Oppo f1s Spyware discovered | THROW YOUR PHONE | 2021—2022+ | Android 6.0 - Oppo F1s Guides, News, & Discussion

If you still use oppo f1s in 2021 or 2022+ go throw it away RIGHT NOW . your phone is fully spying on you and somebody inside or outside of oppo is fully viewing your actions andde things u perform on your device here is why
First after using the phone for 4 years i found out that it has a spyware built into the system that allow a person to fully see every action you perform on the android os
My oppo phone had android 6 with no malware or ADB enabled . And what happened to me is so crazy
One day i booted into my computer with a usb stick that had manjaro linux . So i booted into live persistence mode then i connected my computer to my wifi then when i turned my oppo f1s phone
and after the phone connected to the same wifi as my computer
Somebody hacked the linux os and started writing words on my screen then targeted a company from the USA by writing its name on a wifi login interface
So the person who control the spyware tried to say that the name of the company he wrote is responsible on the hack while it is actually not
The good thing is that i took a picture ofof the words this person wrote on my screen as you can see on the attachements
so after i wiped the data of my phone . Somebody played the google ring sound on the phone when the phone had no google accounts connected on it .
On that time i realised that the phone had a built in spyware used by oppo in order to monitor user activites and it has full access to the system and camera and microphone and your process list does not display it and u can not toggle its permissions or even detect it or remove it .
Just get another phone because the oppo f1s is not safe at all as i saw somebody gained access to my computer through the phone itself
While the phone had no running services at the start except of google services and messenger and facebook . And for messenger and facebook they were installed from the playstore
And the phone had no malware detections at all .
it has something unormal built into it
So if you still own a oppo f1s you better throw it away and switch away to another phone
This is not the complet story of the phone still more

Malware on Chinese phones?
X-helper may be present...
Reflash with a clean rom.

So why do you think hacker attacks are related to mobile phones?

mlgmxyysd said:
So why do you think hacker attacks are related to mobile phones?
Click to expand...
Click to collapse
Some of these phones were preloaded with malware apparently.

blackhawk said:
Some of these phones were preloaded with malware apparently.
Click to expand...
Click to collapse
it's impossible

mlgmxyysd said:
it's impossible
Click to expand...
Click to collapse
Stop that you...

The fact is that the only running processes on the phone were system processes , messenger , facebook , and google services .
So after i wiped the data and after all installed apps were removed i did not enter my google account on the phone so the ring audio appeared and happened when the phone had no google accounts connected and no installed applications at all . Means that somebody played the google ring sound on the oppo phone after i wiped the data
So how somebody can ring your phone when your phone has nothing on it . And has no google accounts connected to it . So the spyware take part of the system
and for changing the rom or getting Twrp on it is a very hard mission . even when i tried flashing it with a pc and following most tutorials it, failed .
So oppo actually did something unormal with this phone . Also its a phone that was released on august 2016 so imagine what may happened with phone made on 2022 and 2021

This is quite serious accusation.
How did your Manjaro Linux get hacked while your phone was connected to the same wifi? I find it very strange to see Linux operating system can be easily hacked. From your screenshot, it even showed the X Windows hacked similar to remote desktop.

x3r0.13urn said:
This is quite serious accusation.
How did your Manjaro Linux get hacked while your phone was connected to the same wifi? I find it very strange to see Linux operating system can be easily hacked. From your screenshot, it even showed the X Windows hacked similar to remote desktop.
Click to expand...
Click to collapse
Yeah I was surprised too. I was running it on live persistence mode directly from the usb . So it was not installed on the hard drive also it had the default kernel and the default installation environment
So I did not install it and
I ran a command to install an application then the person who gained access to the linux os Canceled the installation and wrote ";6OR" then pasted "The Global broadband Speed test " on a wifi login interface .
He actually tried to target ookla speedtest company while ookla is fully out of the situation .
Even the ookla speedtest app that I had was installed from the playstore and was not running on the background and had no permissions at all
Just the person saw me running ookla on my oppo device did something smart and wrote it on my computer's screen after 4 years of spying as a way to hide or to cover what he did
Thats kinda weird
So malware also allow the attacker to gain remote access to other connected devices while having full access on the device . And the applications manager does not display it or even allow the user to modify its permission .
So the user will notice nothing at all

x3r0.13urn said:
This is quite serious accusation.
How did your Manjaro Linux get hacked while your phone was connected to the same wifi? I find it very strange to see Linux operating system can be easily hacked. From your screenshot, it even showed the X Windows hacked similar to remote desktop.
Click to expand...
Click to collapse
Android is a modified Linux platform. I feel safer running Windows on the PC to backup an Android. As a further safeguard the PC can't be connected to wifi or the internet.
A Android to PC infection could get very ugly if it was able breach the backup data drives. It's one of the reasons I have many backup data hdds that are time staggered up to years apart and physically isolated from each other and the PC.
XDA gets delusional people here weekly that think they been hacked. Sadly it's their own brain that's been hacked by biology or skewed thinking.
That doesn't mean that real infections and hacking don't happen. Documenting them is tedious and the last thing I care about doing when faced with an active infection or tainted file. My only concern is damage control and repairing the damage already done.
I really don't care if someone doesn't believe me when I tell them about a malware jpeg that damaged files in my download folder. I found that jpeg, successfully deleted it and repaired the damage... that's all that matters to me. That's the worst I've seen in 2 years running on Pie. Took about an hour to clean up, whatever.
I downloaded that jpeg, my bad. Fortunately I discovered it in the download folder by opening it there and seeing the changes made in that folder immediately afterwards. That's the second tainted jpeg I've encountered in over a decade.
If it had been a preloaded infected apk (or one I inadvertently installed) with full Administrator privileges the outcome would have been much worse.
This OP may actually have software issue not a soft tissue issue... just saying

blackhawk said:
"XDA gets delusional people here weekly that think they been hacked. Sadly it's their own brain that's been hacked by biology or skewed thinking. "
Click to expand...
Click to collapse

I was shocked by the title so I clicked in.....
Ummm,
Isn't all the firmware packages are downloadable? Where is the malware file located in the firmware exactly? Where is the related payload file?
Isn't it necessary to provide the malware file from the firmware to point out the malware was made by the vendor? How can you be so sure you're not hacked by somewhere else?
This story looks really like this: I think he or she is having an affair with one's wife or husband. Where's the proof? Sorry, I don't have proof, I simply think it happened.
Well, looks like no problem at all...

