2.1 v2 and gmail possibly hackedGeneral


Last Updated:

  1. travisvn1

    travisvn1 Member This Topic's Starter

    Joined:
    Feb 25, 2010
    Messages:
    21
    Likes Received:
    0
    This morning at 3 am spam was sent out of my gmail account. I am not sure if it came from my phone or my account just got hacked (my computers were turned off). I changed the Password on my account. Since I am running 2.1 and it is not an official release there is the possibility this is where it came from it was a simple email with a link in it. Just wanted to post a heads up to keep you eyes open
     

    Advertisement
  2. badfrog

    badfrog Well-Known Member

    Joined:
    Mar 24, 2010
    Messages:
    183
    Likes Received:
    10
    I doubt it is the rom.
     
  3. OfTheDamned

    OfTheDamned The Friendly Undead VIP Member

    Joined:
    Oct 29, 2009
    Messages:
    9,691
    Likes Received:
    8,364
    How long have you had 2.1 on your phone?
     
  4. DroidJW

    DroidJW Well-Known Member

    Joined:
    Mar 6, 2010
    Messages:
    121
    Likes Received:
    11
    Is the spam showing in your sent gmail items or did you and/or friends receive spam that appears to originate from your gmail? If its the latter, I suspect the spammer has just spoofed your gmail address, rather than hacked your gmail account.

    I admit I am always a bit cautious with something like an unofficial ROM -- knowing it may be from an unscrupulous source. In the case of 2.1 v2, so many here have upgraded, I believe improper activity would be flagged by now (especially by pros like OTD & Caddy).
     
  5. erisuser1

    erisuser1 Well-Known Member

    Joined:
    Nov 11, 2009
    Messages:
    1,644
    Likes Received:
    759
    There is little that prevents a spammer from sending an email with a forged senders' "From" address. (Well, actually, it's a little harder than it was 10 years ago, but it is still possible.)

    The cretin / spambot that is using your e-mail address could have harvested it from any place that it was made publicly available... or perhaps harvested from the email store on a virus-infected PC owned by someone who has received an email with your address listed somewhere.

    You would probably need to be using a gmail address that had never been used even once - for any purpose - before you conclude that "gmail on my phone was hacked".

    I'm not saying it is impossible, but that there are a lot of other ways it could have happened that are more likely than the route you are suggesting.

    (Note that at least one me those ways could be a rogue app you installed on your phone that has access to your address book)

    eu1
     
  6. travisvn1

    travisvn1 Member This Topic's Starter

    Joined:
    Feb 25, 2010
    Messages:
    21
    Likes Received:
    0
    I did the upgrade within hours of its release. In answer to other questions the email is showing in my out box. First thing I did was change my password so hopefully that was the issue. It happened on the rare occasion when I had all of my computers were off which is weird since I tend to leave them all on. I work in IT so I am pretty careful with my passwords. The funny thing is I found out about it when my boss got one of the emails and alerted me. If it happens again I am going to suspect the phone (since it stores the password) otherwise I would have to believe somebody managed to get into my account. I just thought I would post in case anyone else experienced this.
     
  7. Pitamakan

    Pitamakan Well-Known Member

    Joined:
    Jan 15, 2010
    Messages:
    586
    Likes Received:
    80
    Yeah, exactly. Though something like that is theoretically possible in a hacked ROM, the odds are so insanely small that I don't even think it's worthy of consideration. And there are so many copies of those 2.1 builds in use now, that we certainly would have had other reports by now.

    Almost certainly, what happened is that a hacker harvested your e-mail address from somewhere -- possibly the computer address book of one of your contacts. Your Eris is blameless here.
     
  8. smacky

    smacky Banned

    Joined:
    Jan 11, 2010
    Messages:
    2,844
    Likes Received:
    299
    I figured out a friend's password to his GMail/school email, facebook, and school account. It wasn't hard.

    It isn't always some hacker.
     
  9. erisuser1

    erisuser1 Well-Known Member

    Joined:
    Nov 11, 2009
    Messages:
    1,644
    Likes Received:
    759
    Except that the mail appearing in his outbox proves conclusively that his account was compromised. :(

    GMail uses https for authentication, so that sort of rules out network sniffing. OTOH, something about this seems a little odd - leaving a trail like that (sentbox crumbs) allows for ready detection.

    If the boss still has the spam, the delivery headers might (or might not) provide some info.

    If I were to guess, I would suspect that the OP had a keylogger dropped on one of the machines he uses... or one of the OP's co-workers shoulder-surfed him.
     
  10. DroidJW

    DroidJW Well-Known Member

    Joined:
    Mar 6, 2010
    Messages:
    121
    Likes Received:
    11
    This is disturbing indeed. Might you run updated malware/virus scan on all your PCs (included malwarebytes if possible) and check for keyloggers?

