• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Hacked!

McGiven

Lurker
May 2, 2017
3
0
I know I'm a few years behind but the situation I've found my family in is completely new to me. I've never had a problem with malware/viruses/hackers or anything like that before. This problem hit fast, hard and quite stealthily as it has taken months of staring at files, codes phone logs and detailed billing to educate myself somewhat on what the heck I was looking and piece together enough accurate information to even begin to convince others there was an issue at all...let alone what I consider a quite serious one. Even the carriers had no clue what I was talking about and everybody literally said I was crazy...going so far as to compare my theory to a distant in law who was diagnosed parody schizophrenic/bibolar/multiple personalities. Now that I spent 4 months cooped up and just about driving myself crazy...everyone now sees there's a problem...

We have 9 devices over 2 carries. Somehow they have all been compromised in some way and the talk/text/data usage is through the roof due to illegitimate activities. I've changed numbers and devices and nothing stops it for long. The brand new kyocera we had is now a 400 paperweight that won't load past the kyocera screen and we only had it for 10 days. This has gone way past a laughable spoofing situation.
After 4 months, numerous and very serious fights, and 20 lbs weight loss later we have gotten no closer to a resolution or answers. My marriage and children can't handle much more...as easily as you can argue that he's cheating there's just as much information that indicates he has no part in it as he very adamantly proclaims.
If anyone has any experience with, knowledge of, advice or suggestions as to how best to proceed I would greatly appreciate them. LM
 
Last edited by a moderator:
I know I'm a few years behind but the situation I've found my family in is completely new to me.

We have 9 devices over 2 carries. Somehow they have all been compromised in some way and the talk/text/data usage is through the roof due to illegitimate activities.

Hi,

Welcome to the site!

First an administrative point. If you hijack someone else's post you won't be notified when someone answers, this is why I explicitly quoted part of your message. Start a new thread next time and you (we too) will have an easier time.

You mentioned that you spent four months researching this problem, but you posted very little of the details. However: given that you are seeing problems across devices and carriers, it means that either someone is explicitly attacking you or, far more likely, that someone with physical access to the devices is doing something that infects all the phones. Since most Android malware is picked up by visiting infected websites, downloading and installing infected applications or otherwise downloading something dodgy, I would recommend that you restrict access to one device and see if it survives. I assume that your kyocera is relatively new. I would take it back to the dealer to be serviced. They will either replace it or flash the phone back to stock firmware. When you get the phone back, create a new Google account and register it on this phone. Under no circumstances "root" the phone. Set a secure lock screen password and only install apps from the Google play store. Then use the phone yourself (i.e. don't give it to anyone else and don't leave it unlocked) as normal and see if the phone behaves ok. If all is well then the problem is with someone else in the family. Repeat this with each phone until you find the person downloading the virus.

Remember that all virus infections are accidental, so there is no point in blaming. We are trying to educate the person to act safely in the future.

Also, if you have not already done so, install malwarebytes from the play store on one of your infected phones and run a scan. It may pick up something that you haven't.

Regards,
Eric.
 
Upvote 0
If you have a problem with multiple devices and which moves when you change device the obvious question is "what's the common factor?". And the simplest answer is "your account(s)". So what measures have you taken to ensure that your Google account or accounts haven't been hacked? If they have then someone could use them to infect your devices.
 
Upvote 0
First an administrative point. If you hijack someone else's post you won't be notified when someone answers, this is why I explicitly quoted part of your message. Start a new thread next time and you (we too) will have an easier time.
No worries. If someone lets a mod know we can fix it. ;)

@McGiven, I've moved your posts to its own thread in the Android Lounge. I think @Hadron may be onto something. I would look into hardening your Google accounts and set up two step authentication.
 
Upvote 0
Hi,

Welcome to the site!

First an administrative point. If you hijack someone else's post you won't be notified when someone answers, this is why I explicitly quoted part of your message. Start a new thread next time and you (we too) will have an easier time.