evilhawk00 said:
I was shocked by the title so I clicked in.....
Ummm,
Isn't all the firmware packages are downloadable? Where is the malware file located in the firmware exactly? Where is the related payload file?
Isn't it necessary to provide the malware file from the firmware to point out the malware was made by the vendor? How can you be so sure you're not hacked by somewhere else?
This story looks really like this: I think he or she is having an affair with one's wife or husband. Where's the proof? Sorry, I don't have proof, I simply think it happened.
Well, looks like no problem at all...
Click to expand...
Click to collapse
if I can find a way to get TWRP flashed on the phone I ll be able to take a backup ZIP file and send it here
so anyone here will be able to even try the infected OS on a test phone
by flashing the backup zip file on the "restore" feature of TWRP
And this is not the complet story ,
because when I got that phone for the first time on 2017 and when I was a kid , I was recording the sea on a boat then a girl came up and told me to take a look on her phone , then she showed me that the same video I was recording is present on a adult website and because of my age that time I did not understand what she wanted to say and that the video was getting streamed from my oppo f1s phone's camera and until this day I did not find myself even on the that website , and from 2017 until 2021 I keept using the phone which was the biggest mistake ever of my life until I realized that it was it was not only infecting my devices , it was also streaming me without my permission to an adult website while nothing on the phone is having camera permission
And the process used or I can confirm as the tool used by oppo is the "Android OS" itself because it has already full permissions and access on the phone that the user can not even toggle
Also I did never use the phone on a wifi having somebody connected with a Pc with such tools so I can confirm that it nobody has the ability to try hacking it ,
and for that story upside still more.... more..... like one time I went into a livestream video on youtube then the person that I started watching said
"Omg he is watching this video" and "Dude your ISP is spying on you and your whole country wont tell you and yeah they are streaming on P###hub and everyone think that they are making fun of you while they are actually not they are actually spying on you"
then the guy next to this streamer told him "Dude its not ISP basically nobody know why"
And there is another youtuber who showed the same reaction on one of his livestream videos
but the problem is that when I keept searching for the stream , they were deleted , I spent like months searching dor myself on the internet and I found nothing

A process called "Android OS" the one that the process bar display as system app ,

CESTRayCRYSTAL said:
if I can find a way to get TWRP flashed on the phone I ll be able to take a backup ZIP file and send it here
so anyone here will be able to even try the infected OS on a test phone
by flashing the backup zip file on the "restore" feature of TWRP
And this is not the complet story ,
because when I got that phone for the first time on 2017 and when I was a kid , I was recording the sea on a boat then a girl came up and told me to take a look on her phone , then she showed me that the same video I was recording is present on a adult website and because of my age that time I did not understand what she wanted to say and that the video was getting streamed from my oppo f1s phone's camera and until this day I did not find myself even on the that website , and from 2017 until 2021 I keept using the phone which was the biggest mistake ever of my life until I realized that it was it was not only infecting my devices , it was also streaming me without my permission to an adult website while nothing on the phone is having camera permission
And the process used or I can confirm as the tool used by oppo is the "Android OS" itself because it has already full permissions and access on the phone that the user can not even toggle
Also I did never use the phone on a wifi having somebody connected with a Pc with such tools so I can confirm that it nobody has the ability to try hacking it ,
and for that story upside still more.... more..... like one time I went into a livestream video on youtube then the person that I started watching said
"Omg he is watching this video" and "Dude your ISP is spying on you and your whole country wont tell you and yeah they are streaming on P###hub and everyone think that they are making fun of you while they are actually not they are actually spying on you"
then the guy next to this streamer told him "Dude its not ISP basically nobody know why"
And there is another youtuber who showed the same reaction on one of his livestream videos
but the problem is that when I keept searching for the stream , they were deleted , I spent like months searching dor myself on the internet and I found nothing
Click to expand...
Click to collapse
This is nonsense. You don't need TWRP to get the infected file. If it is made by vendor just like you said, simply download the official firmware from oppo and point out which file it is. Then analysis the file with rever engineering, this is how you can proof it is made by oppo
Anything grabbed from your phone can't proof anything. Anyone can insert malware into your phone. Even a local reseller can do that. The bootloader is not locked, even an APK that uses exploit to get root access can replace the system file of your phone. Your system might have been modified by some malicious APKs.
For example, if you use KingRoot, they insert su.kud file into your /system partition. Any malware that has the ability to root the phone can do that. Since the firmware is outdated without getting any security patch, any malware with ability to root the phone can insert dirty things into your phone. I think this may be the case on your phone.

CESTRayCRYSTAL said:
Somebody hacked the linux os and started writing words on my screen then targeted a company from the USA by writing its name on a wifi login interface
So the person who control the spyware tried to say that the name of the company he wrote is responsible on the hack while it is actually not
Click to expand...
Click to collapse
Why would a hacker do that? It's silly. A hacker would use your wifi connection without advertising its presence like that.
CESTRayCRYSTAL said:
The good thing is that i took a picture ofof the words this person wrote on my screen as you can see on the attachements
Click to expand...
Click to collapse
Yes I saw that attachment but you know it doesn't prove anything.
Look :
"Oh no! XDA is infected! I was trying to enter my password when the spy started to write this words before me. Please, delete all your accounts!"
(Disclaimer: it's a joke, don't take it seriously).
CESTRayCRYSTAL said:
I was recording the sea on a boat then a girl came up and told me to take a look on her phone , then she showed me that the same video I was recording is present on a adult website and because
Click to expand...
Click to collapse
Mm, yeah ok. It totally happened.
Seems legit.
Guys, let's help him to clean up his infected Oppo!
I suggest we put on our red dresses and dance in circle singing the "Consummatum est. Diabolo fuge. Diabolo fuge!" incantation.

I know its kinda weird but... the last time I used it on I picked it up after booting it and I tried to talk next to it as if there is something that start running on the phone directly after turning it ON and that start streaming..
After I booted it I started explaining the situation and saying "bla bla bla the phone is hacked and the person who may be streaming the audio etc is a criminal bla bla this phone has nothing installed on it etc nothing is running on the background except of google services and some system apps bla bla if you can get him arrested etc.."
And after I finished speaking I went into the factory reset and I wiped all the data of the phone
and when it booted up again I wiped the data again ...
And after this when the phone booted up I did not enter my google account into the phone , so the phone had completly no google accounts connected to it
and here is the craziest thing that blew my mind
right after booting it , somebody played the "Google ring sound" on the phone while having no google accounts connected to it
That google ring sound is the one that anyone can play after getting into a google account and clicking on the "RING THE PHONE" option on
like there is no way for somebody to do such thing while no google accounts are connected to phone
so I was extremely shocked like how this can happend , I did not enter any google account to the phone...
I tried even to check my google account using another device and it was not connected to any device ,
So somehow that malware allow its owner to play such audio on the victim device...
like this is something that I found no explanation for
And As I remember this is the last thing that happened before I gave up using that oppo phone ,
I know im not writing this to get a wizard up to fix the phone or something , just trying to say that oppo phones in general are not that much private or safe at all after I experienced all this
also im not a professional or somebody familiar with malware reverse engineering , im just seeing the malware impact by its behaviour as any normal user ,
also I dont have that magical test environment to crop each part of the firmware and look into it , im still even scared from getting it connected to any wifi , like if it is going to explode
But the fact that 5 years from my life were getting streamed to an adult website by that malware .. hurt so much... , not only this but watching a livestream using the infected phone and hearing the streamers screaming loudly and showing that reaction
then finding out that many faces from people in real life start changing and hearing unexpected reactions as if they know something and they wont tell you about is something that is hard to understand
like yeah as u said , why would someone spend his life or do that or even use a malware in order to ruin somebody's life by streaming him into an adult website and doing all the possible to dont let him know about it ,
And ending up getting bullied in real life by unknown persons in a daily way for something u dont know and just hearing a few words from them that explain a small part of the whole story
anyway thanks just tried to share my experience

