out an older pc, and I put a password of around 20 mixed numbers and letters. 5 minutes after I had set up the new router and pc I noticed through the network map that there was someone else on what I assumed was a secured network. The router was a netgear. First thing I done was change the default password and block any remote access in the network wizard. My next step was to pay the so-called experts (Geek Squad) to solve the security issue. I purchased their 1 month special that entitled me to 1 month of tech support and 3 free pc fixes. after purchasing a windows 7 restore disk I took 3 pc's to a local Geek Squad location to have them restore the Pc's and install what was suppose to be a hack proof software. They only fixed 1 pc, told me the software would keep the hacker out. 5 minutes after i logged into my network here comes all the windows updates (around 50) along with numerous programs. Needless to say I lost my admin rights within an hr. Here we are now, only using cell phones on my network and I am sure the hacker is retrieving my data off of my g vista d6301. My new email that I set up and have only used from the vista has been compromised and although no logins appear in the history but my vista, someone had enabled POP on Dec 28th. I have enabled the developer mode on my phone which allows me to view the process stats. It states that google play service runs 100% and Google Cloud Messaging runs 100%...I have never used any cloud service on this phone. Another thing is that certain system apps that I have never activated are accumulating a decent amount of data. This phone is used only for wifi and has no service plan attached. bluetooth, email, qrtunnel, near field communication all turn on from time to time. Google play also shows something called clearcutlogger running but was unable to find any info on that. I also installed a mic block that has a "spying app catcher" that logs when a app uses your phones mic while the phone is in sleep or idle mode. when the app is on block mic then there are no problems but when I unblock the mic I get countless log entries that an app with net access has gained access to my mic. Its always the same few apps that show up as a potential culprit so I cant pinpoint exactly what app is using the mic. not sure if any of this has anything to do with someone messing around with my phone, just trying to think of some of the things that could help. There is no doubt that this phone along with a pile of now useless computers have indeed been compromised. What I really need help with is how to get this bastard out of my life and secure my network before the new semester begans b/c there is no way I can have my daughter use her new pc on the network knowing its just going to end up like the rest of computers in my new pc graveyard. I know there are quite a few other sites I could have reached out to but there is something about the comradery on this site that has always drawn me to it. 1 more thing fellas, how bout that one touch root for the LG G Vista D6301's? that sure would come in handy right now lol. My apologies for the long read. Any details you need to know to try and help me figure things out, I would gladly assist as long as my knowledge permits.
I understand that the question or article that I posted is quite vast so I will start off with this simple question. Is there a server that I can disable in the LG hidden menu to stop unauthorized use of my GCM, or any other way than simply just disabling Google Play? I have read a couple of recent articles on how hackers are utilizing gcm to gain access to personal info. I just was curious about the server b/c I see many different server acc in the hidden menu such as ATTLABa, Cingular, Mformation, and Funambol. I wasnt sure if these servers or acc could possibly help or be a potential threat.
Sent from my LG-D631 using XDA Free mobile app
Pr1n6/of\Jerusalem said:
My question or rather my pleed for answers .........
Click to expand...
Click to collapse
Pr1n6/of\Jerusalem said:
I understand that the question or article ............
Click to expand...
Click to collapse
First thing you have to be sure that no one has physical access to your gadgets. Second, find a router suitable to be modified with new firmware from http://www.dd-wrt.com/site/index or https://openwrt.org/.
In case you can buy a hardware network firewall and with proper installation and settings you should be able to keep away any threat.
A good idea would be to use a good VPN service, that way you can add a layer of security on your networking habits.
Lastly, check this thread http://forum.xda-developers.com/general/security/tuto-how-to-secure-phone-t2960077 and if you have any question, ask there.
Good luck

Unknown activity HTC ONE M9

I have unknown activity on my phone.
Along with numerous "unknown" outgoing calls with no number shown on my device (and 2 other M9 phones on the same plan) or any number registering on my carrier's system (when I called R, they said their system did show connected calls lasting various amounts of time, the could not determine what number the calls were going to), there's also a call in the log going to "(unknown)" "***,144***"
Anybody have any clue what's going on? R gave the bs answer that all 3 of us were calling our VM, even while we were sleeping. However, the times we did check our VM, the number did register on the phones and with the carrier's system.
