Related
After surfing the web a bit, I came across a few notorious Android Spy Software applications that could run in your background without you knowing. It is not visible and cannot be detected. I have read that that the only way to eliminate and uninstall the program is through a re-installation of the operating system. With that said, I have been suspicious of my brother for installing this on my HTC EVO. I let him toy with my phone while I showered without thinking of the repercussions for 5-7 minutes.
As bad as it sounds, he is the type that likes to be in control of electronics so that if things get a turn for the worst in our brotherly relationship, he can rely on electronic controls to do any type of damage (banking information, passwords, etc.).
I just spoke with a worker at a Sprint repair store right before they closed for the day and I'm wondering if Sprint can do an OS re-install. Also, is the OS re-install safe to do (does it truly keep the phone factory and completely in-tact)? Is it common?
Tell me if I need to clarify more.
just do a factory reset, it wipes everything.
That was my initial route to deal with this issue (Settings > Privacy > Factory data reset), unless there was another way to actually hard reset the phone. I'd be glad to know if there was.
The thing about Android Spy Software is that it is untraceable and uninstallable unless the OS is re-installed. Soft resetting the phone will not resolve the issue.
Any other ideas? And, is there a way to hard reset the phone?
Brandizle said:
That was my initial route to deal with this issue (Settings > Privacy > Factory data reset), unless there was another way to actually hard reset the phone. I'd be glad to know if there was.
The thing about Android Spy Software is that it is untraceable and uninstallable unless the OS is re-installed. Soft resetting the phone will not resolve the issue.
Any other ideas? And, is there a way to hard reset the phone?
Click to expand...
Click to collapse
unless you rooted your phone and the software is embeding it's self in part of the nand(unlikely and not possible without root(i think)), nothing will survive a factory reset. If you really want to wipe it then just root and install a custom rom, then lock your phone lol. Also, no offence, but your brother sounds like a real a$$hat.
Brandizle said:
That was my initial route to deal with this issue (Settings > Privacy > Factory data reset), unless there was another way to actually hard reset the phone. I'd be glad to know if there was.
The thing about Android Spy Software is that it is untraceable and uninstallable unless the OS is re-installed. Soft resetting the phone will not resolve the issue.
Any other ideas? And, is there a way to hard reset the phone?
Click to expand...
Click to collapse
That is the way to hard reset the phone. The only thing I think it doesn't wipe is the SD card, so I would wipe that, then the phone, you know how to format the sd card with windows?
There's no rooting of my phone. I came across the article: "How To Detect Android Spyware | 5 Ways To Detect Android Spyware" a few hours ago and it stated near the end,
"So what can you do if you think you have Android spy software on your phone? The only way to remove the software is to reinstall the operating system. This can be done at the place of purchase. Just take it in and tell them that you think someone has installed Android spyware on your phone, so you would like to reinstall the OS.
One thing I'd like to point out is that the above list represents only the most common signs that someone might have installed Android spyware on your phone. The problem is that you cannot be 100% sure either way, because everyone uses their cell phone differently. The only way to know 100% that your cell phone is free of Android spy software, is to make sure that you keep it close to you at all times, use a phone lock that requires a PIN number, and closely monitor your cell phone for any unusual behavior."
I'm not sure if I can post links, but if you google the article title I stated, you can find it. I wanted some advanced inputs from android developers' points of view.
BAleR said:
That is the way to hard reset the phone. The only thing I think it doesn't wipe is the SD card, so I would wipe that, then the phone, you know how to format the sd card with windows?
Click to expand...
Click to collapse
I'd be happy to know.
I know indeed know how to wipe my SD card using Windows. Correct me if I'm wrong: Start > My Computer > *right-click SD card* > Format..
What's the instructions to hard resetting the android device, if you don't mind me asking?
Brandizle said:
There's no rooting of my phone. I came across the article: "How To Detect Android Spyware | 5 Ways To Detect Android Spyware" a few hours ago and it stated near the end,
"So what can you do if you think you have Android spy software on your phone? The only way to remove the software is to reinstall the operating system. This can be done at the place of purchase. Just take it in and tell them that you think someone has installed Android spyware on your phone, so you would like to reinstall the OS.
