Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Galaxy s6 hacking TM Question


  • Please log in to reply
10 replies to this topic

#1 Boofs2988

Boofs2988

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 18 June 2015 - 07:14 PM

I have been trying to figure this out on my own and i'm coming up with nothing. I don't know a lot about phones so I was hoping someone on here could give me some feedback:

I got a new galaxy s6. When I called att one day to ask a question about my new phone and transferring contacts...they said I could download a cloud app to transfer over everything from my iphone to new android. I started noticing something was going on with my new phone after that...when it would close out of apps by itself. Calls would hang up. Echoing or hard to hear person on other end sometimes. Sometime every call I would make within a span of 10 minutes would say it had been forwarded with no voicemail.... just silence. It would highlight and Copy my passwords I would type in to clipboard without me even touching the screen, etc. Then one day it kept showing my current location was at this girls house who my ex was seeing while we were dating. I've never been there. I wasn't even close. ok so maybe it was a mock location(no idea what that entails) I would log onto instagram... and my account had unfollowed a bunch of people. I decided to change my gmail account and create a new one. Change my passwords for all social media, etc. I thought maybe they put something on my phone so I wouldnt catch them. Ok whatever.Called att to do a factory reset remotely. He even said it was weird bc it would'nt let him for a good 5 minutes until finally it went through. Well other issues continued. I would do factory reset after factory reset and immediately get text message like "oh hi Boofs2988" "lolol HIII" right when I turned my phone back on got everything downloaded again. I Went to att and got a new phone sent to me bc it was still under warranty.

 

 

So a couple days later after I get my new phone I'm at home during a remote access day for work. I was watching game of thrones on my laptop. When I started getting these texts from peoples numbers I had just met, that didn't know me that well. "did you take off work today." "I love that tv show game of thrones." I was like this is weird. During this time I was having some issues at work with a couple coworkers. I started getting text messages from a few guys I sort of knew but we never talked about work. They would say "hows everything going today at work." "Do you get along with your coworkers?" "hows your living situation at home?" "Do you get along with your roommates." I'm like why the bleep are you asking about stuff like that. For awhile it seemed like all my contacts I was messaging would incorporate a bunny emoji. seriously wth. My mom sent me a text that had 3 emojis and the last was a box with an x in it. I asked her what the last emoji she sent me was and she said she only sent me 2. 

 

Yes it sounds like paranoia but too many things keep happening that is strange. What i'm getting at is.... Is there a way someone can "man in the middle" my text messages? Listen in on my phone calls? Is there something particular I can look for on my phone that might show some spyware or remote access/webview? How would I remove it?

 

Also i'm not sure if this means anything but when I went to settings-about device-legal information-open source licenses the first 10 or so say things like bootloader, fake packages, or root/service contexts. Does that mean my phone is rooted? 

 

Thank you



BC AdBot (Login to Remove)

 


m

#2 PuReinSAniTY

PuReinSAniTY

  • Members
  • 432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:in a basement
  • Local time:04:46 PM

Posted 05 July 2015 - 11:08 PM

hello and sorry for the delay, what a bad problem you have! but I will try my best to help you, exactly where did you get you're phone from, online or in a network carrier store (telstra ,optus)? If online it seems that there are malicious apps pre installed when shipped to your current country. If not, can you go to your play store and download an antivirus (i personally recommend bitdefender) and run a scan and post back what it found. Also are there any issues with the computer? Now i would like you to go into your settings and find the application manager and thensearch for any apps that you believe that are "suspicious" and tell me please i will be waiting for your reply


they call me te java mayster


#3 Boofs2988

Boofs2988
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 06 July 2015 - 02:35 PM

I am no longer able to disable most of my apps in application manager. At one point on my phone It notified me that I didn't have access that the superuser does, not sure if that means something. Not sure what clearcutlogger is but it's constantly running, att remote support boot service that I can not force close, pagebuddynotisvc, rootpa, Fido UAF Client, live wallpaper picker, mobile tracker, OMACP, I have 3 different phones listed under applications, I have 4 different cloud dats syncadapters that I dont even have (for example-galaxy note 3) UIBC virtua softkey, 5 different remote controls that constantly run off and on and I can not disable them, passpoint settings runs on its on even though I have it turned off- along with bluetooth, itelligence service, Gear VR shell, CSC, certificate installer, captive portal login, securitymanager service, smartcard openmobile api remote, broadcast service, cocktail bar service. And a lot of others I dont recognize. The disable button is grayed out and I can no longer disable about 75 percent of my applications.



#4 Boofs2988

Boofs2988
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 06 July 2015 - 02:49 PM

I'v also been keeping track on my google account bc IMAP was enabled. The only device listed under devices was my phone. now since i've come to work it lists android wallpaper, android system settings, android market as backups. 



#5 PuReinSAniTY

PuReinSAniTY

  • Members
  • 432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:in a basement
  • Local time:04:46 PM

Posted 06 July 2015 - 09:06 PM

hello again! superuser is an app that requires root access, is your phone rooted? Clearcut logger to me is nothing to worry about as many android services use it.

 

 

att remote support boot service that i cannot force close

yes you cannot force close this as this service helps your phone boot, force closing this would be, how do i say, quite bad, that is why android has grayed out the force close button.

 

also, please answer the question, in post #2 about where you got you're phone from

 

did you download an active antivirus like I told you? If not please do so.

