How to tell if Android phone has spyware or cloned
I need help in trying to figure out if my phone has sometime of spyware or could be possibly cloned. I have a Samsung Epic 4g with Sprint. Finally after months and months of trying to get Sprint to help me they are now involved because of my complaint with the FCC but still they are a little dumbfounded at the moment with what is going on with the phone. Below are a list of events with the phone:
1) The day I purchased the phone with was in the possession of a coworker and fellow Sprint customer/Android user/and self proclaimed hacker. He had the phone for at least 30 minutes while 'checking it out'. He said he did download an app to it that I needed but I do not remember what it was.
2) The following day my new phone sent out just over 300 text messages in a span of a bout 5 minutes. These text messages were actual text messages that had been sent weeks and months earlier off of my previous phone (Samsung Reclaim) and obviously not my new phone that I had less then 24 hours. The text messages sent were to only two specific people. Meaning the phone didn't sent out any other text conversations I had on the previous phone to other contacts.
3) Three weeks later my phone was 'stolen' and three weeks after it was stolen and I already had a replacement the phone the stolen Epic miraciously reappeared at the bar it was stolen at.
4) My coworker that had the Epic on the day I purchased it wanted to buy my replacement phone. I gave him the replacement phone and kept my original Epic. When I gave him the replacement Epic I mistakenly gave him the box of the original Epic that I kept. I also gave him my sprint.com username and password thinking he would need it to get service into his name.
5) Three days after I gave the replacement Epic to the 'friend'/coworker I started getting text messages from a number I did not recognize and the person would always claim to be 'me' when I asked who they are.
6) My MSN email had been hacked and this had been an ongoing problem even before I bought the Epic. I removed the MSN email account from my Epic phone and still have numerous Sprint IP addresses hacking my MSN email account.
7) When I would try to reset my password online with MSN and use the text option to send me a reset link to my cell number I would never get the text message
8) Numerous people have claimed they have never got voicemail messages that I have left for them
9) People have claimed to have sent me text messages and I have never received them.
10) I have text messages that have been sent to my phone but they say 'default message' and when Sprint sent me the text detail these text messages do not even appear on the the documentation from Sprint.
11) One individual sent me a text claiming he was responding to my text but I did not sent him one. He was a coworker as well. Some other people are now saying that certain text messages that I have from them they never sent.
12) I downloaded a rootcheck on the phone and it said my phone did not have a root installed but Busybox was loaded on the phone.
13) Some people have reported that they call me and the phone just rings and rings and voicemail does not pick up. I also do not have anything in my call log showing any calls.
14) When the phone is off and I call it it does not go straight to voicemail but rings numerous times and will go to VM
15) I have received text messages from foreign countries trying to advertise something
16) There have been times the phone will go off network and say something like 'no network attached to this phone' even though I have another Sprint Samsung Intercept and the phones will be side by side and that phone works fine.
17) I have had phone numbers added to my contacts list and numbers added to other contacts information.
18) When I confronted the coworker about it he responded to a text message before I sent it; when I rcvd the text detail for that exchange of texts that particular text was a completely different number then his regular Sprint number yet in my phone it is his regular number
19) When I got on my lookout.com account his (coworker that has the replacement Epic) cell phone number was on the account even though he claimed he did a factory reset after I gave him the replacement Epic. I never used Lookout though and was just checking it one day online even though I had never added it to my Epic but it was on the replacement Epic before I gave it to the coworker.
20) My settings have been changed; ringtones changed to silent and alarms disabled to name a few. Also my system time has been changed; I had already set it to default to the regular time but the time had been manually adjusted to be about 3 minutes off.
21) I had a phone call from an unavailable number claiming to be the NSA and that my phone number and IP address were linked to accessing level 3 government documents on wikileaks. It was an automated message and assume it is someone harassing me.
22) Calls that I have actually made are missing from my Sprint bill
I hope this is enough information to give me an idea as to what I am dealing with. The police are involved but so far they are reluctant to do any forensic investigation or even help me. I have also had several break ins to my home; nothing taken but just my computer accessed. To the point nude photos of myself have been emailed off my personal email account. This stalking has been going on for months and I want the responsible individuals brought to justice.
For future reference, don't lend phones to self proclaimed hackers. If sketchy stuff happens, you clear the phone to factory defaults ASAP at the very least. But you do NOT continue to work with the same dude AND give him sensitive account information!
I don't understand which of the red flags you managed to miss but dude, they were all over the place . . .
Best bet at this point, cancel your phone/account, start a new one, replace all your credit cards, get new information, and DON'T LEND OUT YOUR PHONE TO HACKERS . . . heh. Good luck, man.
Second I had no idea about cell phone spyware/hacking/rooting...Sprint didn't give me the memo.
Third this is a criminal case and the authorities are not with it when it comes to even understanding this technology. That is why I posted and you had nothing to offer.
Fourth why did you even respond. I would never wish anyone to be stalked in the manner myself and my family have been because it is not just the phone but home computers/email as well. It is not stopping even since I do not use the phone anymore. Text messages are still being sent as if from my number implicating me as a drug dealer and various other disgusting things.
Fifth the police need to know for certain that it happened the day he was in possession of it before they will do anything.
If you know so much to lash out at me at least provide some insite since all of us are not Android experts as yourself.
Last edited by Mellark; June 25th, 2011 at 09:25 PM.
Download and install Lookout Mobile Security from the market. Run it, go thru the setup process and let it run a scan on your phone.
Chances are that it won't find anything since it only looks for trojans and malware. It won't help if your phone has been cloned. If that's the case, then Sprint needs to deactivate that account and you need to get a new account/phone.
As for the rest of it, like you said, it's a police matter. If you've had break-ins to your home, then they need to do their job.
I hope this message finds you doing well. I understand. I am there myself. I am on my 5th phone, 5th computer, 3rd operating system. As I put up more road blocks, it has spread to my husband, 13 yr old daughter, brother, mothers on both sides. Get the pictures. Working with police, PIs, forensic experts. If you have any information about how this was resolved with you - I would greatly appreciate it.
For those of you who have not experienced this, you don't have a clue and I hope it never happens to you. You will know it when it does. Your phone will call people, check your voice mail, open files and apps, have unique widgets on the screen every few days. You may watch a widget dance and zig zag across the screen. You will have apps you did not download. You will not be able to call specific people closest to you, no matter how hard you try. People will not receive your text messages, although they show sent. You may notice your data usage skyrocket. I am a programmer by trade, and I have not been able to discover the source. I have switched to an iphone, and it is better, but it has been hacked too within a few weeks. Just different on an iphone. Even the detectives phone is now sending blank messages to my iphone that he did not send! Freaked him out. I too received an unprecedented number of strange calls, even blocked unlisted calls.
If anyone has HELPFUL information, I would greatly appreciate it. Thanks!
The Samsung EPIC 4G is Sprint's specially branded version of the Samsung Galaxy S. Samsung announced all their Galaxy S devices simultaneously, and the EPIC 4G has several unique features and capabilities that help it stand out from ... Read More