One thing I'd like to point out is that the above list represents only the most common signs that someone might have installed Android spyware on your phone. The problem is that you cannot be 100% sure either way, because everyone uses their cell phone differently. The only way to know 100% that your cell phone is free of Android spy software, is to make sure that you keep it close to you at all times, use a phone lock that requires a PIN number, and closely monitor your cell phone for any unusual behavior."
I'm not sure if I can post links, but if you google the article title I stated, you can find it. I wanted some advanced inputs from android developers' points of view.
Click to expand...
Click to collapse
Not gonna lie you sound SUPER paranoid but like everyone else stated if you do a factory wipe it will get rid of anything or if you are THAT worried download a RUU its the same thing sprint would do while laughing at your paranoid ass in the back room
donniegood said:
Not gonna lie you sound SUPER paranoid but like everyone else stated if you do a factory wipe it will get rid of anything or if you are THAT worried download a RUU its the same thing sprint would do while laughing at your paranoid ass in the back room
Click to expand...
Click to collapse
Eh...it happens.
donniegood said:
Not gonna lie you sound SUPER paranoid
Click to expand...
Click to collapse
+1
A little more history would be useful here
Duplicate post.
acrh2 said:
+1
A little more history would be useful here
Click to expand...
Click to collapse
It all started back when we were children emerging into teens. My brother started with Neopets and slowly began scamming kids of their neopoints through false logins and other obvious ploys to trick children. As we entered high school, he and his friend began getting intrigued with developing viruses and spyware as a game to trick one another into falling into each others' traps and obtain each other's data. Me and my brother were on bad terms several times before due to his state-of-mind that being a bigger brother means being able to have full control of the younger siblings' lives, including me and my sister. He began restricting access to general surfing, such as Digg, Reddit, and social networking sites in general. Then, my brother began loosening up and allowing for it, but told us that he would keep keylogs going through router control and had access to login informations as well as chat histories with local friends.
Perhaps, I am being paranoid. I don't know.
Brandizle said:
There's no rooting of my phone. I came across the article: "How To Detect Android Spyware | 5 Ways To Detect Android Spyware" a few hours ago and it stated near the end,
"So what can you do if you think you have Android spy software on your phone? The only way to remove the software is to reinstall the operating system. This can be done at the place of purchase. Just take it in and tell them that you think someone has installed Android spyware on your phone, so you would like to reinstall the OS.
One thing I'd like to point out is that the above list represents only the most common signs that someone might have installed Android spyware on your phone. The problem is that you cannot be 100% sure either way, because everyone uses their cell phone differently. The only way to know 100% that your cell phone is free of Android spy software, is to make sure that you keep it close to you at all times, use a phone lock that requires a PIN number, and closely monitor your cell phone for any unusual behavior."
I'm not sure if I can post links, but if you google the article title I stated, you can find it. I wanted some advanced inputs from android developers' points of view.
Click to expand...
Click to collapse
I looked at that site you're talking about
http://www.androidspysoftware.com/
The site is an attempt to scare you and sell you their Mobile Spy software, sounds like it worked.
That's pretty intense lol.
I would whack my brother over the head with a crowbar if he ****ed with my privacy.
My theoretical brother, that is
You haven't a thing to worry about.. Just make sure "Install from unknown sources" isn't checked and I highly doubt you'll ever have a problem..
topdnbass said:
That's pretty intense lol.
I would whack my brother over the head with a crowbar if he ****ed with my privacy.
My theoretical brother, that is
You haven't a thing to worry about.. Just make sure "Install from unknown sources" isn't checked and I highly doubt you'll ever have a problem..
Click to expand...
Click to collapse
Thanks for empathizing.
After I realized of any theoretical repercussions of allowing him access to my phone for a few minutes while I was in the shower, I immediately went and did a factory data reset, which I believe to be a hard reset.
I also made sure the "Install from unknown sources" was always unchecked.