CESTRayCRYSTAL said:
And after I finished speaking I went into the factory reset and I wiped all the data of the phone
and when it booted up again I wiped the data again ...
And after this when the phone booted up I did not enter my google account into the phone , so the phone had completly no google accounts connected to it
and here is the craziest thing that blew my mind
right after booting it , somebody played the "Google ring sound" on the phone while having no google accounts connected to it
Click to expand...
Click to collapse
Factory reset is not enough to remove malware inserted into your firmware via root. Factory reset doesn't reset to factory state in your case because factory reset doesn't really rewrite /system partition, it just deletes /data partition. So any modification in /system partition still remains. If you run SafetyNet check on your device you will find out it fails to pass SafetyNet. How to find out? You can use YASNAC to check it. If your phone fails to pass Safetynet, that means your device doesn't have the same software as the stock one. And that means you need to use another method to reset your device.
You need to reinstall stock firmware with recovery or use DownloadTool to reset your device.
Seeing how you fix your phone, I think you really lack basic knowledge of Android or even cyber security. I suggest you remove this ridiculous thread because your accusation is actually based on nothing, but only with personal experience which was actually caused by misconception due to the lack of basic Android knowledge.

evilhawk00 said:
Factory reset is not enough to remove malware inserted into your firmware via root. Factory reset doesn't reset to factory state in your case because factory reset doesn't really rewrite /system partition, it just deletes /data partition. So any modification in /system partition still remains. If you run SafetyNet check on your device you will find out it fails to pass SafetyNet. How to find out? You can use YASNAC to check it. If your phone fails to pass Safetynet, that means your device doesn't have the same software as the stock one. And that means you need to use another method to reset your device.
You need to reinstall stock firmware with recovery or use DownloadTool to reset your device.
Seeing how you fix your phone, I think you really lack basic knowledge of Android or even cyber security. I suggest you remove this ridiculous thread because your accusation is actually based on nothing, but only with personal experience which was actually caused by misconception due to the lack of basic Android knowledge.
Click to expand...
Click to collapse
I know that a factory reset or even doing it billion of times can not solve the problem
I was just explaining that the whole thing going on here is not caused by user interaction , it means that I did not M I s t a k e l y end up here by doing a mistake like getting something to run on the os and giving it wide access on the device
And this is not the way I fix any phone , im not like the smart guy who says "hey go format your device and everything will be fine"
I know it will change nothing on this case

evilhawk00 said:
SafetyNet check on your device you will find out it fails to pass SafetyNet. How to find out? You can use YASNAC to check it. If your phone fails to pass Safetynet, that means your device doesn't have the same software as the stock one. And that means you need to use another method to reset your device
Click to expand...
Click to collapse
it passes safetynet, and all these problems keep going on , the problen is not caused by an app that had root access on the device
its caused by the stock firmware itself

