1. Check out our companion app, Forums for Android! Download from Google Play

General 2.1 v2 and gmail possibly hacked

Discussion in 'Android Devices' started by travisvn1, Apr 7, 2010.

  1. travisvn1

    travisvn1 Member
    Thread Starter
    35

    Feb 25, 2010
    21
    0
    35
    IT
    San Diego, CA
    This morning at 3 am spam was sent out of my gmail account. I am not sure if it came from my phone or my account just got hacked (my computers were turned off). I changed the Password on my account. Since I am running 2.1 and it is not an official release there is the possibility this is where it came from it was a simple email with a link in it. Just wanted to post a heads up to keep you eyes open
     

    Advertisement

  2. badfrog

    badfrog Well-Known Member
    38

    Mar 24, 2010
    183
    10
    38
    I fix stuff
    Coast of Maine
    I doubt it is the rom.
     
  3. OfTheDamned

    OfTheDamned The Friendly Undead
    813

    Oct 29, 2009
    9,692
    8,365
    813
    Right Behind You
    How long have you had 2.1 on your phone?
     
  4. DroidJW

    DroidJW Guest

    Is the spam showing in your sent gmail items or did you and/or friends receive spam that appears to originate from your gmail? If its the latter, I suspect the spammer has just spoofed your gmail address, rather than hacked your gmail account.

    I admit I am always a bit cautious with something like an unofficial ROM -- knowing it may be from an unscrupulous source. In the case of 2.1 v2, so many here have upgraded, I believe improper activity would be flagged by now (especially by pros like OTD & Caddy).
     
  5. erisuser1

    erisuser1 Well-Known Member
    223

    Nov 11, 2009
    1,644
    759
    223
    There is little that prevents a spammer from sending an email with a forged senders' "From" address. (Well, actually, it's a little harder than it was 10 years ago, but it is still possible.)

    The cretin / spambot that is using your e-mail address could have harvested it from any place that it was made publicly available... or perhaps harvested from the email store on a virus-infected PC owned by someone who has received an email with your address listed somewhere.

    You would probably need to be using a gmail address that had never been used even once - for any purpose - before you conclude that "gmail on my phone was hacked".

    I'm not saying it is impossible, but that there are a lot of other ways it could have happened that are more likely than the route you are suggesting.

    (Note that at least one me those ways could be a rogue app you installed on your phone that has access to your address book)

    eu1
     
  6. travisvn1

    travisvn1 Member
    Thread Starter
    35

    Feb 25, 2010
    21
    0
    35
    IT
    San Diego, CA
    I did the upgrade within hours of its release. In answer to other questions the email is showing in my out box. First thing I did was change my password so hopefully that was the issue. It happened on the rare occasion when I had all of my computers were off which is weird since I tend to leave them all on. I work in IT so I am pretty careful with my passwords. The funny thing is I found out about it when my boss got one of the emails and alerted me. If it happens again I am going to suspect the phone (since it stores the password) otherwise I would have to believe somebody managed to get into my account. I just thought I would post in case anyone else experienced this.
     
  7. Pitamakan

    Pitamakan Well-Known Member
    78

    Jan 15, 2010
    586
    80
    78
    Bozeman, Montana
    Yeah, exactly. Though something like that is theoretically possible in a hacked ROM, the odds are so insanely small that I don't even think it's worthy of consideration. And there are so many copies of those 2.1 builds in use now, that we certainly would have had other reports by now.

    Almost certainly, what happened is that a hacker harvested your e-mail address from somewhere -- possibly the computer address book of one of your contacts. Your Eris is blameless here.
     
  8. smacky

    163

    Jan 11, 2010
    2,844
    299
    163
    I figured out a friend's password to his GMail/school email, facebook, and school account. It wasn't hard.

    It isn't always some hacker.
     
  9. erisuser1

    erisuser1 Well-Known Member
    223

    Nov 11, 2009
    1,644
    759
    223
    Except that the mail appearing in his outbox proves conclusively that his account was compromised. :(

    GMail uses https for authentication, so that sort of rules out network sniffing. OTOH, something about this seems a little odd - leaving a trail like that (sentbox crumbs) allows for ready detection.

    If the boss still has the spam, the delivery headers might (or might not) provide some info.

    If I were to guess, I would suspect that the OP had a keylogger dropped on one of the machines he uses... or one of the OP's co-workers shoulder-surfed him.
     
