Database Info

[Q] how can we disable carrier iq and other related tracking software?

Hey just wondering how to get this crap of my phone. Don't want to be tracked in anyway.
WWW.carrieriq.com
Thanks in advance

How do you know its definitely installed? ..
Also I'm guessing your device is currently unrooted, which means chances are you won't be able to remove it. Unless you choose to root your phone.

Apart from that, the fact you have a mobile at all means you can be tracked ,just from the cell you are using to make or receive calls or txts

Excuse me sir, I seem to have misplaced my hat.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}

zeekiz said:
Excuse me sir, I seem to have misplaced my hat.
Click to expand...
Click to collapse
I'm not paranoid ,just stating a fact .. Don't give a flying one who knows where i am lol

Lol sorry mate, that was actually directed at OP, not at you. I've never been overly worried as to location collection via my mobile phone(s), purely because pin pointing your exact location using the tower can be rather difficult.
det66 said:
I'm not paranoid ,just stating a fact .. Don't give a flying one who knows where i am lol
Click to expand...
Click to collapse

This information is used by our customers as a mission critical tool to improve the profitability of the network by invasion of privacy, understand device issues like imbedded spyware and ultimately improve the collection of user’s info. Our software is embedded by device manufacturers along with other diagnostic tools and software normally called viruses prior to shipment.
While we look at many aspects of a device’s performance, we are counting and summarizing performance, not recording keystrokes or providing tracking tools yet.
All this and more and we haven’t been sued yet, or any of our customers, for online stalking and the illegal distribution of information because the user signs away its rights when it buys that much needed mobile device.
Click to expand...
Click to collapse
I don't to be tracked no matter what. Thought you people would have understood that, guess I was wrong.

Short of not owning a mobile, flashing a custom rom will get rid of the HTC apps and widgets on the stock rom that has far, far too many permissions. Same with carrier apps, since they too mine data from the device in question. The peep, facebook, HTC power control and HTC calendar apps in particular required a disturbing amount of permissions to run. Part of the reason why I rooted and flashed to CM 7.1, actually. It has phone goggles and permission controlling built it actually, so it can be a safe, user controlled, relatively tracking free experience.
Hope this helps.
Oh to add, just rooting the phone will allow you to uninstall ANY app on the phone. But I think this can have a detrimental effect at times, since some of the apps tie in with the stock sense rom, which could have the consequence of having a unstable, buggy, crash prone device of your own making. Could be wrong though.

cheers mate, phone has been rooted for some time now but I thought you guys might be more specific about which files need to be deleted as to avoid detection.
I use startpage instead of google but I don't think that makes much difference.
I know it's definitely being done with i-phones and google is doing it with android devices
http://www.techrepublic.com/blog/mac...-you-care/1109
http://www.dailymail.co.uk/sciencete...s-company.html
http://radar.oreilly.com/2011/04/app...-tracking.html
http://www.wired.com/gadgetlab/2011/...hone-tracking/
http://gizmodo.com/5793925/your-ipho...ere-youve-been

http ://news.yahoo. com/ smartphone-spying-204933867. html
well its true now as to how to remove this goofy thing is dif story.
im pretty sure nobody in this forum thinks this is acceptable!
had to put in spaces due to im a NOOB!

I've read (Engadget or Lifehacker - I forgot) that this is only on stock ROMs.