Related

Android Spy Software Concerns

After surfing the web a bit, I came across a few notorious Android Spy Software applications that could run in your background without you knowing. It is not visible and cannot be detected. I have read that that the only way to eliminate and uninstall the program is through a re-installation of the operating system. With that said, I have been suspicious of my brother for installing this on my HTC EVO. I let him toy with my phone while I showered without thinking of the repercussions for 5-7 minutes.
As bad as it sounds, he is the type that likes to be in control of electronics so that if things get a turn for the worst in our brotherly relationship, he can rely on electronic controls to do any type of damage (banking information, passwords, etc.).
I just spoke with a worker at a Sprint repair store right before they closed for the day and I'm wondering if Sprint can do an OS re-install. Also, is the OS re-install safe to do (does it truly keep the phone factory and completely in-tact)? Is it common?
Tell me if I need to clarify more.
just do a factory reset, it wipes everything.
That was my initial route to deal with this issue (Settings > Privacy > Factory data reset), unless there was another way to actually hard reset the phone. I'd be glad to know if there was.
The thing about Android Spy Software is that it is untraceable and uninstallable unless the OS is re-installed. Soft resetting the phone will not resolve the issue.
Any other ideas? And, is there a way to hard reset the phone?
Brandizle said:
That was my initial route to deal with this issue (Settings > Privacy > Factory data reset), unless there was another way to actually hard reset the phone. I'd be glad to know if there was.
The thing about Android Spy Software is that it is untraceable and uninstallable unless the OS is re-installed. Soft resetting the phone will not resolve the issue.
Any other ideas? And, is there a way to hard reset the phone?
Click to expand...
Click to collapse
unless you rooted your phone and the software is embeding it's self in part of the nand(unlikely and not possible without root(i think)), nothing will survive a factory reset. If you really want to wipe it then just root and install a custom rom, then lock your phone lol. Also, no offence, but your brother sounds like a real a$$hat.
Brandizle said:
That was my initial route to deal with this issue (Settings > Privacy > Factory data reset), unless there was another way to actually hard reset the phone. I'd be glad to know if there was.
The thing about Android Spy Software is that it is untraceable and uninstallable unless the OS is re-installed. Soft resetting the phone will not resolve the issue.
Any other ideas? And, is there a way to hard reset the phone?
Click to expand...
Click to collapse
That is the way to hard reset the phone. The only thing I think it doesn't wipe is the SD card, so I would wipe that, then the phone, you know how to format the sd card with windows?
There's no rooting of my phone. I came across the article: "How To Detect Android Spyware | 5 Ways To Detect Android Spyware" a few hours ago and it stated near the end,
"So what can you do if you think you have Android spy software on your phone? The only way to remove the software is to reinstall the operating system. This can be done at the place of purchase. Just take it in and tell them that you think someone has installed Android spyware on your phone, so you would like to reinstall the OS.
One thing I'd like to point out is that the above list represents only the most common signs that someone might have installed Android spyware on your phone. The problem is that you cannot be 100% sure either way, because everyone uses their cell phone differently. The only way to know 100% that your cell phone is free of Android spy software, is to make sure that you keep it close to you at all times, use a phone lock that requires a PIN number, and closely monitor your cell phone for any unusual behavior."
I'm not sure if I can post links, but if you google the article title I stated, you can find it. I wanted some advanced inputs from android developers' points of view.
BAleR said:
That is the way to hard reset the phone. The only thing I think it doesn't wipe is the SD card, so I would wipe that, then the phone, you know how to format the sd card with windows?
Click to expand...
Click to collapse
I'd be happy to know.
I know indeed know how to wipe my SD card using Windows. Correct me if I'm wrong: Start > My Computer > *right-click SD card* > Format..
What's the instructions to hard resetting the android device, if you don't mind me asking?
Brandizle said:
There's no rooting of my phone. I came across the article: "How To Detect Android Spyware | 5 Ways To Detect Android Spyware" a few hours ago and it stated near the end,
"So what can you do if you think you have Android spy software on your phone? The only way to remove the software is to reinstall the operating system. This can be done at the place of purchase. Just take it in and tell them that you think someone has installed Android spyware on your phone, so you would like to reinstall the OS.
One thing I'd like to point out is that the above list represents only the most common signs that someone might have installed Android spyware on your phone. The problem is that you cannot be 100% sure either way, because everyone uses their cell phone differently. The only way to know 100% that your cell phone is free of Android spy software, is to make sure that you keep it close to you at all times, use a phone lock that requires a PIN number, and closely monitor your cell phone for any unusual behavior."
I'm not sure if I can post links, but if you google the article title I stated, you can find it. I wanted some advanced inputs from android developers' points of view.
Click to expand...
Click to collapse
Not gonna lie you sound SUPER paranoid but like everyone else stated if you do a factory wipe it will get rid of anything or if you are THAT worried download a RUU its the same thing sprint would do while laughing at your paranoid ass in the back room
donniegood said:
Not gonna lie you sound SUPER paranoid but like everyone else stated if you do a factory wipe it will get rid of anything or if you are THAT worried download a RUU its the same thing sprint would do while laughing at your paranoid ass in the back room
Click to expand...
Click to collapse
Eh...it happens.
donniegood said:
Not gonna lie you sound SUPER paranoid
Click to expand...
Click to collapse
+1
A little more history would be useful here
Duplicate post.
acrh2 said:
+1
A little more history would be useful here
Click to expand...
Click to collapse
It all started back when we were children emerging into teens. My brother started with Neopets and slowly began scamming kids of their neopoints through false logins and other obvious ploys to trick children. As we entered high school, he and his friend began getting intrigued with developing viruses and spyware as a game to trick one another into falling into each others' traps and obtain each other's data. Me and my brother were on bad terms several times before due to his state-of-mind that being a bigger brother means being able to have full control of the younger siblings' lives, including me and my sister. He began restricting access to general surfing, such as Digg, Reddit, and social networking sites in general. Then, my brother began loosening up and allowing for it, but told us that he would keep keylogs going through router control and had access to login informations as well as chat histories with local friends.
Perhaps, I am being paranoid. I don't know.
Brandizle said:
There's no rooting of my phone. I came across the article: "How To Detect Android Spyware | 5 Ways To Detect Android Spyware" a few hours ago and it stated near the end,
"So what can you do if you think you have Android spy software on your phone? The only way to remove the software is to reinstall the operating system. This can be done at the place of purchase. Just take it in and tell them that you think someone has installed Android spyware on your phone, so you would like to reinstall the OS.
One thing I'd like to point out is that the above list represents only the most common signs that someone might have installed Android spyware on your phone. The problem is that you cannot be 100% sure either way, because everyone uses their cell phone differently. The only way to know 100% that your cell phone is free of Android spy software, is to make sure that you keep it close to you at all times, use a phone lock that requires a PIN number, and closely monitor your cell phone for any unusual behavior."
I'm not sure if I can post links, but if you google the article title I stated, you can find it. I wanted some advanced inputs from android developers' points of view.
Click to expand...
Click to collapse
I looked at that site you're talking about
http://www.androidspysoftware.com/
The site is an attempt to scare you and sell you their Mobile Spy software, sounds like it worked.
That's pretty intense lol.
I would whack my brother over the head with a crowbar if he ****ed with my privacy.
My theoretical brother, that is
You haven't a thing to worry about.. Just make sure "Install from unknown sources" isn't checked and I highly doubt you'll ever have a problem..
topdnbass said:
That's pretty intense lol.
I would whack my brother over the head with a crowbar if he ****ed with my privacy.
My theoretical brother, that is
You haven't a thing to worry about.. Just make sure "Install from unknown sources" isn't checked and I highly doubt you'll ever have a problem..
Click to expand...
Click to collapse
Thanks for empathizing.
After I realized of any theoretical repercussions of allowing him access to my phone for a few minutes while I was in the shower, I immediately went and did a factory data reset, which I believe to be a hard reset.
I also made sure the "Install from unknown sources" was always unchecked.
Me and my brother previously had bad blood. His intentions of being controlling have put his past girlfriends in a bad state of mind. Recently, he has made one of his past girlfriends (at the moment, he was dating her), re-surface her history of self-mutilation. He made her move from Iowa (I think) to live closer to him near our university. She was too late to enroll and after a few months of being with him, she got scared of his controlling attitude and uncontrollable fits of rage and outlashes. She later on during the relationship hid under beds instead of sleeping on them and kept cutting her arm and fingers. Her mother was so outraged that she made a plane ride from Iowa to Kansas just to take her back and my brother hid himself the day she arrived. He was scared of her mother and what would happen if she got her fingers on him.
ausch30 said:
I looked at that site you're talking about
http://www.androidspysoftware.com/
The site is an attempt to scare you and sell you their Mobile Spy software, sounds like it worked.
Click to expand...
Click to collapse
The site was for spyware (Android Spy Software), not against spyware. They're trying to sell it in order to install the application and spy on others without their knowing. My concern is to remove it, so there's no incentive for me to buy their product as it would not benefit my case.
girl knows how to write, felt like i was watching a lifetime movie.. uhh, not that ive ever seen one since im a pretty hardcore dude
Indeed...half expecting something needing moderated shortly. Good thing the EVO can second as a mirror to see who is sneaking up behind you.
toenail78 said:
girl knows how to write, felt like i was watching a lifetime movie.. uhh, not that ive ever seen one since im a pretty hardcore dude
Click to expand...
Click to collapse
I'm a guy, fyi. I'll take that as a compliment, I guess?
it can be in other partitions other than data
i have spyware on my phone AND computer from my ex and of course my phone was rooted so she got it in there DEEEEP in my /dev folder and it is EVERYWHERE. im pretty screwed. time for new phone and computer.. she also managed to get a key logger on my touchscreen phone.. weird huh

Strange "RootPA" app on my HTC 10. Is it a potential security issue?