 

 

 I can no longer disable about 75 percent of my applications.

well, some options are not meant to be disabled such as system apps, please try disabling some samsung apps as these can be diasbled normally, if you can't, report back.

 

 

 

5 different remote controls that constantly run off and on and I can not disable them

that does seem quite weird... If you cant disable or uninstall I would leave it until we solve some other problems... I don't have much information on it other than it is used by samsung to find phones, so i don't recommend uninstalling it

 

I don't know much about google IMAP as i have never used it before


they call me te java mayster


#6 Boofs2988

Boofs2988
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 06 July 2015 - 11:47 PM

I took my previous phone in to att and they had me call and request a new one over the phone. It arrived by mail a week later. It says made in Korea, which i'm sure most are. I downloaded an app to see if it was rooted (root checker)and it said no. I don't even know how to root a phone. Is there a way someone can be intercepting my text messages through my phone number? Can you do that from keyloggers? it no longer says superuser on my phone. under licenses it does list a bunch of things that say root ( conext, recovery root, etc) and then a bunch of things that say fake packages and bootloader. USB seems to be listed on a bunch of things. For instance the mirrorlink I have I disconnected but i'll notic it will come up first saying phone unconfirmed then phone certified under the mirrorlink application. It is not isted under there 24/7 though. 



#7 Boofs2988

Boofs2988
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 06 July 2015 - 11:50 PM

and when I notice my phone lighting up on it's own or getting really hot, as soon as I unlock it it will have one of my text messages opened or some other settings pulled up that I wasn't on previously.



#8 GeorgeMelchers

GeorgeMelchers

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:16 PM

Posted 07 July 2015 - 01:26 AM

If not, can you go to your play store and download an antivirus and run a scan and post back what it found.



#9 PuReinSAniTY

PuReinSAniTY

  • Members
  • 432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:in a basement
  • Local time:04:46 PM

Posted 07 July 2015 - 01:56 AM

this is probably the cause of the ram overheating the phone...I have a friend called Animal (site admin) and he will come help you with you're problem further as i am running out of ideas he will reply some time tommorow...Please be patient


they call me te java mayster


#10 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 34,286 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:11:16 PM

Posted 07 July 2015 - 01:19 PM

and when I notice my phone lighting up on it's own or getting really hot, as soon as I unlock it it will have one of my text messages opened or some other settings pulled up that I wasn't on previously.


Overheating is a common complaint regarding S6's, You'll need to work with AT&T and within your warranty for that issue. As for one of your text messages being open when you unlock it or another application open. That si likely from your notifications settings. If you have notifications set for any application and that app sends a notification it will show on the notifications list and then you tap it and it will open. So my suggestion is to learn about Lollipop notifications and how they work with your apps. Then manage your notifications settings. That should help you reduce the unusual behavior or at the least help you understand how and why it works that way.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#11 OnlineAlias2

OnlineAlias2

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:16 AM

Posted 26 August 2015 - 04:11 AM

The answer to whether someone can intercept your text msgs from an android operating system is absolutely YES... In fact, if you go to settings then apps and start looking at the permissions for each individual app, you may find that an obscene number of apps give themselves permission to intercept all msgs 'regardless of content or confidentiality' to use their words. Msgs can then be deleted or sent or forwarded or whatever without ever notifying you or asking for your consent. Phone calls can also be made at any time 'without your confirmation' by any number of apps... Not just the phone app or really any app that a person would normally associate with dialing a number. The next sentence, however, tells you to note that this permission DOES NOT allow the phone to call emergency numbers all by itself. So basically it can call anywhere in the world at any time and for any reason without you knowing abd you will be responsible for the charges. But in the one case where that permission might actually be useful- in an emergency- android draws the line and will not allow it. Numerous apps are allowed to record or live stream pics and video at any time without ever notifying you of anything. The microphone can record audio at any time without you being alerted or notified at any point. The list goes on from there and it only gets worse, trust me. And these aren't 'hacked' or 'rooted' permissions. This is how the android operating system was designed and how it functions during its regular course of business.

As far as whether their is covert spyware or hacking tools out there that will completely compromise your phone, the answer is again a resounding YES!!! It's as though Android was PURPOSE BUILT to be easily hacked. Go to www dot spy phone review and you will see several different product reviews on some of the more popular 'solutions' that are readily available for anyone to purchase online or with bit coins. And while these products do not necessarily require a rooted phone to install, most, if not all, do require physical access to the phone And the ability to get past any security locks to do the initial spyware install.

That being said though, an experienced hacker wouldn't need any of that to completely take over and own an android cell phone remotely. Just last week a vulnerability was revealed on android where an attacker could send you an mms message which would then be automatically downloaded (since its a multimedia msg which usually contains pics or videos). And once downloaded, the msg could then delete itself after installing the malware. And at most you might catch a glimpse of the text msg received notification before it too disappears in a matter of seconds. But most likely you'll never see a thing yet your phone and all of it's functions are now under the control of a third party - free to do whatever they want when they want and how they want with the poor clueless end user never seeing or being made aware of a thing.

Welcome to Android. You're in for quite a ride if you're not careful. And possibly even if you are. But no one seems to want to talk about or acknowledge any of these blatant security holes in this OS, so we'll see how long it takes before this post is deleted.

Best of luck to you. Sounds like you're going to need it!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users