according to one article
it looks like Android phones from Sprint have a keylogger and deep-packet inspector factory-installed, and you can't remove it without exchanging a chip.
Carrier IQ Video Shows Alarming Capabilities Of Mobile Tracking Software
You may be aware of the growing controversy surrounding Carrier IQ, a piece of software found pre-installed on Sprint phones that, according to developers who have investigated, is capable of detecting, recording, and transmitting various user actions and inputs. Among the data CIQ potentially has access to are location, SMS, apps, and key presses.
News of the software has been percolating for months on development forums, but when Trevor Eckhart recently summarized his findings, he found himself facing a cease and desist while Sprint vigorously denied the charges, saying “We do not and cannot look at the contents of messages, photos, videos, etc., using this tool.”
The C&D was quickly retracted, but Eckhart has now released a video that seems to give the lie to both Sprint and Carrier IQ’s assurances.
Click to expand...
Click to collapse
more here http://techcrunch.com/2011/11/29/ca...ing-capabilities-of-mobile-tracking-software/
from about 5 mins in
http://www.youtube.com/watch?v=T17XQI_AYNo&feature=player_embedded#

already an xda article on it
http://www.xda-developers.com/android/the-rootkit-of-all-evil-ciq/
Note also that if you're running an Android Open Source Project (AOSP) based ROM—like CyanogenMod—you do not have Carrier IQ installed on your system. These apps are based on the original, open source version of Android, and don't include any carrier or manufacturer additions like Carrier IQ. If you're using a modded version of your manufacturer's ROM, however—for example, a modded HTC Sense or Samsung TouchWiz ROM—you could still have it installed. To avoid this, either flash AOSP based ROMs, or flash ROMs with Carrier IQ specifically removed (many will say NOCIQ or something similar on their description pages).
Click to expand...
Click to collapse
makes sense.

Interested in your thoughts on this comment
The application accessibility will close on the phone, however the data will still be left behind as residual storage in the same way every computer in the work can leave behind traceable history even if you physically delete everything from the hard-drive. It only takes a external programmer from a wifi connection to gain access onto the phone (even when its turned off) and they are able to uplink all that information stored on the phones memory aswell as call/storeage/user memory.
Its protected by internal security devices from external attacks, however it doesn't stop the phone companies from getting into your data anytime, anywhere, without your permission. At least with computers you can be protected from such external hacking by setting up a proxy or multiple firewalls (however even this isn't a guarantee.)
Click to expand...
Click to collapse

Check out my posting!
http://forum.xda-developers.com/showthread.php?p=20281786#post20281786

there is also an app called logging test app which will do the same it's by treve here at xda check it out as well.

The Desire S shouldn't have carrier IQ, at it's mostly US phones which have it. The UK phones do not.