Me and my brother previously had bad blood. His intentions of being controlling have put his past girlfriends in a bad state of mind. Recently, he has made one of his past girlfriends (at the moment, he was dating her), re-surface her history of self-mutilation. He made her move from Iowa (I think) to live closer to him near our university. She was too late to enroll and after a few months of being with him, she got scared of his controlling attitude and uncontrollable fits of rage and outlashes. She later on during the relationship hid under beds instead of sleeping on them and kept cutting her arm and fingers. Her mother was so outraged that she made a plane ride from Iowa to Kansas just to take her back and my brother hid himself the day she arrived. He was scared of her mother and what would happen if she got her fingers on him.
ausch30 said:
I looked at that site you're talking about
http://www.androidspysoftware.com/
The site is an attempt to scare you and sell you their Mobile Spy software, sounds like it worked.
Click to expand...
Click to collapse
The site was for spyware (Android Spy Software), not against spyware. They're trying to sell it in order to install the application and spy on others without their knowing. My concern is to remove it, so there's no incentive for me to buy their product as it would not benefit my case.
girl knows how to write, felt like i was watching a lifetime movie.. uhh, not that ive ever seen one since im a pretty hardcore dude
Indeed...half expecting something needing moderated shortly. Good thing the EVO can second as a mirror to see who is sneaking up behind you.
toenail78 said:
girl knows how to write, felt like i was watching a lifetime movie.. uhh, not that ive ever seen one since im a pretty hardcore dude
Click to expand...
Click to collapse
I'm a guy, fyi. I'll take that as a compliment, I guess?
it can be in other partitions other than data
i have spyware on my phone AND computer from my ex and of course my phone was rooted so she got it in there DEEEEP in my /dev folder and it is EVERYWHERE. im pretty screwed. time for new phone and computer.. she also managed to get a key logger on my touchscreen phone.. weird huh
This may be just an Oreo thing or maybe pixel specific but despite a ton of searching I can't find anything helpful.
When the phone is rebooted, something I do daily, it won't launch any user apps until it's unlocked.
So if I reboot and don't stay by the phone to unlock it things like slack, phoneweaver, nine, and a handful of other important apps won't start. In turn if it was close to a scheduled profile change in phoneweaver it won't work. Or if a slack message comes in it won't to the phone. Nova doesn't fill in widgets. Etc.
This is a minor headache but still annoying. Hoping someone may know why? My gut is that despite not having multiple users set on the phone Oreo doesn't load apps until you officially "login" by unlocking.
Something it would be nice to work around without compromising security ...
Appreciate anything you all may have.
_tsp
I just noticed this on my Google Pixel 2! What the hell Google? No apps auto-start until after the first unlock. Is this an Oreo or Pixel specific thing?
Did either of you two find a solution to this?
Darke5tShad0w said:
Did either of you two find a solution to this?
Click to expand...
Click to collapse
No, I think it has to do with the data partition needing to be decrypted by unlocking before anything actually starts up.
It also does it on my Xiami MI 9.
I have not activated data encryption. In my opinion it is wrong that no service starts.
For example, the "Find my phone" would be good if it always started regardless of everything.
tspnews said:
This may be just an Oreo thing or maybe pixel specific but despite a ton of searching I can't find anything helpful.
When the phone is rebooted, something I do daily, it won't launch any user apps until it's unlocked.
So if I reboot and don't stay by the phone to unlock it things like slack, phoneweaver, nine, and a handful of other important apps won't start. In turn if it was close to a scheduled profile change in phoneweaver it won't work. Or if a slack message comes in it won't to the phone. Nova doesn't fill in widgets. Etc.
This is a minor headache but still annoying. Hoping someone may know why? My gut is that despite not having multiple users set on the phone Oreo doesn't load apps until you officially "login" by unlocking.
Something it would be nice to work around without compromising security ...
Appreciate anything you all may have.
_tsp
Click to expand...
Click to collapse
So, since I've got this over monster I've had a shocking number of issues. From sudden influx of crap followers online, people sending photos of some of those little people some people keep as pets.
But, it was probably a month in kept getting restarts that left my wall paper different, noticed key guard was in the running processes and Samsung wasn't able to give me much info at all.
