Ways to identify if phone has been hacked/cloned?

[SungSam77]

I'm looking for some folks that really know their stuff. I've been having some odd issues going on for the last few months. Myself and a family member (that the odd happenings were going on with first actually) seem to be getting our data cut off at times when neither of us is near our data limits. Seems to happen most when we try to contact each other. The family's member's phone has shown strong signs of being cloned such as shutting down unexpectedly, phone gets hot suddenly, etc. I can be out for a good part of the day and be on data and when I come home and connect to my wifi automatically, I get flooded with notifications. Delayed texts (hours old) and emails. My Facebook has been showing my make and model on my logins but they were out of state and had different IP addresses. When I log them out, it also boots me off. I no longer am receiving codes to my phone for things such as 2 step authentication, as if they are going to another phone. I used to use Texta until I noticed where you go to uninstall updates it said "uninstall for all users" so that was a red flag. I should be the only user of the phone. I was interested a few months back in switching to Total Wireless and put my IMEI number on their site and chatted with a rep and they said all I needed was a new SIM card and it could be swapped over. Fast forward to after these suspicious logins and weirdness, I have since tried to change carriers and when they run my IMEI they now say I'm not compatible. I googled my cell number and it shows my carrier as SPRINT SPECTRUM LP which has nothing to do with TracFone or Straight Talk to my knowledge (correct me if I'm wrong) and when I research that it shows something to do with law enforcement? Is it possible someone has cloned my IMEI and they're getting all my data and notifications before I do? I know I have done nothing to worry about, it's more of an annoyance than anything. But I cannot afford to miss important notifications or calls/texts and I'd hate to get rid of this phone I haven't had even a year and spent a good bit on (to me anyway) and change my number which will be a hassle. Nor do I want to wipe my phone due to having a lot of important things on it since I've started tracking all of this strange stuff. I also would like to add that when I used Find My Device, with it right in my hand, it wasn't able to find it, and said remote location turned off, when my location was on. That's never happened before. This really is a small portion of my story, despite my novel. Sorry for that by the way....lol....

Anyone out there with some knowledge on cloning and anything to do with the topic of being traced? Thanks in advance.

 

[ocnbrze]

ok so lets list your issues:
1.i'm not sure about you or your families data getting "cut-off". does this mean that you have reached your data limit and was told so (even though you have not reached it)? have you called your carrier?

2.shutting down unexpectedly and having the phone getting hot does not mean it was cloned or even hacked. for some reason my note 8 would get hot and would boot off...not sure why. it happens very rarely, but it happens.

3.where does it show your phone's info in facebook? i do not see that on my phone.

4.as for Total Wireless, I'm not sure of that. I do know that the IMEI is your direct link with the phone and you. Not much personally can be done with using IMEI. someone can clone your device and make phone calls and texts, but that is about it.

here read this:
https://security.stackexchange.com/...k-of-leaking-imei-imsi-numbers-over-a-network

the second post has some great info:

Spoiler

The IMEI is a unique worldwide identifier for the phone (the hardware element), while the IMSI is a unique worldwide identifier for the SIM card (so it more-or-less maps to the human user who owns it). See this page. Both are sent "as is" over the air, and thus can be obtained by any attacker with an antenna and located in the vicinity. Knowledge of the IMEI and/or IMSI of some user does not give extra ways to break into the communications of that user; they are not secret values.

However...

There may be a slight privacy concern about IMEI and IMSI, in that they allow to "track" user habits:

• An application could generate a random unique identifier each time it is installed on a phone. However, by using the IMEI, the application can tell whether it is re-installed on a given phone; it can also be used to cross-reference the table of known installed application instances with cell phone locations obtained through passive radio listening from some base station.
  
  
• The IMSI "follows" the user when he switches phones (he transfers his SIM card from his old phone to his new phone).

I can imagine an app which is linked to some "account" on a server; using the IMSI allows the server to more easily automate "relinking" the app when the user switches phones. By the same reason, users can feel that their privacy is breached in that they would like to be able to re-install their app and/or switch phones to "start anew" with a distinct account which is not linkable to their own account.

To a large extent, users can consider their IMSI to be the phone equivalent of their email address. An app which automatically send the IMSI to a server is as much a security or privacy issue as a software application which automatically sends the user email to a remote server; many people would feel uncomfortable at the latter, and it begs the question of why it is done in the first place.

Of course, if an app does something stupid like using the IMEI or IMSI as an authentication token, e.g. a kind of password to access data on a remote server, then learning the IMEI or IMSI opens access to that data. But that's what you get when you use non-secret data as if it was secret.

5.is there any way you can back your phone up? i would really would recommend you do a factory reset.

 

[SungSam77]

I get 3gb a month and usually don't even come close to1gb since work and home both stay on wifi most of the day. I don't use many apps that use data when out and about and have my phone's settings to not allow data to be used when the app/apps are not in use, such as FB, Instagram, etc. So not sure why the sudden spike in data usage. I have called my carrier many, many times. All they do is trouble shoot, make me send a text and if it goes through at the time, they simply say everything appears to be working fine and do nothing. I have researched quite a bit since these issues and a lot of what my family member and I have experienced, point to someone else having access to our phones. Why? We don't know. All I know is I went from nothing odd ever happening to all of a sudden my phone and even home wifi seem to be messed with. Do you have any knowledge of whether or not a MIN # should match mine? I started receiving weird codes attached to my 2 step verification codes before this all started. So maybe it has something to do with that, I don't know. I do regular backups on my phone but some sound files in particular I'm not seeing back up and I don't want to lose those from a reset. Plus I don't think a reset with accomplish anything if I'm suspecting IMEI being the culprit. And on facebook, all you have to do is go to settings and view your login and security and it shows you which devices and IPs are logging into your acct and how, such as messenger, chrome, windows, etc. Why suddenly would I see someone with my model of phone logging in from 2 separate IPs on my facebook from 2 different states very far away from me? Same thing with my family member's phone, only it was happening to them before me. Again, never had this issue before all this. It's baffling.

 

[ocnbrze]

have you asked your carrier for a list of data that they keep track and see if it looks suspicious? they should have some kind of record of your data.

well i'm no security expert but there are a few articles that have some great tips that you should read:
https://www.phonecheck.com/how-to-check-imei-number-hacked/
https://www.techlicious.com/tip/how-to-tell-if-your-phone-has-been-hacked/

 

[SungSam77]

have you asked your carrier for a list of data that they keep track and see if it looks suspicious? they should have some kind of record of your data.

well i'm no security expert but there are a few articles that have some great tips that you should read:
https://www.phonecheck.com/how-to-check-imei-number-hacked/
https://www.techlicious.com/tip/how-to-tell-if-your-phone-has-been-hacked/

I can try and ask. I didn't know they did such a thing. It's worth a shot though. Thanks for your help too by the way.

 

[ocnbrze]

i would read up on the three links i provided. there is some great info and suggestions. keep us posted and good luck.

 

[SungSam77]

I actually have already been to these 2 links! Good find. My particular interest has been on #7 in your 2nd link. I do have reasons as to why but would never be posting that on here. I've actually never done forums until now. Reddit has also been helpful on that particular area of interest. I do believe there's definitely something to it. Not just data or reception issues. Well if anything new comes about, I'll be sure to update. Thanks again!

 

[ocnbrze]

AF forums are the best. we definitely have more of a family vibe here then a lot of the huge forums. We have great members here and we some pretty cool non android Off Topic forum that you can discuss pretty much anything.

like i said keep us posted