Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mobile Phone Security Questions


  • Please log in to reply
20 replies to this topic

#16 midimusicman79

midimusicman79

  • Members
  • 732 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:08:52 PM

Posted 17 June 2018 - 03:04 AM

Hi again, implieddeny!

You are welcome!

Very sorry to hear that, but did you upgrade your OS to a newer version?

Could maybe any of these articles help?

https://www.google.com/search?q=What+to+do+if+one%27s+mobile+phone+gets+hacked%3F&ie=utf-8&oe=utf-8&client=firefox-b

Regards
midimusicman79

Edited by midimusicman79, 17 June 2018 - 03:19 AM.

MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


BC AdBot (Login to Remove)

 


#17 implieddeny

implieddeny
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 17 June 2018 - 06:20 AM

No I did not upgrade my os.

Numerous reasons why I suspect the hack.

Example 1 . I was watching a horror movie clip on YouTube late at night. I turned my head away very fast at a scary scene. Next I get a message on whatsapp which goes something like ' scaredy little fellow'.
I looked all over my room for a hidden camera. Finally I concluded that the camera is the one in the mobile through which I am being watched. There is a proximity sensor on the front of the camera which could also be used???

Well quite a scary experience considering I live alone in a large house. 😁😆

#18 implieddeny

implieddeny
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 17 June 2018 - 06:22 AM

Just to add that the number which the message came was from a number already in the messages list. I have seen hackers do this before like message through any number, maybe even call...?

#19 midimusicman79

midimusicman79

  • Members
  • 732 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:08:52 PM

Posted 17 June 2018 - 09:10 AM

Hi again, implieddeny!
 
Yes, your experience is indeed scary. :tvhorror: :ph34r:
 
Hackers and tech support scammers often just love to spoof their phone numbers to make them look like legitimate ones (and even mobile phone ones), when in fact, they are quite the opposite.

Almost every other day we all get cold phone calls with the typical question(s); "Do you have a computer?" or "I am calling you from Microsoft about your Windows/computer. Okay?"

Hence, it is advisable to just answer No and then hang up the phone (and if they do not stop calling, threaten them with calling the Police). :thumbdown:

You mentioned that your mobile was most likely hacked through an exploit in the os or in an app, which is all the more reason for upgrading your OS to a newer version.
 
Because, a new version of the OS may have had the vulnerabilities (exploits) fixed and new functionalities added, which certainly does no harm to your issue. :thumbsup:
 
More information is available from here: https://en.wikipedia.org/wiki/ColorOS
 
Sorry, I did not know that Oppo actually creates their own version (fork) of Android, which is named ColorOS, but anyway, it is still worth upgrading it to a newer version. :thumbup2:
 
There are many techniques hackers use to hack into mobile phones, and WhatsApp is even one of the most common apps to abuse, so personally, I do not use it at all.

Here are the top 10 most common hacking techniques you should know about: https://fossbytes.com/hacking-techniques/
 
Here are 12 ways to hack-proof your smartphone: https://www.theguardian.com/technology/2017/mar/26/12-ways-to-hack-proof-your-smartphone-privacy-data-thieves
 
Did you maybe find any of the articles that I posted the Google search link to, interesting?
 
Regards,
midimusicman79

Edited by midimusicman79, 18 June 2018 - 09:09 AM.

MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


#20 implieddeny

implieddeny
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 18 June 2018 - 09:59 AM

Thank You midimusicman , your articles have been helpful. :thumbup2:

Presuming the Hacker tunneled in via exploits in the OS and/or Whatsapp ,

how sophisticated would this attack be on a scale of 10 ?

 

I had my mobile forensically examined, though not sure about the skill

level of person checking my phone ( I could be wrong ), he found nothing.

I use various antivirus ,is it possible there is hidden Malware still there ?

 

 

Any suggestion on Network analysis ?what should I look for ?

I am running ettercap with arpspoof .


Edited by implieddeny, 18 June 2018 - 10:07 AM.


#21 midimusicman79

midimusicman79

  • Members
  • 732 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:08:52 PM

Posted 19 June 2018 - 09:30 AM

Hi again, implieddeny!
 
You are welcome! :)

If the hacker hacks into your mobile phone, I am not sure :unsure: which sophistication level it is, but if the hacker also roots your mobile phone (gains full access), it is sophistication level 10, more information here: https://www.us-cert.gov/sites/default/files/publications/cyber_threats-to_mobile_phones.pdf
 
I do not know who forensically examined your mobile phone, but as this field is complex, forensic examiners require extensive training to properly do their job, more information here: https://en.wikipedia.org/wiki/Mobile_device_forensics
 
You mention using various (several) Anti-Virus, please note that you should only use one Anti-Virus on your mobile phone, so as to not create any conflicts.
 
Which one of your Anti-Virus you choose to keep, is up to you.

If you are concerned that your mobile phone is infected with any malware, you should perform a scan with your Anti-Virus.
 
Here is a list of free Network analysis tools: https://techtalk.gfi.com/the-top-20-free-network-monitoring-and-analysis-tools-for-sys-admins/
 
As for what you should look for, please refer to this article: http://focus.forsythe.com/articles/211/10-Steps-to-an-Effective-Vulnerability-Assessment

There is also Gibson Research Center's ShieldsUP!, which performs Internet Vulnerability Profiling: https://www.grc.com/x/ne.dll?bh0bkyd2
 
In addition, there is SpeedGuide Security Scan, which does the same as the above-mentioned tool: http://www.speedguide.net/scan.php
 
And now that you have had your mobile phone forensically examined (and pen tested), you should finally upgrade your OS, if and whenever possible.
 
More information here: http://www.oppo.com/au/supports/announcement/test and http://androidnougat.net/list-oppo-phones-get-android-7-0-nougat-update/
 
Please note that you ideally should first upgrade your mobile phone OS to Android 6.0 Marshmallow and then to Android 7.0 Nougat, but it is up to you.
 
However, according to this article, you may have to wait for the Android 8.0 Oreo OS: https://theleaker.com/oppo-android-oreo-update-list-android-8-update/
 
Good luck! :)
 
Regards,
midimusicman79

Edited by midimusicman79, 20 June 2018 - 06:47 AM.

MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users