hey guyz..
the scene is set, dont want to tell anyone where it happened by whom and ofcourse who got robbed but here's the story.
User had an o2 Xda II, customized rom, with IIWPO Theft Control installed in the rom, so that means hard reset wont wipe IIWPO out of the pda.
Robber comes puts a knife on the user's throat takes away cash and the pda, user gives it happily thinking she will get a msg on the other number with all the info of sim changed.
4 days pass by no info come's and the pda is sold or forwarded to someone else or whatever. END OF STORY.
now how did the user not get a msg of the new sim info.
1. SIM WAS NOT CHANGED.
2.SIM CHANGED BUT NO CREDIT IN NEW SIM.
3.BATTERY TAKEN OUT PDA TOTALLY DEAD TILL NEW CUSTOMER GETS IT. ETC ETC.
WHAT CAN BE DONE.
ok guyz this is the part where i would like allll the geeks & gurus to put in some effort, i know it will be tough but i have a feeling its not impossible.
CAN UR,LL UPDATE IIWPO IN SUCH A WAY THAT WHEN WE ARE FEEDING OUR NAME AND OTHER INFO IT WILL ALSO ASK FOR A SECURITY PASS TO BE PUT IN, SO THAT WHEN ROBBER CHANGES SIM THE IIWPO RECOGNIZES THE SIM CHANGE AND LOCK'S THE PDA AND ASKS FOR THE PASS, AND WONT UNLOCK TILL PASS PROVIDED, REBOOT WONT HELP.
Now ofcourse the robber can be anyone, so the robber plans to hard reset and still the device would recognize the sim change and ask for pass now so annoyed he plans to flash the device and what happens after that all of us know.
To prevent this THE GEEKS & GURUS can just build a small security patch that can wont allow flashing of device till pass given, it would work like this, we flash our device for the first time install IIWPO and the NEW SECURITY PATCH (with passwords) device is robbed, robber changes the sim gets pass error he gets pissed and tries to flash the device and that clever software would not flash the device till pass provided, this would prove that all the efforts the robber made to steal the device are gone to waste.
And ofcourse someday someone might put in a sim with credit and we would get the info.
NOT FORGETTING CHARLES WARNER FOR THE GREAT WORK HE'S PUT IN FOR ALL xda-developers.com USERS and also giving the IIWPO to us for free, REALLY APPRECIATE YOUR WORK SIR !! THANKS ALOT.
no one interested in being secured ?
I think the IIWPO idea can definitely be improved, BUT: It will never protect you from being robbed.
The true advantage of IIWPO in its currect form is to be able to get track of the 'new' owner of a nicked device. In the end: someone will put in his/her sim and then its just bing!
All other enhancements will just make sure noone else gets to use the device. Sure an improvement, but less important to me: I just want my device back and get the thief nailed!
Interesting...
But I think you have misunderstood how IIWPO works.
IIWPO does not detect if someone changes the SIM card. It ONLY acts when the someone changes the Owner Information (Start/Settings/Owner Information), so no matter what SIM card there is, as long as it has credit it will send an SMS to the recipient's phone number. That's the beauty of it, that it silently sends the SMS with the 'new' users data so there is a slight chance of knowing who's the 'new' owner.
But! This is by no means fool proof. It's what they call 'protection by obscurity', so if a savvy robber knows how to reflash the device it will get away with it no matter what features we can integrate to IIWPO.
That's one of the cool new features of WM5.0, that we can at least know for sure that our data is SAFE by wiping the info remotely if necessary.
Just a thought.
Rayan
edsub said:
The true advantage of IIWPO in its currect form is to be able to get track of the 'new' owner of a nicked device.I just want my device back and get the thief nailed!
Click to expand...
Click to collapse
Rayan said:
so if a savvy robber knows how to reflash the device it will get away with it no matter what features we can integrate to IIWPO
Click to expand...