Frequently my antivirus Would randomly flag some huge archive that would appear in Google vending folder and for some reason my weather app for my gear fit updated EVERYDAY
Today a series of unfortunate events and my phone did a factory reset shortly after a drop. I actually find that interesting because I don't know the drop or one of my...well call them gremlins. (Let's face it most of things i have attributed are probably just me going into PTSD blah blah blah... )
But today Turn process I did streamline to get Nic cards logging up and go and build to set up a good firewall get ad blockers going but I wanted to see what happened. And I go my weather app eventually.
And for some reason over in reddit they tend to think permissions like this are normal (I know Samsung's calculator is more than a calculator but mine once had almost every permission with about 800MB storage taken up.
So, This weather app seemed a little abnormal look up the IP address, looked up the company and, I looked furlough their partners for Samsung and Knox (didnt Find the one)
Just a quick assumption;
This module has the Hotspot 2.0 and REALLY likes its certificates. I noticed the option to share Your Wi-Fi with someone is always default toggle on.
If you scroll through the websites what we do you see that they are very proud that they have the edge one of the largest threat assessments for everybody when hop away from 1 of their servers , how many of them there are etc. And I Have this feeling that my device is actually just a nice little go between allowing others access to the internet while gathering their data points.
I can't actually post links but if you do their site plus this thing takes you right to the talk about their platform. Gove the data that goes through phones, that is good for anything from Cambridge analytica code level stealing countries to just figuring out how stable and great 5G is
/us/en/
what-we-do/intelligent-platform
I've seen the Address actually go by in my primary bp and add blocker but that 1 doesn't give me per app metrics so not sure what else goes to them.
Also, suddenly I think I know at least partially why they don't want flashed ROMS(?), at least yet.
I'd actually really like to know if anyone else, specifically related to 5G sees these also. Given the timing of that release device and anal FMRi weather app there. And for some reason even though I use a little cheaper company gives me unlimited data they have swapped my network several times between bigger company the smaller company. Its same towers and stuff usually so no big deal but, doesn't normally do that. (Have noticed that actually from the Galaxy store I see that quite often, but the "same" download from play store different version number less permissions)
(By the way hello this is the 1st device actually looking to rooting, prior the risk of that access to someone else was too much. Thanks for letting me join the community, I do hope I catch on quick ans don't drive any one too crazy)
(I tried to add in pictures of the weather app permissions and everything but can't post pictures either)
A drop shouldn't cause a factory reset... if it was caused by software you have an apk(s) that are trashware.
A 3rd party launcher put mine in a boot loop... twice.
If you did a recent firmware update it may have corrupted that load, reload as you did.
A virus or trojan are suspect as well. Run Malwarebytes and Trojan scanner. Some malware may not always be detected.
If you suspect a virus after a reload be careful what you load and bring into the system including the on SD card and any backups. Start with the base load and add only apps from Playstore at first. Go from there if it runs ok. Be wary of updates, one at a time, look for issues as you progress.
Same with backup data... if it's there you'll need to isolate it or dump all the data.
Use a package disabler like PD MDM to block bloatware from running and to troubleshoot.
blackhawk said:
A 3rd party launcher put mine in a boot loop... twice.
If you did a recent firmware update it may have corrupted that load, reload as you did.
Click to expand...
Click to collapse
I was worried so, as I'd never seen it i just know these things actually include that hardware backed encryption. I had worries that I had knocked that loose and might have issues with it later. (Accelerometer is off bit it seems now)
I can say likely:
1. Third party lock screen with data wipe. Not highly reviewed but was but trashy. May have accidently in the tussle woke the screen with motion and performed a wipe.
2. Package disabled. I play with what I can get away with disabling. Some Knox stuff is bit touchy.
3. I'd managed to start process of adding a second secure folder on a secondary profile. It hadn't like it but stayed working.
Or combo 2 & 3 but lock screen most likely I'd say
HungryRobotics said:
I was worried so, as I'd never seen it i just know these things actually include that hardware backed encryption. I had worries that I had knocked that loose and might have issues with it later. (Accelerometer is off bit it seems now)
I can say likely:
1. Third party lock screen with data wipe. Not highly reviewed but was but trashy. May have accidently in the tussle woke the screen with motion and performed a wipe.
