1. Download our Official Android App: Forums for Android!

Horribly Hacked

Discussion in 'Android Help' started by needabiggerboat, Feb 26, 2019.

  1. needabiggerboat

    Thread Starter
    Rank:
    None
    Points:
    16
    Posts:
    2
    Joined:
    Feb 26, 2019

    Feb 26, 2019
    2
    3
    16
    Hello. New here and am fed up. Sorry I'm not a computer wizard or anything close b.it learning fast. I have a LG m210 Aristo. I'll make this brief as there is to much to go into detail completely at this time. Phone is hacked to stream have factory reset. Changed passwords. Removed Apps. Been through 4 new phones. Contacted LG support. Here's what I have discovered. Phone is not rooted and haven't been able to at this time. Digging into system found many things.Started just googling each program to understand what it was and what it did.WOW! Found many programs that are Windows operating system programs.DRA Trojan programs, System UI shared program that seems to be running remotely and actually has complete control of phone like a cloned phone only worse. As I said I'm learning quick just digging searching like numbers from system IPs, plugins, hardware #s etc. Have been directed to many shocking programs that in know way should be on my phone and have jade to be downloaded somehow. Like I stated pls bear with me for being completly dumb on all this as even to me it sounds impossible. My understanding is almost entire problem is tied many linked aspects.The system UI shared programming the core but am not able in any way to actually find the home of it I come across it by googling system apps and then would Google the code or number it had in search bar and then it would bring up these I don't know for better words but encoded programs which to my understanding tell everything what to do.Then I learned how to translate them into English and then learned what the program did. Then would look up where program came from and how it would be possible to even be on my phone and actually it is not. Most are operated from a computer
    To which I live in a mountainous area and do not have wi-fi installed yet do not have a landline. My wi-fi is set to not connect to any open networks although it shows connected on device info app. Found in my contacts that even though it had proper name number was not correct or from contacts would push send message and it would bring someone else with just a number not a phone number so if you went paying attention God knows where it went or what it started running. Found that when I add a contacts name incontacts it generates a number lower on the page although when you space for last name it doesn't. Google that number it sends me to a website in Poland when translated is a list p.s. phone numbers for operators that see to just send out random messages that to my understanding have numbers that basically invade. Hence the DRA. The redirect happens like can't explain but I try to do things and in the program it hits a spot says stop then tells computer to do all these things final and skips an entire section goes to a drop box few more steps then says finish and restore to previous configurations.then goes about it way but seems to sleep until what ever wakes it up. Found where it tells it to connect to to different phones which seem to be my daughters and my wife's anyway it's their brand which are different. Enough I could continue forever. Just one more just for fun went to apps System apps opened it went one by one opened everything I could erased data, disabled, force stopped, or uninstalled everything I could that I had any access try thoughts phone will crash have to reinstall whatever. Nope update Google play enable download manager and update some apps.Most are still disabled but some couldn't even open and they are the ones that make no difference on the phone in my thoughts.Ok first I'm getting ready to cancell everything all accounts email change all passwords everything Have new phone new SIM new gmail.etc.pretty sure that as soon as I mail or message anything of that it will begin again. So I'm needing to be able to understand it find out where it's coming from identify it and actually stop it first.Have a good idea but no proof. I'm not wanted or anything like that. So I want to fix it on this phone because it's already f_____d. Yes I am turning the phone over and have discussed it with proper people but if all stands true it can be completely wiped on remote and have been advised that I need to ensure things have not been added to jeprodise me. Like I have seen some of the programs I've looked up doesn't allow anyone to have them. I know this is way out there and sounds not possible I have screenshots. Numbers etc and will provide any information to make this stop. If anyone can guide in anyway I'm open to anything. As I have stated been over2 years multiple phones.I need to stop it and the person's involved its completely destroying my family and life. I also understand no help at all no hard feeling and if i have don't belong on here asking for this pls let me know and I will figure it out.
    THANKS. NEEDABIGGERBOAT...and life jackets.
     