Click to collapse
ofcourse this is why we all love IIWPO cause it sends use a msg, and ofcourse even if someone was to modify IIWPO iam sure that this feature would'nt wipe out.god forbid you get robbed u get a msg frm the cell but you for some reason cant track the person or some other c#@p...and the pda is gone....WHY caz it only sends sms it does not block the screen....if you were to have a feature which would jam or freeze the pda on change of the name then the pda would be useless to the robber nothing much he could do....unless he knows how to flash it...now comes a part where we can do something about not flashin the device with out a pass....this would totally make the pda useless to the robber and would also keep sendin us msgs and secondly the robber maybe maybe next time might think twice before robbing a pda and might go for something else
How about a device that would be installed internally to the xda and if it is stolen and a different sim/different user info is entered and the person makes a call it fires a large captive bolt which nails the phone to the head of the user, it then adjusts itself to full volume with all lights flashing and announcing "This is a stolen phone...call an ambulance...or hearse".,
cruisin-thru said:
How about a device that would be installed internally to the xda and if it is stolen and a different sim/different user info is entered and the person makes a call it fires a large captive bolt which nails the phone to the head of the user, it then adjusts itself to full volume with all lights flashing and announcing "This is a stolen phone...call an ambulance...or hearse".,
Click to expand...
Click to collapse
tht would be great..... are u goood enough to build something like tht ?
Rayan said:
But I think you have misunderstood how IIWPO works.
Click to expand...
Click to collapse
I perfectly understands the IIWPO functionality. It was me who put together IIWPO for other devices than Wallaby.
Let me explain how my earlier post should be interpreted: Sure it is triggered by the change of owner info, but most thieves (or buyer from a stolen device) will put in another SIM (simply because they dont have the pin of the stolen sim or because the stolen sim is blocked by the network). Thus: As soon as the 'new' owner puts in a SIM AND he/she has changed the owner info (and every one does that!) the sms is sent.
Also: Eventually a thief might flash a device, but ost certain a thief (or buyer) starts it up to test whether its working or not.
Imho IIWPO can be improved, but practically chances of getting a device back will not significantly improve
edsub said:
Rayan said:
But I think you have misunderstood how IIWPO works.
Click to expand...
Click to collapse
I perfectly understands the IIWPO functionality. It was me who put together IIWPO for other devices than Wallaby.
Let me explain how my earlier post should be interpreted: Sure it is triggered by the change of owner info, but most thieves (or buyer from a stolen device) will put in another SIM (simply because they dont have the pin of the stolen sim or because the stolen sim is blocked by the network). Thus: As soon as the 'new' owner puts in a SIM AND he/she has changed the owner info (and every one does that!) the sms is sent.
Also: Eventually a thief might flash a device, but ost certain a thief (or buyer) starts it up to test whether its working or not.
Imho IIWPO can be improved, but practically chances of getting a device back will not significantly improve
Click to expand...
Click to collapse
Sorry edsub, I should have specified to whom I was refering to (zairyaab) when I wrote that comment.
Best regards,
Rayan
np m8
edsub said:
It was me who put together IIWPO for other devices than Wallaby.
Click to expand...
Click to collapse
Can you explain what should I change in the cab to make it work on other devices (Like ETen M500/Torq P100)?
edsub said:
Imho IIWPO can be improved, but practically chances of getting a device back will not significantly improve.
Click to expand...
Click to collapse
Yeah, but still I would feel somewhat better if I can at least call the thief/buyer and shout some expletives if he/she refuses to cooperate!!! :twisted: :lol:
Best regards,
Rayan
i have my girlfriend's number as my report number.. what if were together and we got robbed both our phones are taken away.. a multiple report number would be a good addition to IIWPO
The changes I'd like to see done to IIWPO include:
a) not using "IIWPO" or 'xda-developer' in the registry (user customisable registry key)
b) user customisable executable file name (IIWPO_startup is like a dead giveaway)
c) not storing owner name & number 'in the clear' (a simple XOR to hide it would be just as effective)
d) a hash of the entire owner info page (not just the last name) so unit will resend an SMS if any info changes
e) a new sms is resent after a preset time (eg: every 24/48/120 hours for example), regardless if owner info has changed or not.
I also like the idea of multiple number reporting.
a,b,c) Considering the concept of IIWPO is 'security by obscurity'; it will help if one could hide it more effectively. (no one is going to bother too much about bluetooth.exe or msn_update.exe in the startup folder for example...)
d) Most people get their name right; then meddle with the other bits of information as time goes on - it'd be good to get 'updated' info as and when it happens.
e) Consider it a 'keep alive' thing, so we'll know the unit is still in use, and can continue to keep in touch with the new owner =) I've no moral issues burning up the credit of someone who refuses to give me back my property either. =P
If nothing else, we'd be able to know when the unit gets reflashed, and can quiety say goodbye to our unit after not hearing from it for a while... =(
Is IIWPO still being maintained by the author, or anyone on xda-developers? If not, is the source available? I might be interested in following up on it (time permitting...)