Thanks!
Im adding a question. My M9 was unlocked without my knowledge. I'm guessing that ***,144*** might be the secret unlock code. IS there a way I can determine if it's been rooted as well?
--
squidstings said:
I have unknown activity on my phone.
Along with numerous "unknown" outgoing calls with no number shown on my device (and 2 other M9 phones on the same plan) or any number registering on my carrier's system (when I called R, they said their system did show connected calls lasting various amounts of time, the could not determine what number the calls were going to), there's also a call in the log going to "(unknown)" "***,144***"
Anybody have any clue what's going on? R gave the bs answer that all 3 of us were calling our VM, even while we were sleeping. However, the times we did check our VM, the number did register on the phones and with the carrier's system.
Thanks!
Click to expand...
Click to collapse
Interesting issue. I am not sure about the rooting. You are probably going to need to ask experts around here. Hopefully, they can help you with that. As for security, you could try checking if you have any suspicious apps running in the background or installed (You might be using same GPS or another app for example). It could be that one of the malicious apps had access to your calls which lead to them outputting calls to somewhere. You could try disconnecting your internet for a day and see if the calls persist (That is probably not an option for you, but it is an idea). Additionally, you could try a factory reset on one of the phones and see if the problem is still there.
squidstings said:
Im adding a question. My M9 was unlocked without my knowledge. I'm guessing that ***,144*** might be the secret unlock code. IS there a way I can determine if it's been rooted as well?
Click to expand...
Click to collapse
just saw this,
https://www.xda-developers.com/htc-says-the-ads-in-its-keyboard-are-a-mistake-fix-icoming/
which reminded me of your issue, though I don't suppose it's linked, but it does make you wonder WTF HTC are up to!
Anyhow with your issue I wasn't going to answer as I don't know the answer but my thoughts may help in some small way. I don't thank the 144 is a phone developers code to "root" or turn of security in some way as that would not show on your provides call logs as they stay internal to the phone (mostly). Also I don't think it's adware callng a premium number as your phone company says it does not register properly, so nobody will be paid.
That only leaves a more malicious form of hacking, I would say. So maybe that code does enable your data to be sent but untrckable over a network. That suggests to me it's possibly your actual network (who are R? What country, is it?) or maybe even your government if you are an activist or something? Though more likely is a criminal or business competitor, assuming the other people affected are business colleagues. So could be your boss trying to snoop on you all, if not HTC or the Chinese Communist Party aparatus!
What to do? As Ross says disconnecting is probably not practicable. If you have malicious activity they probably are using data as well as calls. So I would install a firewall to block most apps and log attempted connections (normally have to pay for this) then check IP addresses tell see if they are legit. However this may not show anything as data may go via root. So setting up a proxy to route traffic to your PC and use a sniffing program to see traffic or at least I P addresses.
You can download root checking apps from play store. Also check your security settings any app with admin rights? Also use a good antivirus you might get lucky, but even if negative you may still be infected.
Only way to really clean your system is to reinstall your OS, though a factory reset will fix often. But first you need to know how you were all compromised and fix that else it will just return, I would think it's most likely your local work network, (but could be your provider R or even something else you connect to in sore way eg Bluetooth, or an app you all have (you can boot into safe mode to disable 3rd party apps, but with HTC system apps possibly containing apps that use the Baidu apk etc that still has a possible backdoor unpatched (as far as I know) safe mode will not help white those!)
You might have to look into freezing/uninstalling all HTC installed apps.
IronRoo said:
just saw this,
https://www.xda-developers.com/htc-says-the-ads-in-its-keyboard-are-a-mistake-fix-icoming/
which reminded me of your issue, though I don't suppose it's linked, but it does make you wonder WTF HTC are up to!
Anyhow with your issue I wasn't going to answer as I don't know the answer but my thoughts may help in some small way. I don't thank the 144 is a phone developers code to "root" or turn of security in some way as that would not show on your provides call logs as they stay internal to the phone (mostly). Also I don't think it's adware callng a premium number as your phone company says it does not register properly, so nobody will be paid.
That only leaves a more malicious form of hacking, I would say. So maybe that code does enable your data to be sent but untrckable over a network. That suggests to me it's possibly your actual network (who are R? What country, is it?) or maybe even your government if you are an activist or something? Though more likely is a criminal or business competitor, assuming the other people affected are business colleagues. So could be your boss trying to snoop on you all, if not HTC or the Chinese Communist Party aparatus!