Android | You have been hacked by Google

Google is watching us more than ever?
When Android know about you anything.
READ THE DUMB F&Q - CLICK ME
original write by anonymous​
In this 5 minuts article we describe all the very weird things in Android, and we want to ask you - what do you say?
at first we saying that all of this is on built-in apps. Why to do that? ads custom, know what to upgrade for android, control in market, corperation with government entities like many times is past (Events in France on cooperation with cellular companys and government that they wiretapping your calls), read news, think about it - how google now know where you live, what you doing, where you visited.. and also you should take a look in this - https://history.google.com/history/ your all seraches and history.
One. (Shown all over the news) - "Next Android version will change the way the root work":
We asking, what happend to our "good times" Android experience? ("Open source", "Android will be different then iOS" Etc.)
Google want her privacy in system files, in control, in blocking permission root apps.
Keep reading, this was to notice what happend right now.
Two. Suspicious processes running in the background all the time
Three. Very Strange Permissions:
Hint: Android asks for credit card information on first running. ok its useful, fast, and great reason to take this details.
"Connect & Disconnect from Wi-Fi" - Dont cofuse we talk about other apps like "Factory Mode" etc. that running all the time in the background, why it need to turn on\off the Wi-Fi..? there is the main Wi-Fi settings, where YOU control the Wi-Fi, this is auto control. probably you not even see when Wi-Fi turned on it self. check in your built-in apps. its comfortable, came with the phone - you not need to install or update apps. and this came to many apps that nod need this. come on check it on few apps.
"Share your device's screen with another device" - Wow that was cool if was a built-in TeamViewer app! (wtf?!)
"Modify battery statistics" - in other words fake the battery status and deleting statistics, so the battery stats is not secure way to know what working and used the battery (!). (After long waiting for explain, they told me that is wrong spell. sure. the great perfect Google wrong in spell 4 official versions?! no, its modify.
"Downloading files without notification" - (you dont even noticed that something download, maybe right now)
"Add or modify calender events and send emails without host's permission" - In other words, the hosts is you. and emails send from you to another "mysterious" people. very smartly they put "Add or modify calender events" in start to hide this.
"Internet Browser" have permissions to - "Record audio" , "Take pictures and videos" (Allows application to take pictures and record video at any time).
"Mobile Tracker"! - Service that connects to the Internet and if your phone stolen you can lock him, wipe the device.
But I dont noticed that he canto call, send & read sms, record audio, share screen, read browser data (cookies etc.) and history, set an alarm in "Clock" (?), Access to NFC and more.
This was should be great options to my stolen phone. and very hurt for my private info.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Four. System applications linked to each other. - if one is turned off - problems starting.
The Android system built like this, that system applications linked to each other - you can check with few programmers that know this.
This is a nightmare of every programmer, when something get wrong, - to start searching problems and fix them. maybe rewriting the whole code. but google wants this.
Well, its like we'll have to install GTA V,ARMA 3, and COD:Ghosts to play Pacman.
You have turned off one - the other will continue to operate
Five. Permissions granted to applications that not supposed to do that
Gallery - can record audio, calling, etc.
Adjust color (with this you set sharpness and color tone, this of course very small option in Settnigs) - can view sms, terminate processes, access Bluetooth, Wi-Fi and etc.
And more like in "Three".
Thanks for helping, google.
very small part of "Help" premissions. check it.
Six. Almost every app has strange permissions that it should not have, check it yourself.
Seven. p.s.
We expected that Google, the "can do anything" company, in couple versions of Android will greatly improve the system and make it run faster.
(damn, windows 7 has same requirement) Although that iPhone have barely one processor with two cores, running like a cannon against my SGS4.
True, it is Android, we have higher resolution and quality and have more things to handle - but we espect that this 4*4 cores (SGS4) "computer" do more.
Maybe just another hidden processes in the background causing it?
Factory Mode - for some reason gives all permissions that you can in cell-phone. Why this running on your device now?
Eight. The Smart Google
In few words they do on you the trick. they can say that all permissions need for some reasons, but is great reason to connect you to the Internet 24\7 365 day in year. and the all hints points on something else.
Last. We care.
we care that "Hangouts" replacing our default message apps (why to put 2 applications of texting? its like to use the same cameras to take picture. one for us, one for google.)
some people dont care, and they are right. we become indifferent that all the world dig in our lifes. but it should not like this.
what you feel if steal your credit card, watch on you in bathroom, have your "deleted" snapchat images, take a look on your sister?
And what if in one day I waill want to use this?
mmm.. not really
What you say?
for the great people that read this - you must change it, do somethig. take the glove.

Oh boy....
Sent from my GT-I9505 using XDA Premium 4 mobile app

Google SUCKS! From now on, I will be boycotting all google products. I will also be boycotting any other brand who violates MY privacy.

Point #1 is all wrong, there's a big diference between Android as an OS and AOSP.
AOSP = open source
All the rest = closed source

I have been using App ops starter and is closely watching the permission i should allow. but still i doubt that GOOGLE is not letting us to put various restriction that should have been there.
Damn it GOOGLE.

Mod Edit
All very interesting , but not relevant to the S4
Please take this to OT
Thread closed
malybru
Forum Moderator

Blu, maybe Huawei and ZTE privacy "bug"

Firmware (made by Shanghai Adups Technology Co. Ltd) that "calls home" was found installed on chinese phones sold in US:
http://www.kryptowire.com/adups_security_analysis.html

SoNic67 said:
Firmware (made by Shanghai Adups Technology Co. Ltd) that "calls home" was found installed on chinese phones sold in US:
http://www.kryptowire.com/adups_security_analysis.html
Click to expand...
Click to collapse
Not just "Chinese" phones, else why are they contacting Google?