Edited to add: A really vicious version of the IIWPO would possibly send out:
a) phone numbers stored in the SIM card
b) phone numbers stored in the addres book
c) recently dialed/received phone numbers
d) recently sent/received SMS phone numbers
Not all in one go; but in bits and pieces (eg: every 20 startups; send phone numbers of last 5 SMSs sent/received + last 5 phone calls dialed/received).
That would allow us get in touch with his friends and would possibly aid in getting the unit returned (use your imagination... probably easier to get them tell you who/where he is, rather than to get them convince him to return it...)
Probably this would add too much bloat to IIWPO; but hey, could be useful... =P
WOW, ok.
First of all - I registered 2 this forum less than a week ago,
and great job for doing these kind of things.
second - where can i d/l the prog?
and last another idea: when some1 steals ur pda he's usually gonna sell it over. meaning he made his money.
HOWEVER - if even after a HR after changing sims (maybe even without) there will be a picture message saying:
"You cannot use this phone"
"This phone can only be used by me - *name*"
"However, Im willing to buy this phone back from you. call +......"
there wont be a place on the screen to enter the code.
however - the phones' user knows he can type his password and unlock the phone. you might even integrate a handwriting recognition programm for signature or somthing but that will be super hard, i know.
another option is that when seeing this message user has to touch 4 corners of the screen with the stylus in a specific order, then he'll have a please enter password screen.
any comment?
is it do-able?
http://wiki.xda-developers.com/index.php?pagename=IIWPO
Related
I'm posting this here as well as other GPS enabled device forums.
Here's the main thread:
http://forum.xda-developers.com/showthread.php?p=1543674#post1543674
Here's the gist:
I’ve found a mint piece of software that no Kaiser owner should be without.
It comes with a trial period and u should check it out.
I was looking for some software that would help secure my phone and came across this. http://www.wimp-software.co.uk)
It’s supposedly designed to help you find your phone (yeh right, I aint gonna lose my £500 phone) but me and my mate have had a **** load of fun with it.
It’s pretty cool.
If you read the instructions, you can basically text the phone, but the other person doesn’t get the text message. The software grabs this coded text message and sends you back the gps position of the phone. It also gives you a link to google maps which is great if you’ve got Opera installed on your phone. (Don’t try PIE, it doesn’t work)
I gotta say, I’ve seen a lot of cool software around, but this one is SO cool. I only wish my girlfriend had a Kaiser. I could have so much fun with this.
The only thing I would add to the software though, is to know I was being WIMPED. Maybe a little SMS noise, or the icon changed or something, but I do suppose that it was written for phone theft. I haven’t tried it yet, but it also claims that if you change the SIM card in the phone it’ll SMS you with the number of the new SIM card.
It seems very cool.
I'm gonna give it a try
It Rocks!!!
Isn't this known as AGPS... well... a kind of gps location by bouncing off the signal dishes of your provider... but as far as i know your operator has to support it... alas it does not work on all...
P.S. now we know THEY can track our phones
Mobile Justice
Not tried it myself but there is a piece of open source software called MobileJustice that does the same thing.
Works for me. After about 10mins I got a text back with all the GPS data.
Gonna try the open source one though now!
craftyb said:
Not tried it myself but there is a piece of open source software called MobileJustice that does the same thing.
Click to expand...
Click to collapse
CraftyB,
I'm trying the open source one you said about but can't seem to find anywhere to set things like com port for the GPS. Any ideas?
MJConfig
In your programs file you wil find MJConfig icon there you can enable gps, MsgBox and Loc. Call.....i tried the software but when i changed the simcard, your phone must send a sms message with the new phone number...to your other mobile..(the number you have put in MJConfig)
or else you won't be able to track your phone (gps logging and messaging is activated by sms, without the new number, no tracing) but it didn't work for me changed 2 simcards and the phone i gave up to sms didn't recieve any.....
So it is useless if someone changes the simcard.....and yes i used the international numbers....
I guess you could notice being WIMPed, as the connection LED, which is normally blinking green, changes to blinking yellow, which indicates activated GPS...
esackbauer said:
I guess you could notice being WIMPed, as the connection LED, which is normally blinking green, changes to blinking yellow, which indicates activated GPS...
Click to expand...
Click to collapse
Mine stay blinking green when I've a GPS connection
Anyone found it useful?