You might have to look into freezing/uninstalling all HTC installed apps.
Click to expand...
Click to collapse
Thank you!
Rogers, Canada. But I've switched carriers within the last few days.
I've actually done the FR 5 times now. Disabeling the pre-installed "Gmail" (I think it's more Google thn HTC related seems to have stopped the calls. I've disabled as much as I could.
so here's the kicker. I'm literally nobody! On disability, no exciting employment history and those In my family who have, aren't in contact, nor do I have contact info. And it was my wife and daughter who had the other phones, but mine was central i think. daughters phone was locked. So nothing so exciting. Which is why I even bothered asking lol
squidstings said:
Thank you!
Rogers, Canada. But I've switched carriers within the last few days.
I've actually done the FR 5 times now. Disabeling the pre-installed "Gmail" (I think it's more Google thn HTC related seems to have stopped the calls. I've disabled as much as I could.
Click to expand...
Click to collapse
Ah! Rogers Canada should be a well controlled and trustworthy provider, so probably not them, though a rogue employee or having their network compromised can't be ruled out.
Also if official Gmail app it should be safe though it does have some quite intrusive permissions like full network access, view confidential info etc, but all are legit if you want the full functionality of Gmail. But it shouldn't have access to place phone calls, so should not be able to create the behaviour you describe.
That leaves a rouge app, but you would all need to have it I suppose, HTC app (or system behavior) or local hack ie via your router or via your PC. A good anti virus should find rogue app on phone and similarly on PC. HTC system apps hard to spot without doing the firewall etc etc. So I would also be double checking your local router for firmware update and resetting it with a new strong password, to prevent possible return, so to any Bluetooth devices.
Hope it doesn't return! All the best
been a while but, just how does one get a "," in the phone keyboard? long press * for P, but no ",".
Now that time has passed and more people might be awake and less likely to make excuses, I'm wondering if this issue can be solved, or at lest thought about intelligently. Maybe someone who knows how it CAN happen, instead of trying to find ways I'm mistaken. this was on THREE SEPARATE PHONES in 2 separate cities.
squidstings said:
been a while but, just how does one get a "," in the phone keyboard? long press * for P, but no ",".
Now that time has passed and more people might be awake and less likely to make excuses, I'm wondering if this issue can be solved, or at lest thought about intelligently. Maybe someone who knows how it CAN happen, instead of trying to find ways I'm mistaken. this was on THREE SEPARATE PHONES in 2 separate cities.
Click to expand...
Click to collapse
Check with a root app to see if your device is rooted
check permissions also you can take back permissions with a app on fdroid
unknown app check with virus total or
IF someone has root on your phone they can do what they want and when they want
a app that has call access they can transfer information over a phone connection which can be anything
The troubling thing here is that your phone was unlocked w/o you which implies root access
IF you bought your phone new you might not be anybody but to be put in perspective amazon lets you steal $500 if you use another id and they say it is not you so you do not lose out
but if it is used this can be from the previous user.
The best thing to do if it does not stop is to upgrade the software on the phone if you have already done that then use a Root firewall or change to a rom here on xda (you can all change making the transition easier).
Applied Protocol said:
Check with a root app to see if your device is rooted
check permissions also you can take back permissions with a app on fdroid
unknown app check with virus total or
IF someone has root on your phone they can do what they want and when they want
a app that has call access they can transfer information over a phone connection which can be anything
The troubling thing here is that your phone was unlocked w/o you which implies root access
IF you bought your phone new you might not be anybody but to be put in perspective amazon lets you steal $500 if you use another id and they say it is not you so you do not lose out
but if it is used this can be from the previous user.
The best thing to do if it does not stop is to upgrade the software on the phone if you have already done that then use a Root firewall or change to a rom here on xda (you can all change making the transition easier).
Click to expand...
Click to collapse
Thank you for taking the issue seriously and not trying to force kool aid down my throat (if carrier was "trust"worthy, THEY would have solved it).