    Some folks here reported malware install (or attempts to install) from the ad popups from the sites that hosted the ROM (this did not happen to me). Perhaps you had an infection from that?

    Since you are an IT guy, you may have already scanned your systems, but it would be a big favor to others here if we could narrow the possible source of the hack.
     
  11. katerchap

    katerchap New Member

    Joined:
    Jun 18, 2010
    Messages:
    1
    Likes Received:
    0
    hey guys
    any update on this one? Did changing your passwords work?

    This happened to me today, spammed my gmail contact list with

    "Hello friend.:
    I have good news for you. Last week ,I have Order china 3 Products
    Samsung UN55B8000 55-Inch... (insert more rubbish)"

    All this was noted in my Sent Items. It then also set my facebook status to the same thing. Given my phone is the only place I have logged on to gmail and facebook from in the past few weeks (and is the only place the password is remembered). I am assuming it has come from my phone (even tho the log does say browser)

    I ran a couple of different security/av etc programs over the phone and it all came up clean

    I am using
    HTC Desire
    2.1 update 1

    I have been through my gmail logs and someone from China logged in

    Browser China (115.49.36.246) 3:49 pm (1 hour ago)

    I have changed all my passwords
     
  12. MrChips

    MrChips Active Member

    Joined:
    May 20, 2010
    Messages:
    34
    Likes Received:
    2
    Not the ROM. Google "gmail hacked" and most of the results will have "China" in the title. It's cyber-war.
     
  13. Amlethus

    Amlethus New Member

    Joined:
    Aug 31, 2010
    Messages:
    1
    Likes Received:
    0
    I was hacked this morning as well, from the same IP address. Same situation.

    I really want to know how they hacked my account! My password wasn't changed, so it wasn't a hack where they were able to activate the "forgot your password?" feature. I would really like to know how my password was stolen.

    Anyone else fall victim? This is the best search result for this IP, and I hope it comes up higher on google for "gmail account hacked".
     
  14. ppbb

    ppbb Well-Known Member

    Joined:
    Jun 27, 2010
    Messages:
    191
    Likes Received:
    6
    you can check for ip access to your gmail account. go to the bottom of your gmail page (on your computer) and scroll to the bottom of the page:

    Last account activity: 22 minutes ago at this IP (your ip address). Details

    click details - this will show who accessed your account and which ip address. You should see your normal desktop, plus any mobile devices (phones, ipads etc)

    from there you can look up the ip addresses and bust em!
     
  15. erisuser1

    erisuser1 Well-Known Member

    Joined:
    Nov 11, 2009
    Messages:
    1,644
    Likes Received:
    759
    More likely that your PC is compromised, or you use a "weak" password, or you installed a rogue app, than a problem with the ROM.
     
  16. shaebedi

    shaebedi New Member

    Joined:
    Sep 23, 2010
    Messages:
    1
    Likes Received:
    0

    I too just discovered that my gmail account was spamming. I am running andriod 1.6 and it was spamming random emails and I was getting failed attempt returns....

    Again not sure if it was from an application. But I am suspecting it was a World of Warcraft application that I downloaded, as the return emails were all Blizzard related...
     
  17. Alleycat

    Alleycat Well-Known Member

    Joined:
    Apr 29, 2010
    Messages:
    61
    Likes Received:
    2
    Have you been using wifi in a public location (Barnes and Noble, Panera, McDonald's, Starbucks, etc)? Mine was compromised about 3 months ago, and I suspect it was from using public wifi to check my gmail account on my iPod Touch.

    I've got a pretty complex password now and I avoid using public wifi, so I'm good so far (knock on wood).
     
  18. cyraxx

    cyraxx Member

    Joined:
    Jul 29, 2010
    Messages:
    11
    Likes Received:
    1
    Same thing happened to me this weekend. I received a notification that my gmail couldn't refresh, so I tried to log in and it wouldn't let me. I reset the password and logged in again on my phone, not thinking anything of it, and checked my mail. There was a returned email to someone I don't know telling them to log in the to their account at the WoW site in addition to a message from Google saying that it was blocked from sending because it seemed like spam.

    I fell asleep and when I woke up, same problem...gmail couldn't update. I changed the password yet again, but this time I did it on my PC. It's been over a day and the password hasn't been changed, so I suspect the problem is solely with my phone, rather than anything on my PC. The only Blizzard related application that I have is the Authenticator, and that's official. Be that as it may, I'll be doing a full reset soon to hopefully rid myself of this problem. Thankfully I haven't checked my bank account or anything important from my phone.

    Any idea what is causing this?
     

Share This Page

Loading...