HARD RESET and it is useless.
Not true.
Put it in your External ROM and it most definately isn't!!!
They've got automatic launching of Virtual Earth Mobile now too.
Check out their forum at http://www.wimp-software.co.uk
Flash external ROM
alanplum said:
Not true.
Put it in your External ROM and it most definately isn't!!!
Click to expand...
Click to collapse
Flash the external ROM and it is a mute point. Are you their agent?
No I'm not their agent.
For a start, think about this. Someone steals your phone.
Are you saying that they are going to
a: Ooooh, it's a WM phone so the first thing I'll do is hard reset it.
b: That's not good enough so I'll flash their Extended ROM
c: I'll put a cooked ROM on it just to be safe.
I'm supporting an excellent piece of software from a company which is obviously just up and coming. If you don't like it then don't f***in use it.
I'm glad there are people out there thinking about us people that DO happen to be victims. Then you get people like you have nothing to do but scorn them.
I understand your point....
Yes... It is a good idea. However, if you do not have the GPS on, it is useless. And you have to send the SMS message when the GPS is on.
You obviously haven't read the manual.
The WIMP message switches the GPS on, and then switches it off when it's finished.
You should try it before giving it a bad rep!!!!
Hi all,
in my old Nokia N70, I have this software :
http://www.symbian-toys.com/guardian.aspx
"Guardian is the new antitheft system for Symbian Series 60 devices.
Every time you switch on your mobile telephone, Guardian proceeds with authentication of the inserted sim card; if authentication fails, Guardian send a notification sms message to a previously set telephone number.
In addition, the system features remote control functions, i.e. deleting your photographs/phone book/text messages/video/audio data in case of loss or theft of your mobile phone (see Plugins section).
Please NOTE that all the sms sent / received by Guardian will not notified in any way to the user, no icons, no lights, no sounds, no vibro, nothing visibile in inbox/sent/outbox messages folder, and of course, no traces left in logs."
Click to expand...
Click to collapse
But, this it's only for Symbian Series 60 devices..
Somebody know if there is the same for Windows Mobile ?
Thanks you.
Just had a read of the forum.
Looks like the next version gets rid of the icon on the today screen!!
Hooray
Hi,
About two months ago during one of the numerous rom flashings on my SPVM3100 , I came across a strange issue. I called Orange many times and they changed my SIM card twice but finally said they don't understand this and gave it up. My SPVM3100 is over two years old - so they're not gonna replace the device.
Here's the issue:
whenever someone leaves me a voice mail, instead of receiving the normal "voice mail" notification and it's icon in Today screen, I receive a text message! These texts are unreadable (consisting of only 2 signs, like a triangle sign and an @ sign. Or an @ sign with an underline sign _).
Whenever I receive such texts , I know that I have a voice mail ! I dial the voice mail service, listen to the voice message and delete it. But each time my voice mail box becomes empty another annoying text is sent to me - perhaps cofirming that the mail box is now empty (I wish I could read this new sign language )
The phone shows that the texts are coming from the SIM Card !! (so we thought that perhaps the SIM has problems and that's why Orange changed my SIM Card twice).
This is really annoying.
The Orange tech people exhausted their knowledge for the past 2 months but couldn't solve this problem , gave it up altogether , and are now asking me to contact HTC ! (which I'm sure would be useless).
That's why I'm asking this from xda developers and gurus to see if they have any explanation for this bizarre behavior of my device.
Thanks for any insight and sorry to make a thread for this annoying issue.
have you tried flashing with a different rom? i know similar things would happen on motorola phones, and required hex editing of certain files to turn that feature off.
Read this thread
Fallen Spartan said:
Read this thread
Click to expand...
Click to collapse
Thanks man.
xda gurus are truly gifted
Fallen Spartan said:
Read this thread
Click to expand...
Click to collapse
Fallen,
A six-month-old critically annoying problem was solved in 30 seconds
I am sure we all know xda developers and gurus are genius.
As I said in the post, almost all technical guys & gals in Orange did literally exhaust all their knowledge & experience in the past six months to solve this issue but it was obvious that they didn't absolutely have any clue what the cause of the problem was; whereas Olipro had found the cause and the remedy very quickly.
This is really serious because Orange is a huge multi-billion corporation and they claim to have their own top developers/programmers/technicians and yet they shamelessly suck !