2. Package disabled. I play with what I can get away with disabling. Some Knox stuff is bit touchy.
3. I'd managed to start process of adding a second secure folder on a secondary profile. It hadn't like it but stayed working.
Or combo 2 & 3 but lock screen most likely I'd say
Click to expand...
Click to collapse
Get a good case like the Bolt. High G impacts can cause internal damage but usually not especially if in a case.
I don't use secure folder, encryption or any screen lock especially 3rd party. Any apk you give administrator rights to lock the phone can effectively trash your OS load in a heartbeat.
Have had passwords get corrupted (rare) before and gotten totally locked out on a laptop bios.
That machine is now useless.
On Androids you can reload to recover if all else fails but a reload takes a lot of work...
Alright, I'm in that nice panic stage where you've learned enough to scare yourself but don't know enough to reassure yourself.
Had a factory reset recently, seems likely it was due to 3rd party lock/wipe app i triggered while dealing with my dog. (But not 100% sure there was a drop just prior and I've had stability issues since school has required me add a work profile but, of course tech support for both Microsoft and my school have zero response to inquiries)
Any way, user certificates now has two:
FindMyMobile
AttestationKey_com_wssyncmldm
And I have no idea how to verify those in any way. Its quite possible isn't it that an app could have actually installed them right?
Findmymobile, obviously is such a cert, allowing for find my mobile. It has a key a CA cert and user cert.
AttestationKey_com_wssyncmldm
Has a user key and user cert
I would say it's the school/work profile. Microsoft InTune is for enterprise IT management. If your school's IT managers don't know how to configure it, it can screw things up for everyone.
Try deleting your school profile and see what happens.
My company recently migrated from Google to Microsoft services and when I added my company as a work profile, my phone started acting wonky.
Sent from my SM-N976V using Tapatalk
I would reload and not put the crapware back on it.
It's your phone... my favorite word is No!
I have zero faith in the new MS; don't run any of their cloud junk on my 10+ and never will.
Find my device is normally present. You can disable it as a device administrator in advanced security settings.
It will auto enable on reboot or sometimes when you go to Playstore.
HungryRobotics said:
Alright, I'm in that nice panic stage where you've learned enough to scare yourself but don't know enough to reassure yourself.
Had a factory reset recently, seems likely it was due to 3rd party lock/wipe app i triggered while dealing with my dog. (But not 100% sure there was a drop just prior and I've had stability issues since school has required me add a work profile but, of course tech support for both Microsoft and my school have zero response to inquiries)
Any way, user certificates now has two:
FindMyMobile
AttestationKey_com_wssyncmldm
And I have no idea how to verify those in any way. Its quite possible isn't it that an app could have actually installed them right?
Findmymobile, obviously is such a cert, allowing for find my mobile. It has a key a CA cert and user cert.
AttestationKey_com_wssyncmldm
Has a user key and user cert
Click to expand...
Click to collapse
So are these both normal then?
sirv said:
So are these both normal then?
Click to expand...
Click to collapse
I don't know. I don't have a work profile set, and I show no user certificates.
The names seem off too. I see why the OP was a bit shook up. I'm running a AT&T 10+
Here's how they show on my 10+, it's running fast and clean.
sirv said:
So are these both normal then?
Click to expand...
Click to collapse
Find my mobile is for find my mobile being active when you have a VPN that may block it.
The other I still don't know but may be Knox related under same circumstances.
Thank you, @blackhawk and @HungryRobotics
I had a similar guess, that findmymobile was the Samsung service. Since I was using a VPN-based ad block (Adguard), it makes sense that it appeared there.
As for the other one (AttestationKey_com_wssyncmldm), I'm still not sure, but I wonder if it was for the Link to PC service.
It's alarming to find anything in User Certificates, honestly, and there seems no way to get information that they are legit. My hope is that it is only the system apps that can install certificates without user intervention.
sirv said:
Thank you, @blackhawk and @HungryRobotics
I had a similar guess, that findmymobile was the Samsung service. Since I was using a VPN-based ad block (Adguard), it makes sense that it appeared there.