You mentioned that you spent four months researching this problem, but you posted very little of the details. However: given that you are seeing problems across devices and carriers, it means that either someone is explicitly attacking you or, far more likely, that someone with physical access to the devices is doing something that infects all the phones. Since most Android malware is picked up by visiting infected websites, downloading and installing infected applications or otherwise downloading something dodgy, I would recommend that you restrict access to one device and see if it survives. I assume that your kyocera is relatively new. I would take it back to the dealer to be serviced. They will either replace it or flash the phone back to stock firmware. When you get the phone back, create a new Google account and register it on this phone. Under no circumstances "root" the phone. Set a secure lock screen password and only install apps from the Google play store. Then use the phone yourself (i.e. don't give it to anyone else and don't leave it unlocked) as normal and see if the phone behaves ok. If all is well then the problem is with someone else in the family. Repeat this with each phone until you find the person downloading the virus.

Remember that all virus infections are accidental, so there is no point in blaming. We are trying to educate the person to act safely in the future.

Also, if you have not already done so, install malwarebytes from the play store on one of your infected phones and run a scan. It may pick up something that you haven't.

Regards,
Eric.
The issue has not only followed devices but carriers and emails as well. There is only 2 possible explainations...
1. Someone targeted us directly
2. My husband is cheating or involved in some shady sh%t and using the calling apps and such to cover it up.

I've got a ton of info but it takes so long for me to figure out what I'm even looking at. Now stuff is getting deleted. I was thinking about getting a device that no one has any knowledge of and start from scratch...transferring as much of the info I have left to it. First things first...is there any way to track down who, on what device, and where this is all coming from?
 
Upvote 0
Hi,

I did a little research in the field of forensic analysis in Android and found one academic paper. I didn't read it, since to do so would cost thirteen dollars, but the synopsis suggested that very little work has been done in this area. So, other than performing backups of your devices, there is probably little you can do as an end user (i.e. are not willing to develop something yourself).

However, I would add a third option: it could be that someone is infecting the devices accidentally. With regards to your option two, I would suggest that relying on malware to hide evidence of cheating, or something else, is unlikely to help since the malware author is out for self profit.

Just get the one phone repaired or replaced then follow the above suggestions.

Regards,
Eric.
 
Upvote 0
Hi,
I did a little research in the field of forensic analysis in Android and found one academic paper. I didn't read it, since to do so would cost thirteen dollars, but the synopsis suggested that very little work has been done in this area. So, other than performing backups of your devices, there is probably little you can do as an end user (i.e. are not willing to develop something yourself).
However, I would add a third option: it could be that someone is infecting the devices accidentally. With regards to your option two, I would suggest that relying on malware to hide evidence of cheating, or something else, is unlikely to help since the malware author is out for self profit.
Just get the one phone repaired or replaced then follow the above suggestions.
Regards,

Eric.

thank you. I was hoping there was a way to get the damaged phone to boot up enough to pull info off of it in an attempt to gain as much info as possible concerning what was going on when it crashed. The other day and international number actually showed as am incoming call and I was able to back track it to a local number, a viber page and a synced, international looking facebook page.

I have all these files that talk about hiding app info under others, what seems to be paths from one app to another when you do the combination in a certain order and I have actually been on the open source networking sights, one which brought up nothing but porn. Wednesday was the first day in a month his phone has went to work with him and of course it came back different. There were emails periodically sent to himself of call and text logs all day among other things.  Is there any way to get a log of anything that happens on a device? It seems as though backups are created, other launchers and vpns used and then returned to as close to normal as possible. I hate to keep whining and bugging over the issue but with his adamant claims of innocence I need some way to piece all this together to prove one way or the other who is involved. He is SO totally tech illiterate it's not even funny so if he is involved it could only be with complete assistance from someone else. At this point his phone gets suspended for about 90% of the day and because of that they have started using the other lines more. It's getting worse as according to the carrier two lines on the account used more than the allotted high speed data in only 2 days and we are now slowed down for the remaining 28 days of the cycle and the calls and messages are increasing drastically. I was hoping there was someone who could help...
 
Upvote 0

BEST TECH IN 2023

We've been tracking upcoming products and ranking the best tech since 2007. Thanks for trusting our opinion: we get rewarded through affiliate links that earn us a commission and we invite you to learn more about us.

Smartphones