Now on to my second question :
On almost all original (HTC and AT&T) ROMs , the HTC Home Plugin shows the network as "Orange". But on some of the cooked ROMs the network is shown as "UMTS Orange". I know the meaning of UMTS and I understand that whether the network is shown as "Orange" or "UMTS Orange" the phone appears to function the same.
I just want to know what happens in some cooked ROMs that the phone recognizes the network of the SIM card as "UMTS Orange" and not the usual "Orange" ? I talked to some Orange technicians, their replies are really rediculous - one of them kept saying: "you must change your mobile settings" ! But she didn't have a clue what she was talking about as she didn't know where those damn "mobile settings" were and how they could be changed! I can swear she had never held an SPVM3100 or a Kaiser in her hand.
I've searched the forum but haven't been able to find a clear answer yet. I am asking this question just to improve my personal knowlege on this issue.
Thank you for your guidance and insight.
hey,
I get the same problem too when installing new Cooked ROMs.
In order to get rid of the 'UMTS' in front of the Operator name you have to edit a registry entry.
Use a registry editor and navigate to: HKLM---> Software---->OEM---->Phone Setting
In there find an entry labelled 'Enable3GLongName' And change it from 1 to 0.
Restart you're device and it should just say 'Orange'
Hope that works
Nesh
neshyd said:
hey,
I get the same problem too when installing new Cooked ROMs.
In order to get rid of the 'UMTS' in front of the Operator name you have to edit a registry entry.
Use a registry editor and navigate to: HKLM---> Software---->OEM---->Phone Setting
In there find an entry labelled 'Enable3GLongName' And change it from 1 to 0.
Restart you're device and it should just say 'Orange'
Hope that works
Nesh
Click to expand...
Click to collapse
Thanks bro. Yesterday, before reading your reply I reflashed my device and
this nwe Binky11's V3.8 ROM got it right. So for now, I don't need to do the registery; however, I made a note of your advice for future reference.
I should keep reading to see what happens in most cooked WM6.1 ROMs that they get the network name as such and why the original ROMs get it right.
Thank you very much for your reply.
Guys/Girls since we are equipped with an expensive piece of phone i guess this software is very useful! After all its Totally FREE!
Check it out! it is released by a guy called "Joubert Vasconcelos"
on XDA he is known as 'joubertvasc'!
I guess we all should have this on our HDs i have on mine already totally awesome and working!
this is where you can download the app.
http://remotetracker.sourceforge.net/
this is where you find support
http://forum.xda-developers.com/showthread.php?t=394203
A word from the Original Site:
"This is an Antitheft software and you can use it to track your Windows Mobile device when it was lost or stolen.
It works catching a formated SMS sent from any phone, MSN, AIM or web sites and then send useful informations back. These informations can have GPS coordinates, list os contacts, owner informations and more.
You can use it to others objectives, like keep your eyes in your child. Use your imagination!
To use all features RemoteTracker has, your device must have GPS and GSM capabilities. If your device does not have a built in GPS receiver, you can get the position based on the Cell Tower it is answering. Please visit OpenCellClient project for more details.
If the thief change your SIM card, you will receive a SMS alerting you and you still can track your device. All you need to do is set an emergency cel number."
Enjoy!
i've been using this app.. really great stuff
UPS this is COOOL !!
I am always hanging around with an expensive piece of hardware, you´re damn right !!!
This will help to make me feel more comfortable with my SEX1
THANKS !!!
you are welcome!
Does anyone know how to cook this into the touch HD ROM?? as this will prevent anyone doing hard resets
dagg3r said:
Does anyone know how to cook this into the touch HD ROM?? as this will prevent anyone doing hard resets
Click to expand...
Click to collapse
When I read this post, I thought the same, this should be cooked in all roms.
javielo1974 said:
When I read this post, I thought the same, this should be cooked in all roms.
Click to expand...
Click to collapse
Yeah they should actually. the guy who made this app is even giving out code to have it cooked in Roms.
My only question is even if they do cook this into roms, after a hard reset by the guy who steals the phone how will the settings be loaded again to the program? (such as the Number to SmS) hmm.. if they have a workaround on this too it will be so great!
for true tracking & protection and to be "cookable" it needs to be stupid on the device. By that I mean all it knows how to do is call home and report the phone IMEI & Location info. For example:
On hard reset it is set to run as a service in the background.
On New SIM Detection it calls home and report phone number & IMEI.