As for the other one (AttestationKey_com_wssyncmldm), I'm still not sure, but I wonder if it was for the Link to PC service.
It's alarming to find anything in User Certificates, honestly, and there seems no way to get information that they are legit. My hope is that it is only the system apps that can install certificates without user intervention.
Click to expand...
Click to collapse
wssyncmldm is the infamous AT&T updater usually listed as in my previous screen shot.
Seems it might have something to do with this.
My guess is it has to do with setting up the work profile.
If it was there on the AT&T stock rom, after a factory reset it should be ok.
Maybe check with AT&T.
blackhawk said:
wssyncmldm is the infamous AT&T updater usually listed as in my previous screen shot.
Seems it might have something to do with this.
My guess is it has to do with setting up the work profile.
If it was there on the AT&T stock rom, after a factory reset it should be ok.
Maybe check with AT&T.
Click to expand...
Click to collapse
I don't have AT&T, but it could be an updater for my carrier.
sirv said:
I don't have AT&T, but it could be an updater for my carrier.
Click to expand...
Click to collapse
Those apps have every permission under the sun. Check to see what is set as system administrators. Find my Device will be there.
I don't know.
Maybe it's nothing but what if it's something
I found these and other User Certificates on another device, too. It's disconcerting. Is it known, can any app install User Certificates?
This may be helpful:
How To Remove all Stored Certificates on Android - Technipages
Ever been greeted by a popup saying, "The certificate doesn't come from a trusted authority?" when trying to access a website? These security certificates
www.technipages.com
Lockdown time, add Karma Firewall, a VNP based freeware app that uses almost no battery and has logging. Can run at boot up.
I also use this setting to globaly block ads...
blackhawk said:
This may be helpful:
How To Remove all Stored Certificates on Android - Technipages
Ever been greeted by a popup saying, "The certificate doesn't come from a trusted authority?" when trying to access a website? These security certificates
www.technipages.com
Lockdown time, add Karma Firewall, a VNP based freeware app that uses almost no battery and has logging. Can run at boot up.
I also use this setting to globaly block ads...
Click to expand...
Click to collapse
It's strange, I can find nothing online about common entries in User Certificates on Android. My thought is that they get generated when VPN is used, such as AdGuard.
Thanks for the Private DNS tip for ad blocking. In the meantime, I have been using Disconnect Pro (based on Knox).
sirv said:
It's strange, I can find nothing online about common entries in User Certificates on Android. My thought is that they get generated when VPN is used, such as AdGuard.
Thanks for the Private DNS tip for ad blocking. In the meantime, I have been using Disconnect Pro (based on Knox).
Click to expand...
Click to collapse
Can you delete them?
If you don't do/want OTA updates wssyncmldm isn't needed.
I'm still happily running on Pie...
Can anyone help me carrier unlock my Verizon phone? My phone has been hacked and I hope being able to flash it will help me to get rid of whatever they have done to it. Can anyone tell me why I get this message when I reset my phone? Any help would be greatly appreciated
there is no carrier unlock for VZW models. if you can boot into recovery, sideload the OTA version that was last on your device.
What did you do that resulted in the phone being hacked? With the sectors being wiped that are shown in the images, it looks like you have provided total device access to something whilst having an unlocked bootloader or something similar. If you let us know what happened, it might help us to figure out what options you may still have.
But definitely see if you can do what @uicnren mentioned first.
Im not sure who or how they wiped anything. It happened one day after connecting to my girlfriends wifi. I got ahold of Verizon and they sent me a new phone and as soon as I started it the same thing happened to it also
How do I find what OTA version was used on my phone?
Nothing hacked here... this is an error when wiping the Secure Element (the trusted secure module).
(https://android-review.linaro.org/p...cure_element/1.0/SecureElementHalCallback.cpp line #66)
Are you initiating the wipe from the recovery? If so, that's likely the reason. If there is an account attached to the device, a wipe must first be initiated from within Android (Settings)
Woodruff87 said:
Im not sure who or how they wiped anything. It happened one day after connecting to my girlfriends wifi. I got ahold of Verizon and they sent me a new phone and as soon as I started it the same thing happened to it also
Click to expand...