It didn't show root. 2 of 3 m9s were mysteriously unlocked. the 3rd did prompt for a code, but did also show those "unknown #" calls. However, I'm still stuck on the code. I can't even enter a ",". Didn't check the other units for it, but it's still the only unanswered issue that could explain the unlock (aside from your suggestion). No one's even heard of it, but programmers are known for adding backdoors. If anyone's got a new, s-on unit and feels like trying it, that's about the only way to get an answer.
It's dead now anyways. Battery won't charge unless powered off and went from 24+hours regular standby to about 3 hours with extreme powersave on, overnight and doesn't extend with usb power. usb data comm isn't even recognized. All 3 have failed actually (different ways) so I'm going back to my m7 which still works great. Except, it says s-on but works with different carriers and I can't even enter the code I paid for (no prompt. is there another way?)
So, here's the tinfoil hat part. Although I'm nobody, This all started around the time of the '16 election. when I was arguing with a youtube account named (not looking to attract attention so no name, but you know it) for the person who came 2nd.
Thank you for your help. It's a shame it's pooched before solving the issue. But hopefully, the code will be solved.
But any help entering my sim unlock code a different way would be appreciated. But if other carrier sims work, should root be doable while showing s-on?
Thanks a TON!!
squidstings said:
Thank you for taking the issue seriously and not trying to force kool aid down my throat (if carrier was "trust"worthy, THEY would have solved it).
No one's even heard of it, but programmers are known for adding backdoors. If anyone's got a new, s-on unit and feels like trying it, that's about the only way to get an answer.
Click to expand...
Click to collapse
It would seem in your case that it is a setting change that was made and not comparable to other phones. Probably what we are talking about is a connection to a command server. S-on is a protection so that one cannot change the state of certain partitions namely the recovery boot and system however their are ways to get around this. You would need to get a root app to do that.
As a general rule you need to prove something is going on and funny numbers are a indication but nobody in the security community would touch it because it is very open. What you need to do however is
Get a copy of the calls use pcap and
check your firmware with the standard HTC firmware
this will show you what the phone call is doing and will help the android community overall (improved security)
Also programmers do not try to add backdoors they try to have a good product it is the hacking/security teams of _________ that do that. This being a programmer myself.

Question Just being honest.

So here's the deal. I'm very smart.. but this is not my forte.(phones) my daughter has screwed up My wife and I phone. Along with my other kids phones as well. She has a school Chromebook and somehow we started getting games installed on our phones from the playstore and some weird rogue games. Looking at the permissions they have access to everything any anything in our phones. I did a little research after probing through hidden files on her Chromebook she stays on gotcha cc. And all types of http only gaming sites. I we have to constantly turn off our camera and Bluetooth bc it turns on automatically. I found out she can access everyone's phone and has also somehow made like 2 networks on my router when she was grounded and was getting free data while her phone was off?? I can't delete this crap. Anti virus scans are useless. I noticed Android developer in her cookies and also some studio. I have this **** attached to my bootloader and no reset can remove it. We have a moto g stylus 5g (xt2131Dl) and anything I put in to remove via my computer/USB cable it instantly corrupts it. She also had a bunch of wallpaper apps that seem to migrate to our phones.calendars clocks and things have these crazy permissions. I noticed my email now is workspace..? Or work profile. Can somebody hit me up and help me get rid of this ****. Oh by the way. It's on my PC desktop now and laptop. It's like my whole phone is a virtual machine.. everybodys. I can't update past anything released in 2019 and 2020. Help!
Churchisat9 said:
So here's the deal. I'm very smart.. but this is not my forte.(phones) my daughter has screwed up My wife and I phone. Along with my other kids phones as well. She has a school Chromebook and somehow we started getting games installed on our phones from the playstore and some weird rogue games. Looking at the permissions they have access to everything any anything in our phones. I did a little research after probing through hidden files on her Chromebook she stays on gotcha cc. And all types of http only gaming sites. I we have to constantly turn off our camera and Bluetooth bc it turns on automatically. I found out she can access everyone's phone and has also somehow made like 2 networks on my router when she was grounded and was getting free data while her phone was off?? I can't delete this crap. Anti virus scans are useless. I noticed Android developer in her cookies and also some studio. I have this **** attached to my bootloader and no reset can remove it. We have a moto g stylus 5g (xt2131Dl) and anything I put in to remove via my computer/USB cable it instantly corrupts it. She also had a bunch of wallpaper apps that seem to migrate to our phones.calendars clocks and things have these crazy permissions. I noticed my email now is workspace..? Or work profile. Can somebody hit me up and help me get rid of this ****. Oh by the way. It's on my PC desktop now and laptop. It's like my whole phone is a virtual machine.. everybodys. I can't update past anything released in 2019 and 2020. Help!