Server side has info for registered owener of the IMEI. Forwards the message to your e-mail.
If the phone was taken you can send SMS to the number to enable "active tracking" which sends location reports to home on a regular interval. All message sent home are forwarded to registered owner.
If a developer did this they might even be able to make a deal with providers so that the Call Home function is directly to the carriers and it gets built into the Stock Roms.
I use Sprite Terminator. Has the option to remove all your important data.
Usefull thread. but only missing small how to cook this into the touch diam/pro or HD ROM. The main problem is how to make that shortcut fo SMS
kyphur said:
If a developer did this they might even be able to make a deal with providers so that the Call Home function is directly to the carriers and it gets built into the Stock Roms.
Click to expand...
Click to collapse
if your phone get stolen, you'll going to buy a new one. No deal for them
hi guys,
am new to this forum and i just got the HTC touch HD for about 2wks great fone installed a lot of stuff but am trying to develop a program that i can track my phone on a web browser. can anyone help me on how to communicate with my phone and get the gps cordinates.
not sure about this, sorry if i get it wrong but maybe you can have a look at this:
http://forum.xda-developers.com/showthread.php?t=482249
what am actually look for is like sending may be an sms to my phone and getting the gps coordinates really need help pls.
maybe this one?
http://smartphonetracker.blogspot.com/
Sprite are currently doing a special HTC package which includes backup plus a secuirty application which can track your phone using the GPS
SPRITE HTC Special Offer
Just to mention that as far as I know any solution includes comunicating with the SIM card. If you want to track your phone in case it gets stolen, well... forget it. I don't believe any thief will be stupid enough to leave the SIM card in the phone and/or the phone turned on. If you want it for another scenario - MAYBE it will work.
you can buy theese lil tracker things they tiny lil sticker things which u can put on cars/phones etc. They can be tracked and reported to the police.
just want to find a way to communicated with the phone it for a project.
Wondering if my phone got hacked. I am running infamous rom on tmobile. Tonight my friend received my text messages from another number, and when my friend questioned who he was, he either didnt seem surprised or he was just playing along. If my phone did get hacked, do you guys have any advice like a system format, a setting I can change, or should I call tmobile directly?
Thank in advance
mikatachan said:
Wondering if my phone got hacked. I am running infamous rom on tmobile. Tonight my friend received my text messages from another number, and when my friend questioned who he was, he either didnt seem surprised or he was just playing along. If my phone did get hacked, do you guys have any advice like a system format, a setting I can change, or should I call tmobile directly?
Thank in advance
Click to expand...
Click to collapse
I'd call T-Mo directly and advise them of the situation. You might ask your buddy if he would participate and allow his carrier to use information to find what phone did the spoofing, and they can track the user via the IMEI number that is recorded when transmission is initiated. You MIGHT be required to have a police report to get the tracking done, so you ought to consider making the report to your local PD.
Be SURE your buddy isn't jerking your chain before you do anything, and I'd probably want to SEE the TM before any action on your part.
Aloha and Good Luck!
Bobolinko's advice is correct and the best course of action.
But to answer your specific question about the phoen being hacked...No, wiping it won't help. Neither will installing a different ROM or anything else.
If what your buddy is saying is actually happening, it's most likely not that someone have hacked into your phone and is remotely sending messages from your phone. It's far more likely that someone intercepted your cell signal, hacked the IMEI number (as stated above) and applied your IMEI number to another device, thus cloning your phone.
That message to your buddy came from another device entirely and never went through your phone at all. The problem is that this is very hard to fix. You can't have T Mobile jus tblock your IMEI number because then your phone won't work either. T Mobile can't distinguish between your phone and the cloned fake phone because both are broadcasting the same IMEI number, which is the identifier T Mobile uses to use your phone.
Have you left the United States recently and used your phone in another county? This whole scenario is vey common in Russia and other Eastern European countries. People got there on a vaction, use their phone, and immediately the phone's IMEI is captured and stolen. If you had mobile data turned on or used wifi, the user data on the phone is also likely compromised. Meaning all passwords, etc.
If you haven't left the US, it's much less likely, but still possible this is what happened.
Someone could have also physically looked at your phone, wrote down the IMEI number under the battery, and cloned it that way just to screw with you. No intercepted radio signals or anything. Just good old fashioned "copying the key". In that scenario it's almost certainly someone you know (unless you are in the habit of leaving your phone completely unattended around strangers).