Well, at least my phone contacts Google because I have a Google account. I choose to allow that when I input my gmail address. I choose to trust Google with my contact lists and calendar and whatever. I choose when to update the apps or not.
This chinese spyware is embedded in firmware (trusted app, capable of escalation) and on a totally different level of what it can do, you could read it in the article. Or not. The article has even a comparison with a similar spyware from 2011:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}

SoNic67 said:
Well, at least my phone contacts Google because I have a Google account. I choose to allow that when I input my gmail address. I choose to trust Google with my contact lists and calendar and whatever. I choose when to update the apps or not.
This chinese spyware is embedded in firmware (trusted app, capable of escalation) and on a totally different level of what it can do, you could read it in the article. Or not. The article has even a comparison with a similar spyware from 2011:
Click to expand...
Click to collapse
No I mean the security company Kryptowire are contacting Google, along with Blu. Does that mean a Google phone is affected or is it just as they have a sales channel? Probably the latter but it does raise a lot of questions about exactly & how much control they have of the manufacturing process across their supply chain. Whether it's the the actual phone or individual chips being programmed. And is there any attempt by companies that make products in places like China to check the phones that actually come off the line for compromises. I doubt it but it seems to be a security risk to me.
Of course we all have to trust someone or some company in some way as most things are not open. I to trust Google with much of my data & security.
(I have read several articles on this, but still not much info, all seem to be a rehash of the press release from Kryptowire)

Google code is not affected. This is part of the specific firmware that manufacturer puts in the phone and it is allowed to even be updated OTA.
Meanwhile if I root my device is considered "unsafe"... But that's the only way to see those files and act to remove them.
As much as I hate Apple, I am more and more tempted. At least they control all the manufacturing chain.

Can I load a custom firmware on my phone to eliminate this?

If you can unlock the bootloader, yes.
At the minimum you need root, to be able to disable/eliminate the software. The original article that I have linked has the details of the software names:
com.adups.fota.sysoper
com.adups.fota

Hi guys,
I knew that by now you have all heard about this news the Chinese budget android devices are secretly sending users’ data to China...
I thought I'll ask amongst the experts anyway how much of a thread could it actually be, as I'm a new P8 user (previously only had Samsung's)
What bothers me is the fact news comes from a private contractor to US govt which aren't really fair & square on the privacy issues in the first place, and apparently the 'feature' was 'accidental' discovered...really?!?
Considering the timing and situation on the market, seems to me to be a competition battle...but it's just my thought
Anyway...Do you think a simple root is enough to get rid of such 'back door' code?
Looking forward to your input
PS. articles available at:
http://www.theverge.com/2016/11/15/1...-text-messages
http://www.nytimes.com/2016/11/16/us...rity.html?_r=0
and original report http://www.kryptowire.com/adups_security_analysis.html

...and not two days later another news emerges... hehe just when some may have thought they are any different
https://interc.pt/2gkn4dz

M4ti said:
Hi guys,
I knew that by now you have all heard about this news the Chinese budget android devices are secretly sending users’ data to China...
I thought I'll ask amongst the experts anyway how much of a thread could it actually be, as I'm a new P8 user (previously only had Samsung's)
What bothers me is the fact news comes from a private contractor to US govt which aren't really fair & square on the privacy issues in the first place, and apparently the 'feature' was 'accidental' discovered...really?!?
Considering the timing and situation on the market, seems to me to be a competition battle...but it's just my thought
Anyway...Do you think a simple root is enough to get rid of such 'back door' code?
Looking forward to your input
PS. articles available at:
http://www.theverge.com/2016/11/15/1...-text-messages
http://www.nytimes.com/2016/11/16/us...rity.html?_r=0
and original report http://www.kryptowire.com/adups_security_analysis.html
Click to expand...
Click to collapse
who cares who finds it, so long as someone does. Rooting and deleting all the relevant files should work, I guess, but possible could cause some other issues, who knows.