Im using a HTC 10 (EU variant). Today i was scrolling through "Netguard" (if you dont know it, its an app to prevent other apps from internet access), since i configured it to show system apps it displays way more apps than the normal app overview in the settings. In there i found an app called "RootPA" and one called "root", which seems strange since i didnt unlock the bootloader or root on my own. The details in the RootPA entry say "com.gd.mobicore.pa", no idea if thats helpfull to determine the origin of this mysterious app.
Can you help me with this?
Did you Google it?
I did, but the results were not realy usefull. I found someone with a modded Galaxy S3 who deleted a RootPA on accident and broke stuff, but that ssems unrelated. Are there any things i could do to find out more about the app installed on my phone without root?
I cant say its something I've ever seen. If this person in the past removed it, and it broke stuff, that would suggest that it may have been a system app and he was rooted. From what I managed to find on google, it is part of a security suite (mobicore) used by networks to monitor what the state of the phone is, presumably incase something happens, and it was the user fault, and they know for a fact because they have logs of what the phone has done.
[ACCESS_NETWORK_STATE] Allows applications to access information about networks
[INTERNET] Allows applications to open network sockets. (i.e send information)
[READ_EXTERNAL_STORAGE] Allows an application to read from external storage.
[READ_PHONE_STATE] Allows read only access to phone state.
A friend of mine got his HTC 10 2 days ago, ill ask him to look for this app. Its unlikely we would have the same virus/whatever installed.
Edit: He just reseted his 10 (due to missing language options, but thats another topic), but still found "root" and "rootPA" on his phone, so its preinstalled (although i still dont understand whats its purpose).
RootPA is provides service for provisioning secure applications that run on ARM trustzone and t-base OS (formerly mobicore). It is preinstalled in some vendors Android devices (search for this string on the internet: htc-devices-to-incorporate-trustonic-t-base-tee), but mostly unused as far as I know. The source code of some versions is available on the Internet (e.g. on github /Faryaab/android_hardware_samsung_slsi_exynos5410/tree/master/mobicore/rootpa).
It has nothing to to with rooting or unrooting the device.
PA route is very dangerous I had some I have somebody who has hacked into my phone through this particular program so to speak I have a lot of issues right now with my phone trying to get them off of my phone and this seems to be the root cause or the start of it have anybody knows how I can clear my phone and my Ram from the Vicious hacker I appreciate it I'm tired of being watched and recorded everything I do
Illfidusoon12 said:
PA route is very dangerous I had some I have somebody who has hacked into my phone through this particular program so to speak I have a lot of issues right now with my phone trying to get them off of my phone and this seems to be the root cause or the start of it have anybody knows how I can clear my phone and my Ram from the Vicious hacker I appreciate it I'm tired of being watched and recorded everything I do
Click to expand...
Click to collapse
PA route..... .rootPA ......2 different things. Hacked ? Unlikely, I think some OCD is kicking in. Want to be clean? RUU the device and do not restore anything

