Help i messed up and pressed an malicious system update

[migs_k]

i messed up and pressed an malicious system update

i believe it was already in its last update when i first baught it last year
https://www.sammobile.com/samsung/galaxy-a01/firmware/SM-A015F/XTC/download/A015FXXS3ATL1/1038807/

but since i was ignorant of what is the last or latest update versions, i stupidly pressed on this "software update" that i got notified with

how to remove this unknown intrusion, i have already factory reset before but i believe this one infected system files

this phone is also not rooted, so i dont have alot of options to consider

 

[Dannydet]

Why do you think it is a malicious system update?
Thats directly from your device manufacturer website.
Do you think Samsung is deliberately infecting their own devices?

 

[migs_k]

More like i got a notificaltion and stupidly pressed it

My dev mode was on and usb debugging because i was tranfering files to pc

 

[ocnbrze]

i agree with @Dannydet that samsung firmware updates are not malicious. maybe some of them might be annoying as apps can take a while to catch up to the latest updates and thus might not work properly.....but they are not malicious.

here check this out:
https://www.online-tech-tips.com/smartphones/how-to-downgrade-your-android-phone-to-an-older-os/

 

[migs_k]

What if it wasnt a firmware update and it just "shows" that it is

 

[migs_k]

Btw is there an app that detects or prevents MITM?

 

[puppykickr]

We may be better able to help you if you can tel us why you think that this update was bogus.

Tell us what behavior your device is exhibiting that makes you believe that the update was malicious.

 

[migs_k]

It used to have permanent open ports (did port scanning ports), i never dabbled in those

------
My pc firewall detected a port scanning attack coming from the same IP as my phone (not related above, i was busy on a google meet session during this time)

-----
I became suspicious that my pc had 3 running duplicate processes related to bitdefender

After closing one of them (all three of them closed then a same named process opened), bitdefender immediatly detected MITM attacks and blocked them (as if these processes were preventing detection of MITM)

 

[migs_k]

anyway is there a step by step guide to completly reset my phone back as it was brand new? firmware, systems, backups, etc.

 

[Hadron]

i messed up and pressed an malicious system update

i believe it was already in its last update when i first baught it last year
https://www.sammobile.com/samsung/galaxy-a01/firmware/SM-A015F/XTC/download/A015FXXS3ATL1/1038807/

but since i was ignorant of what is the last or latest update versions, i stupidly pressed on this "software update" that i got notified with

how to remove this unknown intrusion, i have already factory reset before but i believe this one infected system files

this phone is also not rooted, so i dont have alot of options to consider

It's unlikely that any malware could infect system files in Android 10 on an unrooted device - the sort of exploits that used to be used for that were closed years ago (the reason why all of those "one click root" tools stopped working - they used the same exploits that the malware did). So if you've done a reset that probably covers it, as long as you don't reinstall it (e.g. restoring a backup that includes the malware).

If you want to be safe, go to Sammobile.com and download the latest firmware for your model and reflash the phone. I'm not a Samsung user so can't give a step-by-step for that, but I'm sure Sammobile can. Reinstalling the stock firmware will overwrite your system files, so any modifications will be toasted.

 

[ocnbrze]

What if it wasnt a firmware update and it just "shows" that it is

that is not possible. in order for that to happen, your phone would have to be rooted to gain access to your system files and be able to read and write to the partition where the os is on......so unless your phone is rooted, this cannot happen.

 

[ocnbrze]

anyway is there a step by step guide to completly reset my phone back as it was brand new? firmware, systems, backups, etc.

you can just do a factory reset from within your phone's settings. or you can do a hard reset:https://www.hardreset.info/devices/samsung/samsung-galaxy-a01/

 

[migs_k]

My phone had its wifi turned off, it was connected to the pc with dev mode and usb debugging

It was trying to "download" an update but with no internet it was just trying to connect

What does that mean?