Its pretty funny since most of the people reading those articles doesn't really understand it very well....people quickly jump into conclusion and think that Chinese Smartphone device secretly sending private information to China....
If you read the articles very carefully then you will realize that Shanghai Adups Technology Co. Ltd is a company that provide FOTA services, that means and manufacturers that use their services for OTA updates are likely to effected with the spyware not just Chinese Smartphone....their market share is exceeding 70% across over 150 countries and god know how many devices manufacturers & services operator have been using their services for OTA updates...

[TOOL] SamCleaner, mass uninstall or disable apps (via adb, no root)

SamCleaner - Sam cleaner of android garbage
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
SamCleaner is a python+gtk application that helps manage packages in android devices via `adb`. This is achieved via two methods, one is by listing all available packages on the device with the possibility of enabling/disabling individual packages by name, while the second method is by using a blacklist file (in JSON format) thus allowing the user to automate the procedure.
https://gitlab.com/samcleaner/samcleaner
The application is in gitlab, so if you search for SamCleaner, you'll find the full source code there and you may download it and test it. Its written in python, fairly easy code to read.
Thank you.

I'd like to add that I've created a fake adb command that pretends to be connected to a real phone, to help with testing and development, if anyone is interested let me know and I'll post the fake adb as well.
thank you.

Added a search feature, which allows you to use regular expressions or just plain text for searching among the packages (ID or name).

Updated the package blacklist and added new package descriptions.

Hello (hopefully not off-topic)
I would like to know which package in Android (oreo) I have to disable to make sure that nothing is synchronized to the Google-Account:
Regards

Well, when you say "nothing is synchronized", do you mean every single piece of data that google syncs? Because that is pretty broad, considering that google collects data per-second, for what you are looking at, what you are touching on the screen, the location of the device, surrounding data about NFS/Bluetooth/WiFi devices around you, so on and so forth.
The only real solution, is to actually remove all packages that start with "com.google.", especially the framework and services packages com.google.android.gms & com.google.android.gsf
It is not easy to block all out going data, samsung packages also monitor your activities and report back to samsung servers. The most effective solution is to gain root and just break the device's ability to connect to anything, just make it a simple phone for calls, sms and photos.
My blacklist tries to do just that, remove all google from the phone but that will disable GPS positioning, along with some other features.
I am not sure if I answered your question, if you want be a bit more specific in what you want to achieve.
scheichxda said:
Hello (hopefully not off-topic)
I would like to know which package in Android (oreo) I have to disable to make sure that nothing is synchronized to the Google-Account:
Regards
Click to expand...
Click to collapse

sam_son said:
Well, when you say "nothing is synchronized", do you mean every single piece of data that google syncs? Because that is pretty broad, considering that google collects data per-second, for what you are looking at, what you are touching on the screen, the location of the device, surrounding data about NFS/Bluetooth/WiFi devices around you, so on and so forth.
The only real solution, is to actually remove all packages that start with "com.google.", especially the framework and services packages com.google.android.gms & com.google.android.gsf
It is not easy to block all out going data, samsung packages also monitor your activities and report back to samsung servers. The most effective solution is to gain root and just break the device's ability to connect to anything, just make it a simple phone for calls, sms and photos.
My blacklist tries to do just that, remove all google from the phone but that will disable GPS positioning, along with some other features.
I am not sure if I answered your question, if you want be a bit more specific in what you want to achieve.
Click to expand...
Click to collapse
Thank you very much for you detailed answer.
In a first step it would be helpful to stop synchronizing the "calendar" and the "contacts" .
Is there a apk that is doing that job?
Regards