    Advertisement

    The-Truth likes this.
  2. Dannydet

    Dannydet Extreme Android User
    Rank:
     #24
    Points:
    918
    Posts:
    5,387
    Joined:
    Jan 16, 2016

    Jan 16, 2016
    5,387
    3,539
    918
    Male
    Graphics Manager / Sales
    USA
    First off, get completely off your phone and turn it off. Get on a pc and create a brand new Gmail account, because that is probably whats been hacked, along with all other accounts you have.
     
    cottbus2504 likes this.
  3. needabiggerboat

    Thread Starter
    Rank:
    None
    Points:
    16
    Posts:
    2
    Joined:
    Feb 26, 2019

    Feb 26, 2019
    2
    3
    16
    Thanks working on that now problem being I'd I live in a semi remote part of Idaho and we don't have the internet at our home but yes I have made arrangements to use a friends in town and going to go through everything bank accounts to Google . Have a new phone SIM card etc but need to find the root to this problem before it is turned over to the state police. Thank you so much for your help it means alot
     
    cottbus2504 and Dannydet like this.
  4. nattsum7779

    nattsum7779 Newbie
    Rank:
    None
    Points:
    16
    Posts:
    12
    Joined:
    May 13, 2019

    May 13, 2019
    12
    2
    16
    From what I can understand here I am having the almost same issue. None of my passwords work and in buying a 3rd phone I have given up. But not before someone gained access to my bank account and my credit card. Any other ideas. Just curious of who you reported this to exactly
     
    cottbus2504 likes this.
  5. Hadron

    Hadron Smoke me a kipper...
    VIP Member
    Rank:
     #9
    Points:
    2,468
    Posts:
    24,806
    Joined:
    Aug 9, 2010

    Aug 9, 2010
    24,806
    19,272
    2,468
    Spacecorp Test Pilot
    Dimension Jumping
    If a problem is following you from one phone to another then either you are reinstalling malware when you change phones or the real problem is that someone has access to your Google account, and problems with the phone are a consequence rather than the source.
     
  6. nattsum7779

    nattsum7779 Newbie
    Rank:
    None
    Points:
    16
    Posts:
    12
    Joined:
    May 13, 2019

    May 13, 2019
    12
    2
    16
    They absolutely have access to my Google account. I looked up the phone number for Google, 3 of them to be exact but could never get to a person.. Any suggestions
     
    cottbus2504 likes this.
  7. Hadron

    Hadron Smoke me a kipper...
    VIP Member
    Rank:
     #9
    Points:
    2,468
    Posts:
    24,806
    Joined:
    Aug 9, 2010

    Aug 9, 2010
    24,806
    19,272
    2,468
    Spacecorp Test Pilot
    Dimension Jumping
    Corporations increasingly don't want to speak to people, and Google have never been especially responsive.

    To secure your account the minimum you need to do is to enable two-factor authentication and change your password. And you obviously don't want to use a compromised device for either of these. Then you need to remove access to the account from any devices that you don't recognise. Personally I'd be inclined to remove your Google account from your phone, then factory reset it. Secure the account and only then reconnect the phone to the account. And don't restore apps or their data from a Google backup - you cannot know that there isn't something nasty in there.

    Before doing that I'd make sure I had backups of anything important (contacts, photos, messages, whatever). In the extreme I'd want those independent of Google in case this all failed and I had to start again with a new Google account.

    In case you don't know, the reason I suggest removing the Google account from the phone before factory resetting or changing password was the avoid getting locked out by the "factory reset protection" feature. The pattern "phone is reset shortly before or after password is changed" looks like theft to that system (the scenario being owner loses phone and changes password, thief resets phone, and those two events could happen in either order), and so it will lock you out for a few days. Since you want to reset and want to change the password you need to avoid this, and the way to do that is to remove the account from the phone before resetting.

    I have to admit that if the problem had followed me through 3 phones and I didn't know a solution I would have switched platforms by now.
     
  8. bcrichster

    bcrichster ROMinator
    Moderator
    Rank:
     #20
    Points:
    1,063
    Posts:
    7,078
    Joined:
    Jan 23, 2013

    Jan 23, 2013
    7,078
    5,660
    1,063
    Male
    Electrical, Electronics
    Florida
    I know someone else with this issue, he got hacked over a Rooted phone and they have been following him around thru about 5 devices in the last yr or 2. He'd do something and then immediately afterwards, he'd see a terminal open on his phone and reverse what he just done! The hackers were exchanging msgs in cache partition.. He's changed devices, carriers, accounts, seems everything. I'm speaking of member, @The-Truth .
     
  9. Hadron

    Hadron Smoke me a kipper...
    VIP Member
    Rank:
     #9
    Points:
    2,468
    Posts:
    24,806
    Joined:
    Aug 9, 2010

    Aug 9, 2010
    24,806
    19,272
    2,468
    Spacecorp Test Pilot
    Dimension Jumping
    As you know very well, probably better than I, there's no magic here, so if he's being followed there is something that they control which is not being cleared (or is sufficiently insecure that they can just get back in). Whether that's a Google account or a computer, I don't know, but there's something.