Click to collapse
what symptoms were you seeing that made you think you were hacked?
Those errors are normal in Recovery Mode. I see them all the time, sometimes they don't appear, usually they do.
Did you remove your google accounts from settings, do a factory reset from the reset menu and lastly in recovery mode where you posted the screenshots from.
Your Account might be hacked but the phone is unlikely hacked. You would get a message at boot telling you that the device has been modified. With a locked bootloader its extremely unlikely (unless NSO Group is targeting you).
Woodruff87 said:
Can anyone help me carrier unlock my Verizon phone? My phone has been hacked and I hope being able to flash it will help me to get rid of whatever they have done to it. Can anyone tell me why I get this message when I reset my phone? Any help would be greatly appreciated
Click to expand...
Click to collapse
Did you unlock the bootloader? Have custom firmware/kernel installed?
A "hacker" wins nothing by resetting/wiping your phone. They want data, and that only works if the phone can turn on and works. This looks like a wipe/factory reset gone wrong, which spells user error or software error and less likely a "hacker" attack. Most hacks you will never notice. A hacker that makes you notice that something went wrong, is either an amateur or did it on purpose. Ergo, he wants you to know that something went wrong, which usually only happens in order to extort you. If there is no extortion, then an obvious act by a hacker is highly unlikely.
We need some more information. What firmware had you installed? What happened exactly when. Did you install any new apps recently? What did you do prior to something going wrong? All the information that could help us troubleshoot your issue.
You said your phone wiped itself a day after connecting to your girlfriends wifi, and that a replacement device that you got sent by your carrier, did the same. Did you check your Google account? Do you have two factor authentication activated? It sounds like your phone got wiped over wifi, which would require access to your Google account. It's just odd that you get errors, which normally shouldn't happen if someone would use the erase a lost Android device function.
It's also possible that your backup from your GAccount is simply corrupted (many people had issues with random reboots). You should try and set up your (replacement) phone anew without any backup, maybe that can fix your issue.
Beyond that Google account thing-y, anything else is highly unlikely. Even specialized companies have serious issues getting into a modern smartphone, lest alone an Android 12 phone with a Google Server grade Titan m2 chip. The newer the firmware, the less likely the chance that someone from the outside could get in, especially with a phone like a Pixel that isn't very common. Most security firms/govermental agencies can only abuse older, known security loopholes. It's more likely that very popular phones like a Samsung or IPhone are targets from "the bad guys", since there will be bigger payoff for breaking the security of those phones, since there is a greater pool of users to target. Most hacks I've witnessed weren't random, they were targeted. Ask yourself: Am I worth the trouble of getting hacked? Do you have anything of interest on your phone that would warrant an excessive use of resources? Managing to hack a Pixel is not only unlikely in terms of the security you need to breach, but also in terms of the potential payoff in relation to the necessary knowhow and resources. It's just "not worth it".
What you should do immediately, just in case, is secure your Google account. Change your password. Maybe even change your two-factor authentication, if you have one (sms is not secure, use a token generating software/device). Change the wifi password from your girlfriend and check the list of connected devices. make a list of these connected devices + history (find that in the rooter software) and check them against the devices you know of. Also check the list of connected devices to your GAccount. Use the option to log out ALL devices from your Google account, so only your device is connected.
Do any other people have access to your phone? Do any other people know your passwords? Does your girlfriend has access? Do any other people have biometric security saved on your phone? Do you trust your girlfriend completely?
Make sure you use a special, new password for your GAccount, never reuse old ones that you have used somewhere else. Also check your emails on https://haveibeenpwned.com/
Beyond that, if you are not doing already, use a password manager.
Woodruff87 said:
Im not sure who or how they wiped anything. It happened one day after connecting to my girlfriends wifi. I got ahold of Verizon and they sent me a new phone and as soon as I started it the same thing happened to it also
Click to expand...
Click to collapse
Wait a sec. Verizon sent you a new (refurbished probably but new nonetheless) phone and when you turned it on weren't you greeted with the startup menu? Am I missing something?
Morgrain said:
Did you unlock the bootloader? Have custom firmware/kernel installed?