I have no idea which specific packages do the actual sync, but just by reading the names, these two look interesting:
com.google.android.syncadapters.calendar
com.google.android.syncadapters.contacts
You could find out manually, by removing one package after another until you break the sync connection.
Still, the two packages that do the most communication with google are the ones I mention above (com.google.android.gms & com.google.android.gsf) so I would disable them as well. You may want to disable them only, if you remove them completely then google Play store will not work anymore.
scheichxda said:
Thank you very much for you detailed answer.
In a first step it would be helpful to stop synchronizing the "calendar" and the "contacts" .
Is there a apk that is doing that job?
Regards
Click to expand...
Click to collapse

WARNING
======
Samsung S20/Plus/Ultra devices that update to Android 11 will die and cause a boot loop if the fused location spyware apk is not installed.
Up to and including Android 10, it caused no issue to uninstall the fused location apk. The package name is com.android.location.fused
Sneaky...
Also be aware that Samsung now forcibly installs a location aware app that displays adverts when you are near an affiliated store (like a samsung store).

It's pretty surprising this thread didn't get more replies, I just downloaded it. The UI is clean, well organized, and overall it seems to be pretty high quality. I haven't given it a shot yet, but a little later this afternoon I'm going to test it on a freshly flashed stock device. I appreciate your obvious hard work on this and I think it deserves some more credit, maybe it's just the category it was placed in or something. I'm sure in a spot with enough Samsung traffic passing through this would get this program the use that it deserves.
It's interesting what you say about Android 11 and fused location, I manually uninstalled it using a DPM workaround on Android 10 with no issues to anything, it is just a privacy perk; now if only this tool could get rid of the DPM for me without having to factory reset or do a clean flash lol.
The only feature that I'd say is actually worth it on 11 is the Sound Assistant's option to fix latency issues for tws earbuds, but I'm sure somebody will figure out how to make it backwards compatible with 10. My guess is those 3 OS upgrades they promised starting at the S10, have a little bit more to them than meets the eye.

Thank you for your kind post. I guess its not very popular because it requires Linux and adb. I think most people around here use Windows?
Its great for my use case. I connect phones on a laptop and clean them via SamCleaner remotely over an SSH connection. I guess if more people used it, I'd implement more features.
About fused location, it is a sad truth these days, companies and individuals make a lot of money spying and gathering data about the general public. I guess Samsung has had enough with people removing the most important app that gathers location data.

Updated the package blacklist and added new package descriptions. There is now a new section for malware apps.

Added more blacklisted packages, added a new feature to force-stop apps when they are being disabled.

Added a new feature to Test the blacklist against the connected device and report possible changes (uninstall or disable packages).

Hacked Android Phone

I have been hacked several times on my last two phones.
The functionality of my social media and email apps has been changed, causing data loss and compromising my online accounts. The type of connection is irrelevant.
Based on the symptoms, it appears that my apps may have been cloned and are being used to piggy-back, on my credentials, everytime I login.
What can I do to stop this, or make it so difficult for the attacker, that he gives up the chase?

What device/OS version?
Get the social media apps, shopping apps etc off the phone.

I would say copy your data (pics, music, docs etc.) out of your phone and in to some external storage, then do a full wipe/factory reset using some RUU. Odin tars, etc., re-install whatever apps clean from play store, or from apks that you download from reputable sources like APK Mirror etc., not restored from some Titanium backups, then copy your personal data back to your phone - oh, and before anything, change your passwords for ALL online accts everywhere using some clean device, NOT your compromised phone. You're looking at hours of work, but I don't think there is any other way to be sure.
Edit: If you use Play Store, you can go to your Google acc and see the approved Devices in Security section (again, while using a clean device), maybe you'll spot some device there which is not yours - then you can remove it.

Blackview A80 Plus.
I'm in the process of replacing the apps with web versions.
I've also added an app-locker, that forces a pin-code to be reentered everytime the app or window goes to background.
I'm also cutting the internet connection when my phone starts running slow.
The biggest problem is my emails. These have sometimes been destroyed during creation, the drafts and other emails deleted.
My bank accounts may also have been affected.