    But yeah, after 2 years of that I'd probably be using an iPhone, or a second-hand Windows phone, a Sailfish device or my old Motorola RAZR.
     
  10. bcrichster

    bcrichster ROMinator
    Moderator
    Rank:
     #20
    Points:
    1,063
    Posts:
    7,078
    Joined:
    Jan 23, 2013

    Jan 23, 2013
    7,078
    5,660
    1,063
    Male
    Electrical, Electronics
    Florida
    I think the biggest possibility with him is someone cloned his account and got into his Google and went nutz... How they got there, I'm unsure but likely the permissive kernels and careless Root app testing could've played a part in it, made it easier for the culprits. Fortunately, Android security has made a marked improvement since KK 4.4. Nowadays, if I ROM a family member's phone: Either no Root added or set to automatic deny new apps, then stays hidden after setup and adblockers installed so they can't break the system as easily..
     
  11. nattsum7779

    nattsum7779 Newbie
    Rank:
    None
    Points:
    16
    Posts:
    12
    Joined:
    May 13, 2019

    May 13, 2019
    12
    2
    16
    Could you tell me what I could do if anything to see if this has happened. I have no idea what all this means. However I was told that I my phone could not be rooted. However there are many'license' that have the word root in them. I'm struggling to understand anything anymore and keep finding puzzling things I've missed before
     
  12. Hadron

    Hadron Smoke me a kipper...
    VIP Member
    Rank:
     #9
    Points:
    2,468
    Posts:
    24,806
    Joined:
    Aug 9, 2010

    Aug 9, 2010
    24,806
    19,272
    2,468
    Spacecorp Test Pilot
    Dimension Jumping
    "root" is the Linux admin account name, so if you dig into the system it's normal to see that in many places. That does not necessarily mean that the phone has been "rooted" (modified to allow the user to run user-installed apps with root privileges).
     
    bcrichster likes this.
  13. The-Truth

    The-Truth Android Expert
    Rank:
     #94
    Points:
    173
    Posts:
    1,484
    Joined:
    Sep 30, 2014

    Sep 30, 2014
    1,484
    485
    173
    Male
    Lansing
    Man these cats are skilled crackers/hackers. Claimed they were google norplay 2 years ago & was gonna be watched etc. Slipped a signed boot img. in a rom bcrichster sent me. I used F- Secure browser and snagged a tolken from the browsers dev in which stated 10 CPUs maybe more had me sandboxed etc. I will send screenies. They backup all my data to a dropbox. Cant shake em! they got my mom and everybody around me. Piggybacked! HEEELLLPPP! TRYING TO UPLOAD SOME SCREENIES
     
    ocnbrze likes this.
  14. nattsum7779

    nattsum7779 Newbie
    Rank:
    None
    Points:
    16
    Posts:
    12
    Joined:
    May 13, 2019

    May 13, 2019
    12
    2
    16
    This is probably what's going on with me!! My two boys phones 4 or 5 that I've purchased this year. Something strange has been going on for several years with me and phones!! Got into my bank account and I know they have my social security number!! I even feel like she somehow posed as Netflix to take $7.95 from me each month for six months till I caught on. This should be so illegal as hell and someone should know how to procecute these thieves!!!
     
  15. The-Truth

    The-Truth Android Expert
    Rank:
     #94
    Points:
    173
    Posts:
    1,484
    Joined:
    Sep 30, 2014

    Sep 30, 2014
    1,484
    485
    173
    Male
    Lansing
    No these ppl are smarter than to steal funds from anyone they hack. Government would be all over ppls ssi and/or just earned/accounted $. These ppl seam to be identity hijackers and use location spoofing in order to wedge you within other country laws reguarding play accounts/playstore or any market/ALL apks even system are older beta v. And are rebuilt to theyre advantage. Even TWRP/Custom recoverys are maliciously rebuilt and somthing called cold boot/double boots one into theyre "hookup," on you! Recovery logs reveal quite a bit even stock recovery logs reveal plenty. They crash you/me out of apks etc. They noticed that I noticed them and I became a liability. They are trying to make me look like a copyright infringer who maliciously interjects modified maleware into apks. ie what they're doin do me Im NO DEV! I use no accounte but this AF and my moms google/FB accounts appear to be signed in by her credentials but shes actually signed out of all hijacked accounts.
     