  10. DroidJW

    DroidJW Guest

    This is disturbing indeed. Might you run updated malware/virus scan on all your PCs (included malwarebytes if possible) and check for keyloggers?

    Some folks here reported malware install (or attempts to install) from the ad popups from the sites that hosted the ROM (this did not happen to me). Perhaps you had an infection from that?

    Since you are an IT guy, you may have already scanned your systems, but it would be a big favor to others here if we could narrow the possible source of the hack.
     
  11. katerchap

    katerchap New Member
    5

    Jun 18, 2010
    1
    0
    5
    hey guys
    any update on this one? Did changing your passwords work?

    This happened to me today, spammed my gmail contact list with

    "Hello friend.:
    I have good news for you. Last week ,I have Order china 3 Products
    Samsung UN55B8000 55-Inch... (insert more rubbish)"

    All this was noted in my Sent Items. It then also set my facebook status to the same thing. Given my phone is the only place I have logged on to gmail and facebook from in the past few weeks (and is the only place the password is remembered). I am assuming it has come from my phone (even tho the log does say browser)

    I ran a couple of different security/av etc programs over the phone and it all came up clean

    I am using
    HTC Desire
    2.1 update 1

    I have been through my gmail logs and someone from China logged in

    Browser China (115.49.36.246) 3:49 pm (1 hour ago)

    I have changed all my passwords
     
  12. MrChips

    MrChips Active Member
    16

    May 20, 2010
    34
    2
    16
    Not the ROM. Google "gmail hacked" and most of the results will have "China" in the title. It's cyber-war.
     
  13. Amlethus

    Amlethus New Member
    5

    Aug 31, 2010
    1
    0
    5
    I was hacked this morning as well, from the same IP address. Same situation.

    I really want to know how they hacked my account! My password wasn't changed, so it wasn't a hack where they were able to activate the "forgot your password?" feature. I would really like to know how my password was stolen.

    Anyone else fall victim? This is the best search result for this IP, and I hope it comes up higher on google for "gmail account hacked".
     
  14. ppbb

    ppbb Well-Known Member
    36

    Jun 27, 2010
    191
    6
    36
    you can check for ip access to your gmail account. go to the bottom of your gmail page (on your computer) and scroll to the bottom of the page:

    Last account activity: 22 minutes ago at this IP (your ip address). Details

    click details - this will show who accessed your account and which ip address. You should see your normal desktop, plus any mobile devices (phones, ipads etc)

    from there you can look up the ip addresses and bust em!
     
  15. erisuser1

    erisuser1 Well-Known Member
    223

    Nov 11, 2009
    1,644
    759
    223
    More likely that your PC is compromised, or you use a "weak" password, or you installed a rogue app, than a problem with the ROM.
     
  16. shaebedi

    shaebedi New Member
    5

    Sep 23, 2010
    1
    0
    5

    I too just discovered that my gmail account was spamming. I am running andriod 1.6 and it was spamming random emails and I was getting failed attempt returns....

    Again not sure if it was from an application. But I am suspecting it was a World of Warcraft application that I downloaded, as the return emails were all Blizzard related...
     
  17. Alleycat

    Alleycat Well-Known Member
    16

    Apr 29, 2010
    61
    2
    16
    Nawth Cackalacky
    Have you been using wifi in a public location (Barnes and Noble, Panera, McDonald's, Starbucks, etc)? Mine was compromised about 3 months ago, and I suspect it was from using public wifi to check my gmail account on my iPod Touch.

    I've got a pretty complex password now and I avoid using public wifi, so I'm good so far (knock on wood).
     
  18. cyraxx

    cyraxx Member
    16

    Jul 29, 2010
    11
    1
    16
    Same thing happened to me this weekend. I received a notification that my gmail couldn't refresh, so I tried to log in and it wouldn't let me. I reset the password and logged in again on my phone, not thinking anything of it, and checked my mail. There was a returned email to someone I don't know telling them to log in the to their account at the WoW site in addition to a message from Google saying that it was blocked from sending because it seemed like spam.

    I fell asleep and when I woke up, same problem...gmail couldn't update. I changed the password yet again, but this time I did it on my PC. It's been over a day and the password hasn't been changed, so I suspect the problem is solely with my phone, rather than anything on my PC. The only Blizzard related application that I have is the Authenticator, and that's official. Be that as it may, I'll be doing a full reset soon to hopefully rid myself of this problem. Thankfully I haven't checked my bank account or anything important from my phone.

    Any idea what is causing this?
     

Share This Page

Loading...