Deleted Google account on phone. Back up all critical data. Factory reset.
Reset Google password* with one that is at least 15 digits including symbol$ and letters. Write it down. Reload with caution; it's likely you installed the malware yourself at some point. Be helpful if you knew how it happened. This is rare or should be. Do not let other use your phone unless you're there.
*as imonxda said... do not reset the passwords on the infected device. May setup a new Google Gmail account to use as the main account backup contact.

I will do everything you suggest.
*Also, assuming this is an APT and the phone was coded to behave this way, in my juris..., what can I do to frustrate the attacker, to make piggybacking on my logins more of a chore and in general to increase his workload to the point where he can't really cause me anymore harm, or at least not very much.
I've done resets before and this is my second phone with this issue.
My last phone was a Xiaomi Redmi 8a.
I'm living in the pacific and my country is a satellite of A'[email protected] and they're just nuts...

MySecDev said:
I will do everything you suggest.
*Also, assuming this is an APT and the phone was coded to behave this way, in my juris..., what can I do to frustrate the attacker, to make piggybacking on my logins more of a chore and in general to increase his workload to the point where he can't really cause me anymore harm, or at least not very much.
I've done resets before and this is my second phone with this issue.
My last phone was a Xiaomi Redmi 8a.
I'm living in the pacific and my country is a satellite of A'[email protected] and they're just nuts...
Click to expand...
Click to collapse
Use a VPN, always use HTTPS.
Vet all apps. Keep all downloads in the download folder until vetted. Check download folder daily for anything that doesn't belong, if so delete, do not open.
Use this settings mode:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}

Intersting new development...
I emailed the Ooßsa Emb' here recently and they asked for a phone number. They didn't really need that to communicate with me, since they already had my email. Like a dope, I gave them one of my mob' numbers. That was about fifteen days ago. That's when I started noticing my phone's volume control lowering itself, on its own.
I should have told them that I didn't have one or that my phone was broken, I was out of minutes, etc.
Now, I get lots of ads for SKorean games and when I go into settings, to verify country settings, Play Store asks me if I want to change to the SKorean Play Store.
I've been to SKorea. They're an Ooßsa moorc state.
Also, the app locker I was using started popping-up pin entry windows continuously, until I had to restart the phone. This happened at least twice. This demonstrated unambiguously that the attacker had complete control of my phone.
Will a fact-reset change my IMEI? I think I read somewhere that it will.
The moral of the story is, never give the vog your phone number
I suppose you can give them the number of someone you don't like ;-)

MySecDev said:
Intersting new development...
I emailed the Ooßsa Emb' here recently and they asked for a phone number. They didn't really need that to communicate with me, since they already had my email. Like a dope, I gave them one of my mob' numbers. That was about fifteen days ago. That's when I started noticing my phone's volume control lowering itself, on its own.
I should have told them that I didn't have one or that my phone was broken, I was out of minutes, etc.
Now, I get lots of ads for SKorean games and when I go into settings, to verify country settings, Play Store asks me if I want to change to the SKorean Play Store.
I've been to SKorea. They're an Ooßsa moorc state.
Also, the app locker I was using started popping-up pin entry windows continuously, until I had to restart the phone. This happened at least twice. This demonstrated unambiguously that the attacker had complete control of my phone.
Will a fact-reset change my IMEI? I think I read somewhere that it will.
The moral of the story is, never give the vog your phone number
I suppose you can give them the number of someone you don't like ;-)
Click to expand...
Click to collapse
You need to increase the security on your accounts. A phone number shouldn't be enough info to allow someone hack you by alternate logon to your account(s).
You're not a high revenue target so what they're using mustn't take too much time; it's an obvious hole in your security.
Someone using a Stingray etc could do that though. You pi$$ off a LEO or someone in the DOD, NSA, FBI, etc really bad?