    ocnbrze likes this.
  16. The-Truth

    The-Truth Android Expert
    Rank:
     #94
    Points:
    173
    Posts:
    1,484
    Joined:
    Sep 30, 2014

    Sep 30, 2014
    1,484
    485
    173
    Male
    Lansing
    Yup! thats sounds like our guys!
     
    bcrichster likes this.
  17. bcrichster

    bcrichster ROMinator
    Moderator
    Rank:
     #20
    Points:
    1,063
    Posts:
    7,078
    Joined:
    Jan 23, 2013

    Jan 23, 2013
    7,078
    5,660
    1,063
    Male
    Electrical, Electronics
    Florida
    Dude.. They CAN'T mess with ROMs from the official Bliss Server. And ROM builds themselves sign the images during compile. You said yourself that you installed 'AngelRoot.apk' and soon afterwards, all hell broke loose with your accounts.. C'mon mang
     
    MoodyBlues and ocnbrze like this.
  18. The-Truth

    The-Truth Android Expert
    Rank:
     #94
    Points:
    173
    Posts:
    1,484
    Joined:
    Sep 30, 2014

    Sep 30, 2014
    1,484
    485
    173
    Male
    Lansing
    Uhhhhh yeah they can have and do. Il see if I cant dig up MY V. of ANY ROM. Maybe that'll wake everybody up. Deve might get interested/pist enough afterwards. One sec brb. Headin to official anywhere. But Il start with bliss OS I dnt have the zmax or warp4 nore root atm but Il dig up some clear malicious tampering logs. N angelroot. I had root supersu then magisk ALL maliciously moded
     
    ocnbrze and bcrichster like this.
  19. bcrichster

    bcrichster ROMinator
    Moderator
    Rank:
     #20
    Points:
    1,063
    Posts:
    7,078
    Joined:
    Jan 23, 2013

    Jan 23, 2013
    7,078
    5,660
    1,063
    Male
    Electrical, Electronics
    Florida
    I totally believe you were tampered with 100%.. Whether they wrote janky code into your flash system or possibly rerouted you to a bad zip could be a possibility but they CAN NOT affect Bliss' servers. Also, I think they may copied your simcard and jacked ur account. I also suggested that you get into contact with certain individuals to help you clear the problem..
     
    ocnbrze likes this.
  20. The-Truth

    The-Truth Android Expert
    Rank:
     #94
    Points:
    173
    Posts:
    1,484
    Joined:
    Sep 30, 2014

    Sep 30, 2014
    1,484
    485
    173
    Male
    Lansing
    wasnt whole rom was a signed boot img. and out of a entire rom zip only that boot img. flashed. Let me
    Ya its more than just account hacking. N this topic alone is certain help for any/every device owner/user. Thanks for the input all of you.
     
    bcrichster and L0ckd0ut like this.
  21. The-Truth

    The-Truth Android Expert
    Rank:
     #94
    Points:
    173
    Posts:
    1,484
    Joined:
    Sep 30, 2014

    Sep 30, 2014
    1,484
    485
    173
    Male
    Lansing
    Ya just read my post about the signed boot img. ordeal And I didnt mean for that to sound like it does. As if you or Team Bliss werent absolutly legit safe as any development uploaded by you or anybody at Bliss. And Im sure the servers are quite safe over on bliss official SO NOBODY THINK I am in ANY WAY callin out or trying to bad mouth or diss Team Bliss nore The ROMinator/bcrichster I trust his work 100% And happen to know bcrichster would NEVER be involved or not care or not be the best of intentions combined with quality work NO DOUBT! as you can all gather by his obvious lotalty and stickin up for Team Bliss TOTALLY loyal responsible and certainly no allowing any harmfull work enter ones devices intentionally. However and unfortionatly and deffinetly by Bliss ROM 7.1.1 for the ZMAX being sent/linked to me personally via FB Messenger apk. as lucky and quite proud and honored I am to have such an accomplished dev spoil me with his work as I do. I dont know a better guy on nore off line. NO Ass kissin! yo... Its nice to have his vast input and fine hard work.
     
    ocnbrze and bcrichster like this.
  22. bcrichster

    bcrichster ROMinator
    Moderator
    Rank:
     #20
    Points:
    1,063
    Posts:
    7,078
    Joined:
    Jan 23, 2013

    Jan 23, 2013
    7,078
    5,660
    1,063
    Male
    Electrical, Electronics
    Florida
    Thanks mang, means a lot to me. 😎
     
    The-Truth and ocnbrze like this.

Share This Page

Loading...