A "hacker" wins nothing by resetting/wiping your phone. They want data, and that only works if the phone can turn on and works. This looks like a wipe/factory reset gone wrong, which spells user error or software error and less likely a "hacker" attack. Most hacks you will never notice. A hacker that makes you notice that something went wrong, is either an amateur or did it on purpose. Ergo, he wants you to know that something went wrong, which usually only happens in order to extort you. If there is no extortion, then an obvious act by a hacker is highly unlikely.
We need some more information. What firmware had you installed? What happened exactly when. Did you install any new apps recently? What did you do prior to something going wrong? All the information that could help us troubleshoot your issue.
You said your phone wiped itself a day after connecting to your girlfriends wifi, and that a replacement device that you got sent by your carrier, did the same. Did you check your Google account? Do you have two factor authentication activated? It sounds like your phone got wiped over wifi, which would require access to your Google account. It's just odd that you get errors, which normally shouldn't happen if someone would use the erase a lost Android device function.
It's also possible that your backup from your GAccount is simply corrupted (many people had issues with random reboots). You should try and set up your (replacement) phone anew without any backup, maybe that can fix your issue.
Beyond that Google account thing-y, anything else is highly unlikely. Even specialized companies have serious issues getting into a modern smartphone, lest alone an Android 12 phone with a Google Server grade Titan m2 chip. The newer the firmware, the less likely the chance that someone from the outside could get in, especially with a phone like a Pixel that isn't very common. Most security firms/govermental agencies can only abuse older, known security loopholes. It's more likely that very popular phones like a Samsung or IPhone are targets from "the bad guys", since there will be bigger payoff for breaking the security of those phones, since there is a greater pool of users to target. Most hacks I've witnessed weren't random, they were targeted. Ask yourself: Am I worth the trouble of getting hacked? Do you have anything of interest on your phone that would warrant an excessive use of resources? Managing to hack a Pixel is not only unlikely in terms of the security you need to breach, but also in terms of the potential payoff in relation to the necessary knowhow and resources. It's just "not worth it".
What you should do immediately, just in case, is secure your Google account. Change your password. Maybe even change your two-factor authentication, if you have one (sms is not secure, use a token generating software/device). Change the wifi password from your girlfriend and check the list of connected devices. make a list of these connected devices + history (find that in the rooter software) and check them against the devices you know of. Also check the list of connected devices to your GAccount. Use the option to log out ALL devices from your Google account, so only your device is connected.
Do any other people have access to your phone? Do any other people know your passwords? Does your girlfriend has access? Do any other people have biometric security saved on your phone? Do you trust your girlfriend completely?
Make sure you use a special, new password for your GAccount, never reuse old ones that you have used somewhere else. Also check your emails on https://haveibeenpwned.com/
Beyond that, if you are not doing already, use a password manager.
Click to expand...
Click to collapse
Thanks I really appreciate the help and all the advice. I checked https://haveibeenpwned.com/ and my account has been pawned in 1 data breach... I will deactivate the Google account and start over fresh. Thanks again for all the info
bencozzy said:
Two things are they refurbished? And do they work without signing into google?
Click to expand...
Click to collapse
The first one was new, but the one I got from Google as a replacement was refurbished. Ill try resetting through the settings and deactivating all my accounts.
Woodruff87 said:
Thanks I really appreciate the help and all the advice. I checked https://haveibeenpwned.com/ and my account has been pawned in 1 data breach... I will deactivate the Google account and start over fresh. Thanks again for all the info
Click to expand...
Click to collapse
This, among many other things, is one of the reasons I use GrapheneOS and NO gooble services (despite all the attention they give to sandboxed gooble services).
Woodruff87 said:
Thanks I really appreciate the help and all the advice. I checked https://haveibeenpwned.com/ and my account has been pawned in 1 data breach... I will deactivate the Google account and start over fresh. Thanks again for all the info
Click to expand...
Click to collapse
your google address was found on that site for another service and you used the same password for both services, correct?
despite what some believe, your google account will not get hacked unless your password is insecure (ie. leaked or insufficient with 2FA). anything less and your asking for trouble (also using GrapheneOS).