Click to expand...
Click to collapse
Wow....
First I take away her phones and laptops so she couldn't interfere.
Try factory resetting start with a router then the phones,
Motorola does have a recovery program for the phones,
rescue-and-smart-assistant - Motorola
#hellomoto | Discover our new unlocked Android phones from motorola and stay informed about our offers and promotions.
www.motorola.com
Then install an antivirus like Norton or something like that and let it run,
In the case of the laptops I pulled and trashed the hard drives get new ones and default the BIOS before you put it all back together,
If you're using Microsoft get the installation ISO on a thumb drive if the PCS are major manufacturers like Dell, the BIOS contains the licensing key so you won't have to buy it again
Good luck if she's old enough I'd ever arrested.
Just my two cents.....
And change all your passwords once you've got a good clean PC to do it from.
Ps dont connect anything back to the internet to your done sanitizing it all.
maddog3030 said:
Wow....
First I take away her phones and laptops so she couldn't interfere.
Try factory resetting start with a router then the phones,
Motorola does have a recovery program for the phones,
rescue-and-smart-assistant - Motorola
#hellomoto | Discover our new unlocked Android phones from motorola and stay informed about our offers and promotions.
www.motorola.com
Then install an antivirus like Norton or something like that and let it run,
In the case of the laptops I pulled and trashed the hard drives get new ones and default the BIOS before you put it all back together,
If you're using Microsoft get the installation ISO on a thumb drive if the PCS are major manufacturers like Dell, the BIOS contains the licensing key so you won't have to buy it again
Good luck if she's old enough I'd ever arrested.
Just my two cents.....
And change all your passwords once you've got a good clean PC to do it from.
Ps dont connect anything back to the internet to your done sanitizing it all.
Click to expand...
Click to collapse
Maddog 3030 thanks brother! Yeah it's ridiculous. Like my mind is blown completely.. i definitely confiscated the two phone/laptop. You'll never believe what happened.. she freaking signed in through Roku on her tv.. the only thing I left in her room electronically. Furious. But I'm very grateful for you response I'm definitely doing that step by step. I can't believe we have to run our phones in safe mode in my own house 24/7. I'll see if I can grab some more verbage from some of the things I find. Alot of it is encrypted copy pasted on blank notepad on the laptop. However I did see chrome://sysinternals and flags in the browser history. She had been on. I'm just lost as to how.. is it all the Google cloud developer stuff or Microsoft or azure..what else.. the Roblox/gotcha stuff which the files are being put into.. like everyday our phones have like "software" update at the top of the screen . Like no matter what I turn off it automatically turns it back on I'm thinking through Bluetooth. Hey Ive searched and searched is there any possible way to run the Microsoft tool without a PC? And only on my phone? The laptop I have is a hp and the desktop is the windows all in one 27in. Completely knocked windows defender out. Funny thing is she's never once had possession of or even used our phones before. Hadn't sent anything to us that we've opened to give it access. Sorry to make this so long lol. But I know you guys are the ones to explain this to. I've googled/duckduckgo/chat gpt/YouTube and searched hours and days for an answer. I get anything from the tct malware to the developers of multiple platforms accounts. Each have pieces that are spot on. But nothing exact. Our phones are straight talk. I've even called them. No help. Caught my attention when she was having data somehow at school and her phone wasn't even active. But the data on my wife and I phones were crazy high. The usuage from multiple apps were around 900mb each in the span of a week.. just didn't think there was any way Bluetooth had anything to do with it because of the distance from her school at the time to our home was way too far. But whatever it is it definitely calls for our Bluetooth to be turned on and our hotspot also comes on too. EVERYTIME. It's some feature of it. And also was a dead giveaway after so long of it happening. Everytime our Bluetooth , hotspot and mic access would pop on she would be in the house on her phone being sneaky.. recently when I had enough and took the electronics and discovered all this stuff on it.

Categories

Resources