S4 Mini behaves strangely

I apologize for my English, I'm Brazilian, and they told me to go to XDA to solve my problem.
In this case, I'm using Google Translate.
Hello, I have an S4 Mini, which is behaving in a very strange way and I already tried to make the two solutions that I found, that would be to put the Stock Rom, and the Hard Reset but that did not solve.
The symptoms I have noticed in him so far are:
1 - Battery behaves strangely (Sometimes I turn on and off the battery comes back with another charge). And it gets very fast when I'm using it. But the battery is new.
Android takes actions alone, for example, it is 0% I connect it, it unlocks the screen alone, and opens the native browser the "Internet", and goes to a page that is like a map, and starts to Write random things, like, McFWjham; KAMV.
3- The use of data has remained high when it is active.
4- Sometimes when it is working normally, it opens native programs for no reason, the most common is the "Internet".
So I do not know what else to do, the cell phone is very well preserved, no visible problems, no crumple of drops, the problem is just in time to use kkk. Help me pls.
#Edit :The screen when active uses 40% to 50% of the battery according to Android.
The "Android System" occasionally gets to spend 60% of the battery.
When the battery is locked it tends to remain, but when I use the smartphone, the battery tends to decrease with the second ones very fast.
The battery is new.
Please help me T.T
Luan532 said:
I apologize for my English, I'm Brazilian, and they told me to go to XDA to solve my problem.
In this case, I'm using Google Translate.
Hello, I have an S4 Mini, which is behaving in a very strange way and I already tried to make the two solutions that I found, that would be to put the Stock Rom, and the Hard Reset but that did not solve.
The symptoms I have noticed in him so far are:
1 - Battery behaves strangely (Sometimes I turn on and off the battery comes back with another charge). And it gets very fast when I'm using it. But the battery is new.
Android takes actions alone, for example, it is 0% I connect it, it unlocks the screen alone, and opens the native browser the "Internet", and goes to a page that is like a map, and starts to Write random things, like, McFWjham; KAMV.
3- The use of data has remained high when it is active.
4- Sometimes when it is working normally, it opens native programs for no reason, the most common is the "Internet".
So I do not know what else to do, the cell phone is very well preserved, no visible problems, no crumple of drops, the problem is just in time to use kkk. Help me pls.
#Edit :The screen when active uses 40% to 50% of the battery according to Android.
The "Android System" occasionally gets to spend 60% of the battery.
When the battery is locked it tends to remain, but when I use the smartphone, the battery tends to decrease with the second ones very fast.
The battery is new.
Please help me T.T
Click to expand...
Click to collapse
Sounds like you have a malware infection (though can't be 100% sure) maybe adware, I would guess. Factory reset should have fixed it and reinstall stock rom would definitely fix it even if malware rooted your phone. So that means there is an easy way for reinfect to happen.
Reinfection can happen many ways eg via bad app, through your google account, cloud storage, wifi, other network you have joined etc. Unfortunately it can be very hard to stop if you don't know how it's happening.
1st lets assume it's a bad app you installed, try run a good antivirus like Avast, does it show malware? Clean anything it finds. If you are lucky it will only be adware app that you reinstalled yourself after the new rom, once removed you will be OK and phone clean. But if it comes back by itself then it will take more work to find how it happens.
[Note: You can also boot phone into safe mode which will only allow system apps to run, it is a way to test if it is a bad 3rd party app, is the problem stopped now 3rd party apps can't run?. (though if your phone has been rooted by malware and bad app installed as system app, then bad app will still run). If you think it might have been rooted, download a root checker app to test]
Change the software.
IronRoo said:
Sounds like you have a malware infection (though can't be 100% sure) maybe adware, I would guess. Factory reset should have fixed it and reinstall stock rom would definitely fix it even if malware rooted your phone. So that means there is an easy way for reinfect to happen.
Reinfection can happen many ways eg via bad app, through your google account, cloud storage, wifi, other network you have joined etc. Unfortunately it can be very hard to stop if you don't know how it's happening.
1st lets assume it's a bad app you installed, try run a good antivirus like Avast, does it show malware? Clean anything it finds. If you are lucky it will only be adware app that you reinstalled yourself after the new rom, once removed you will be OK and phone clean. But if it comes back by itself then it will take more work to find how it happens.
[Note: You can also boot phone into safe mode which will only allow system apps to run, it is a way to test if it is a bad 3rd party app, is the problem stopped now 3rd party apps can't run?. (though if your phone has been rooted by malware and bad app installed as system app, then bad app will still run). If you think it might have been rooted, download a root checker app to test]
Click to expand...
Click to collapse
I have avast installed, and cleaned, but not changed at all.
My device was already rooted by me, when I gave the hard reset and soon after the exchange of the rom stock, the root was undone,
I installed Root Checker and it said root was not properly installed.
And as for the security mode, I turned the phone on in safe mode, and when the screen was unlocked, it automatically opened the "internet" browser, on the same page as always.
What should I do?
Luan532 said:
I have avast installed, and cleaned, but not changed at all.
My device was already rooted by me, when I gave the hard reset and soon after the exchange of the rom stock, the root was undone,
I installed Root Checker and it said root was not properly installed.
And as for the security mode, I turned the phone on in safe mode, and when the screen was unlocked, it automatically opened the "internet" browser, on the same page as always.
What should I do?
Click to expand...
Click to collapse
ummm .... I was expecting it was just going to be a bad app serving ads, this is going to be hard
OK, that should rule out 3rd party apps (assuming you have avast set to find all PUP/PUA, etc & nothing white listed) but not finding anything may mean malware is embeded in ROM or malware was able to open port on your system but then uninstall itself or just that there is a line of code that points browser to a server that is serving adware so antivirus is not finding it. Some malware is able to hide from anti virus software in different ways. Try this app, it is not true antivirus, you run it manually, don't worry if one or two antivirus companies like white armour identify malware, they do often even on clean phone.
https://play.google.com/store/apps/details?id=com.funnycat.virustotal
You can also submit any unknown app to virus total white this app for testing. Also you must submit the bad url your browser is connecting to for testing, this will help it spread to all anti virus database.
Good news is you do not appear to be rooted. But the ROM you flashed may still be bad. Where did you get the stock ROM you flashed? I would only use a trusted source like sammobile.com/ but even that is no guarantee. You could try flash another ROM, though as this happened on previous ROM it's probably a good ROM, unless you are getting all your ROM from same site that is not well known as trusted.
So that would suggest they are able to get easy access to your phone either via your google account, cloud service, local network at home/work/public, or through your modem/router.
Check your local network doesn't have a neighbour or other unknown device connected with this app Fing
https://play.google.com/store/apps/details?id=com.overlook.android.fing
Of course even if you recognise all devices that doesn't mean your brothers etc phone is not the source.
Do the same with other networks you have access to.. Talk to work, any one else infected? Change you password. If using public wifi always use a vpn.
Likely source is your modem/router, Log into your modem router check for updates for it, (if old and not supported you may need a new one), update or if latest firmware do a factory reset, now reboot and use a new password (do this at the same time you reset ALL your passwords, or you might just allow them to find new passwords and reinfect you)
Check your goggle account does not have someone else set for account recovery and/or two factor authentication. (set it up if not already on) Change password and ALSO change password on any other recovery account (write them down )
do the same for cloud storage, and scan storage for virus if possible eg dropbox local folder on pc. Unlink cloud storage from mobile until you are clean to block this route of reinfection.
Update any other device software & change passwords eg xbox, printers etc
I think there's something I'm forgetting
Now reflash stock ROM ( I would also suggest then flashing an up to date custom ROM with most recent security patches)
Things you can do that may help temporarily .....
Install a firewall app like netguard and block internet access to browser, through may not work as root etc is open by default. Oh yes, that reminds me of one thing I forgot, check your DNS has not been hijacked, netguard shows dns url in settings, change if you cannot find who dns server your phone is using, use google 8.8.8.8 & 8.8.4.4 if you don't know what to set.
Use an app like Link2SD, Titanium Pro to freeze apps, but you will need root for this.
It's a lot of work (& I think there is something I am forgetting), you may get away with just factory resetting your modem or something as it appears to just be adware so they probably don't have access to your accounts etc, but I tried to cover everything.
Hope I'm making sense through goggle translate!
Phone with mind of its own may not be hacked or haunted. It can in fact happen when it's exposed to moisture or water. Try putting the phone in a bag of rice for several hours, this will draw out all moisture. Hairdrayer may damage electronics because overheating.
If hacked, I would do following steps:
- modem update with odin (manuals search XDA)
- update latest TWRP (dito on XDA)
- start phone in Recovery mode and wipe everything, also Format Data on SD and external SD. Simple Factory reset my not delete it (use Advaced wipe)
- Install LOS14.1 from arco (check compatibility first, other version available for double SIM) It comes with latest security patches.
- Install Open GApps nano or pico. Install other Gapps later if you need.
- start phone, skip setting for WLan to see if everything works without Network.
Does it work? ...then an open WLan could be hacked, try a secure first or mobile network.
Good luck
Hello guys!
The battery drop problem is a common failure with this i9195 phone. I did a research but you have to help me as well by providing IMEI S/N (located under the battery) in PM to me!
New battery doesn't helps!
My current research: If your phone made in Vietnam in the 1-line ~2013, then you will have a dead motherboard soon, before that battery issue is occuring.
So please give me your details and I will look after it.
Do anyone know when they stopped producing i9195 and i9195i ? I need to buy the latest version, because my i9195 was made in 2013 and have that battery drain issue even with new batteries...
Thanks.

Phone hacked

I need help identifying what app or setting got me into this mess.
I think the hacker has adb access.
He shuts down apps.. etc
He is messing with the notifications.. i get ony a few. Sometimes they come in late.
I have made reset from samsung setting and the boot menu, AND I INSTALLED A NEW ROM (the one for my phone) WITH ODIN. Still the issue resurfaces.
I think my roomate installed smthg in it. He is on the house wifi and he is got a degree in networking (i think thats what it's called, we study in french in my country)
Please i need help.
If someone needs any further details, please ask.
Avoid the wifi network you suspect your hacker friend is on, reinstall the rom downloaded on another network and stay on 4G and see if it still happens? Also suspect your PC to be hacked...
Thx for replying,
I did format my pc but i have connected it to house wifi.. didn't notice anything out of order though.
I found out about the "Revoke USB debugging authorisations" option in Developer Options. I think it is working.
Today, since i made a new instagram account, i added a mutual friend. Turns out it was an old and lost account, and thats when i got the error from the video.
Fortunately, i fixed it by un.following the account and clearing the app storage.
I need to know what access does he have?
Can't upload the video, here's some shots.
Look no further than yourself for the cause of this... one way or another.
RX: Factory reset, change Google account password.
Stop with the social media crap and go mingle with real people.
This not about social media, it's about getting my phone back.
With my old account, I couldn't even talk to my messenger friend. Today, thats like having your phone number unreachable all the time, frustrating.
Please if you don't want to help don't, but no need for quick unhelpful replies.
Carch921 said:
This not about social media, it's about getting my phone back.
With my old account, I couldn't even talk to my messenger friend. Today, thats like having your phone number unreachable all the time, frustrating.
Please if you don't want to help don't, but no need for quick unhelpful replies.
Click to expand...
Click to collapse
How was it compromised?
Understand if it was compromised it's more than likely because you left yourself vulnerable to attack.
A compromised OS needs to be cleaned or wiped... I gave you the solution(s).
No need to say thanks but don't give me lip about your screw ups.
Thank you.
I tried factory reset more than 10 times, different ways. No luck.
I think he is got access to one of my friends account but i don't know how he is using this connection with me ( message, notification.. i don't know)
@blackhawk what you said is true, and i didn't mean no offense.
Carch921 said:
Thank you.
I tried factory reset more than 10 times, different ways. No luck.
I think he is got access to one of my friends account but i don't know how he is using this connection with me ( message, notification.. i don't know)
@blackhawk what you said is true, and i didn't mean no offense.
Click to expand...
Click to collapse
Reflash the firmware especially if it is Oreo or below.
If it's not embedded in the firmware, it's being added by you albeit inadvertently.
Your Achilles heel is social media... don't be so predictable. Break the link in the chain.
None of the social apps should be running on the device, they are malware. At least keep them in the cloud.
Email must always be kept in the cloud and any attachments downloaded from it scruntinized or preferably not downloaded at all. All downloads are suspect.
At this point your data base is suspect as well.
Insanity is doing the same thing over and over, expecting a different result.
Android 11.
I am trying.
Carch921 said:
Android 11.
I am trying.
Click to expand...
Click to collapse
Unless someone physically got their hands on it, there's no known way the Android 11 stock factory image can be compromised by a rootkit or virus. A factory reset is all that is needed.
The problem happened after the reset.
blackhawk said:
Unless someone physically got their hands on it, there's no known way the Android 11 stock factory image can be compromised by a rootkit or virus. A factory reset is all that is needed.
The problem happened after the reset.
Click to expand...
Click to collapse
That is exactly what i suspect did happen. I often leave my phone home and my pattern is known for him.
How can i undo a modification of that level.
(I intend to go to a phone repair shop and install new soft with the "box". Is this recommended or is it a bad idea)
Carch921 said:
That is exactly what i suspect did happen. I often leave my phone home and my pattern is known for him.
How can i undo a modification of that level.
(I intend to go to a phone repair shop and install new soft with the "box". Is this recommended or is it a bad idea)
Click to expand...
Click to collapse
Never leave a phone physically unsecured as that's the only real security there is.
You need to have the firmware reflashed then be careful what you put back on it.
Change all your passwords and use secure passwords.
I ithink i this is the problem.( in the pic below)
There was an app called android device.. don't know if this is normal. So i deleted it and restarted and things are back to normal.
Sorry i can't upload the image, the app closes automatically.

			
				
Scan it online with Virustotal.
Sell the phone Facebook

Question Hacked pixel 6

Can anyone help me carrier unlock my Verizon phone? My phone has been hacked and I hope being able to flash it will help me to get rid of whatever they have done to it. Can anyone tell me why I get this message when I reset my phone? Any help would be greatly appreciated
there is no carrier unlock for VZW models. if you can boot into recovery, sideload the OTA version that was last on your device.
What did you do that resulted in the phone being hacked? With the sectors being wiped that are shown in the images, it looks like you have provided total device access to something whilst having an unlocked bootloader or something similar. If you let us know what happened, it might help us to figure out what options you may still have.
But definitely see if you can do what @uicnren mentioned first.
Im not sure who or how they wiped anything. It happened one day after connecting to my girlfriends wifi. I got ahold of Verizon and they sent me a new phone and as soon as I started it the same thing happened to it also
How do I find what OTA version was used on my phone?
Nothing hacked here... this is an error when wiping the Secure Element (the trusted secure module).
(https://android-review.linaro.org/p...cure_element/1.0/SecureElementHalCallback.cpp line #66)
Are you initiating the wipe from the recovery? If so, that's likely the reason. If there is an account attached to the device, a wipe must first be initiated from within Android (Settings)
Woodruff87 said:
Im not sure who or how they wiped anything. It happened one day after connecting to my girlfriends wifi. I got ahold of Verizon and they sent me a new phone and as soon as I started it the same thing happened to it also
Click to expand...
Click to collapse
what symptoms were you seeing that made you think you were hacked?
Those errors are normal in Recovery Mode. I see them all the time, sometimes they don't appear, usually they do.
Did you remove your google accounts from settings, do a factory reset from the reset menu and lastly in recovery mode where you posted the screenshots from.
Your Account might be hacked but the phone is unlikely hacked. You would get a message at boot telling you that the device has been modified. With a locked bootloader its extremely unlikely (unless NSO Group is targeting you).
Woodruff87 said:
Can anyone help me carrier unlock my Verizon phone? My phone has been hacked and I hope being able to flash it will help me to get rid of whatever they have done to it. Can anyone tell me why I get this message when I reset my phone? Any help would be greatly appreciated
Click to expand...
Click to collapse
Did you unlock the bootloader? Have custom firmware/kernel installed?
A "hacker" wins nothing by resetting/wiping your phone. They want data, and that only works if the phone can turn on and works. This looks like a wipe/factory reset gone wrong, which spells user error or software error and less likely a "hacker" attack. Most hacks you will never notice. A hacker that makes you notice that something went wrong, is either an amateur or did it on purpose. Ergo, he wants you to know that something went wrong, which usually only happens in order to extort you. If there is no extortion, then an obvious act by a hacker is highly unlikely.
We need some more information. What firmware had you installed? What happened exactly when. Did you install any new apps recently? What did you do prior to something going wrong? All the information that could help us troubleshoot your issue.
You said your phone wiped itself a day after connecting to your girlfriends wifi, and that a replacement device that you got sent by your carrier, did the same. Did you check your Google account? Do you have two factor authentication activated? It sounds like your phone got wiped over wifi, which would require access to your Google account. It's just odd that you get errors, which normally shouldn't happen if someone would use the erase a lost Android device function.
It's also possible that your backup from your GAccount is simply corrupted (many people had issues with random reboots). You should try and set up your (replacement) phone anew without any backup, maybe that can fix your issue.
Beyond that Google account thing-y, anything else is highly unlikely. Even specialized companies have serious issues getting into a modern smartphone, lest alone an Android 12 phone with a Google Server grade Titan m2 chip. The newer the firmware, the less likely the chance that someone from the outside could get in, especially with a phone like a Pixel that isn't very common. Most security firms/govermental agencies can only abuse older, known security loopholes. It's more likely that very popular phones like a Samsung or IPhone are targets from "the bad guys", since there will be bigger payoff for breaking the security of those phones, since there is a greater pool of users to target. Most hacks I've witnessed weren't random, they were targeted. Ask yourself: Am I worth the trouble of getting hacked? Do you have anything of interest on your phone that would warrant an excessive use of resources? Managing to hack a Pixel is not only unlikely in terms of the security you need to breach, but also in terms of the potential payoff in relation to the necessary knowhow and resources. It's just "not worth it".
What you should do immediately, just in case, is secure your Google account. Change your password. Maybe even change your two-factor authentication, if you have one (sms is not secure, use a token generating software/device). Change the wifi password from your girlfriend and check the list of connected devices. make a list of these connected devices + history (find that in the rooter software) and check them against the devices you know of. Also check the list of connected devices to your GAccount. Use the option to log out ALL devices from your Google account, so only your device is connected.
Do any other people have access to your phone? Do any other people know your passwords? Does your girlfriend has access? Do any other people have biometric security saved on your phone? Do you trust your girlfriend completely?
Make sure you use a special, new password for your GAccount, never reuse old ones that you have used somewhere else. Also check your emails on https://haveibeenpwned.com/
Beyond that, if you are not doing already, use a password manager.
Woodruff87 said:
Im not sure who or how they wiped anything. It happened one day after connecting to my girlfriends wifi. I got ahold of Verizon and they sent me a new phone and as soon as I started it the same thing happened to it also
Click to expand...
Click to collapse
Wait a sec. Verizon sent you a new (refurbished probably but new nonetheless) phone and when you turned it on weren't you greeted with the startup menu? Am I missing something?
Morgrain said:
Did you unlock the bootloader? Have custom firmware/kernel installed?
A "hacker" wins nothing by resetting/wiping your phone. They want data, and that only works if the phone can turn on and works. This looks like a wipe/factory reset gone wrong, which spells user error or software error and less likely a "hacker" attack. Most hacks you will never notice. A hacker that makes you notice that something went wrong, is either an amateur or did it on purpose. Ergo, he wants you to know that something went wrong, which usually only happens in order to extort you. If there is no extortion, then an obvious act by a hacker is highly unlikely.
We need some more information. What firmware had you installed? What happened exactly when. Did you install any new apps recently? What did you do prior to something going wrong? All the information that could help us troubleshoot your issue.
You said your phone wiped itself a day after connecting to your girlfriends wifi, and that a replacement device that you got sent by your carrier, did the same. Did you check your Google account? Do you have two factor authentication activated? It sounds like your phone got wiped over wifi, which would require access to your Google account. It's just odd that you get errors, which normally shouldn't happen if someone would use the erase a lost Android device function.
It's also possible that your backup from your GAccount is simply corrupted (many people had issues with random reboots). You should try and set up your (replacement) phone anew without any backup, maybe that can fix your issue.
Beyond that Google account thing-y, anything else is highly unlikely. Even specialized companies have serious issues getting into a modern smartphone, lest alone an Android 12 phone with a Google Server grade Titan m2 chip. The newer the firmware, the less likely the chance that someone from the outside could get in, especially with a phone like a Pixel that isn't very common. Most security firms/govermental agencies can only abuse older, known security loopholes. It's more likely that very popular phones like a Samsung or IPhone are targets from "the bad guys", since there will be bigger payoff for breaking the security of those phones, since there is a greater pool of users to target. Most hacks I've witnessed weren't random, they were targeted. Ask yourself: Am I worth the trouble of getting hacked? Do you have anything of interest on your phone that would warrant an excessive use of resources? Managing to hack a Pixel is not only unlikely in terms of the security you need to breach, but also in terms of the potential payoff in relation to the necessary knowhow and resources. It's just "not worth it".
What you should do immediately, just in case, is secure your Google account. Change your password. Maybe even change your two-factor authentication, if you have one (sms is not secure, use a token generating software/device). Change the wifi password from your girlfriend and check the list of connected devices. make a list of these connected devices + history (find that in the rooter software) and check them against the devices you know of. Also check the list of connected devices to your GAccount. Use the option to log out ALL devices from your Google account, so only your device is connected.
Do any other people have access to your phone? Do any other people know your passwords? Does your girlfriend has access? Do any other people have biometric security saved on your phone? Do you trust your girlfriend completely?
Make sure you use a special, new password for your GAccount, never reuse old ones that you have used somewhere else. Also check your emails on https://haveibeenpwned.com/
Beyond that, if you are not doing already, use a password manager.
Click to expand...
Click to collapse
Thanks I really appreciate the help and all the advice. I checked https://haveibeenpwned.com/ and my account has been pawned in 1 data breach... I will deactivate the Google account and start over fresh. Thanks again for all the info
bencozzy said:
Two things are they refurbished? And do they work without signing into google?
Click to expand...
Click to collapse
The first one was new, but the one I got from Google as a replacement was refurbished. Ill try resetting through the settings and deactivating all my accounts.
Woodruff87 said:
Thanks I really appreciate the help and all the advice. I checked https://haveibeenpwned.com/ and my account has been pawned in 1 data breach... I will deactivate the Google account and start over fresh. Thanks again for all the info
Click to expand...
Click to collapse
This, among many other things, is one of the reasons I use GrapheneOS and NO gooble services (despite all the attention they give to sandboxed gooble services).
Woodruff87 said:
Thanks I really appreciate the help and all the advice. I checked https://haveibeenpwned.com/ and my account has been pawned in 1 data breach... I will deactivate the Google account and start over fresh. Thanks again for all the info
Click to expand...
Click to collapse
your google address was found on that site for another service and you used the same password for both services, correct?
despite what some believe, your google account will not get hacked unless your password is insecure (ie. leaked or insufficient with 2FA). anything less and your asking for trouble (also using GrapheneOS).

Categories

Resources