1. Are you ready for the Galaxy S20? Here is everything we know so far!

Malware

Discussion in 'Android Devices' started by Vtmonster1952, Apr 24, 2020.

  1. Vtmonster1952

    Vtmonster1952 Newbie
    Thread Starter

    My tablet was hacked, I did a factory reset wipe data, would that remove malware
     


  2. ocnbrze

    ocnbrze DON'T PANIC!!!!!!!!!

    how do you know you were hacked? factory reset will delete malware installed. but malware does not necessarily mean you were hacked.
     
  3. Brian706

    Brian706 I like turtles!
    Moderator

    Factory reset will remove malware that's on the user end like from an app you installed. Really bad malware that has the capability of working on the system level can only be removed by reflashing the stock firmware.

    If you performed a factory reset and the problem is gone, that is probably all there is to it.
     
    ocnbrze likes this.
  4. Hadron

    Hadron Smoke me a kipper...
    VIP Member

    Hacked and malware are different things (though malware could provide a backdoor for a hacker and a hacker could install malware). So it's important to be clear about what has happened.

    The main source of malware infection is the user. They install an app which contains malware, without realising. In some cases that malware can install other malware. So if this is what happened then unless your tablet is vulnerable to the class of malware that can install itself to the system (using the same sort of vulnerability that the old "one click rooting apps" used) a factory reset will clear it. However you must make sure you don't just reinstall the trojan that originally infected you. If you were unlucky an get infected with the sort of malware that can install itself to the system (a risk for old devices, since it was older android versions that had the vulnerabilities these things use) then a reset will not fix it and you'll need to reflash the device.

    However, if this started with a hack then a reset won't prevent them getting back in. The most likely route for a hack is your Google account: do you have 2-factor authentication on? Have any devices you don't recognise accessed your account? If this started with a hack you need to ensure that your accounts are secure rather than just resetting the device (though a reset once you've done that isn't a bad idea).

    This is why it's important to know what you are dealing with: is it a malware infection or was the device hacked, because the responses are different in the two cases.
     
    ocnbrze and Brian706 like this.
  5. Vtmonster1952

    Vtmonster1952 Newbie
    Thread Starter

    Got an email threatening me for money, saying some website in went to allowed them to install malware, knew an old password, saith they took control of my camera and sounded like they
    Knew of some videos, obviously didn't send money
     
  6. ocnbrze

    ocnbrze DON'T PANIC!!!!!!!!!

    i would setup 2 step verification on all of your accounts, change your passwords, and even change your email. then i would report the email as spam and delete it.

    you should be fine after that. i do not think that your phone is hacked.

    if you want to be extra careful you can re-install a firmware update from https://www.sammobile.com/. just make sure that you download the correct firmware for your model. directions for how to install the firmware will be shown on the download page.

    ...that should take care of any hacked or monitoring software installed on the device
     
    Xavier Black likes this.
  7. Vtmonster1952

    Vtmonster1952 Newbie
    Thread Starter

    It's not a phone, it is my Tab 4 tablet
     
  8. ocnbrze

    ocnbrze DON'T PANIC!!!!!!!!!

    i know, but sammobile also has firmwares for samsung tablets as well. just got to the firware section, enter your tablets model number and from what region you bought the tablet in. it should find the firmware if there is any.
     
    Xavier Black likes this.
  9. Vtmonster1952

    Vtmonster1952 Newbie
    Thread Starter

    It's a galaxy tab 4
     
  10. Vtmonster1952

    Vtmonster1952 Newbie
    Thread Starter

    I pi9 my model number in sm-t530nu but don't have region some other model comes up
     
  11. Vtmonster1952

    Vtmonster1952 Newbie
    Thread Starter

    T230nt shows up
     
  12. Vtmonster1952

    Vtmonster1952 Newbie
    Thread Starter

    I found it on a Google search but seems very complicated to install
     
  13. Vtmonster1952

    Vtmonster1952 Newbie
    Thread Starter

    Found it on a Google search, looks complicated to install
     
  14. svim

    svim Extreme Android User

    Go here to download the appropriate ROM for your tablet:
    https://www.sammobile.com/samsung/galaxy-tab4/firmware/#SM-T530NU
    That's a dated model so you'll have to create a user account with sammobile to download the ROM. Be sure to select the ROM that corresponds with your country and carrier, ROMs are not interchangeable. When you select the one you need, the download page has basic instructions on the flashing process you need to do.
     
    ocnbrze likes this.
  15. Hadron

    Hadron Smoke me a kipper...
    VIP Member

    That sounds a lot like a well-known scam. I received a couple of those last year, though in my case neither included a password (plus the claims they made could not be true in my case). But one of the current variants on this is to include a password obtained from a breach of some website as "proof" of authenticity.

    For example, the CERN single sign-on page currently includes this warning, which sounds very similar to what you describe.

    upload_2020-4-27_8-35-18.png
     
    ocnbrze likes this.
  16. Vtmonster1952

    Vtmonster1952 Newbie
    Thread Starter

    I'm hoping that was it,might was taken to a poem site once by mistake and that was what the email said and thanked me so it could take control of my tablet, sounded real to me, it's very upsetting. if there was malware does a factory reset and data wipe get rid of it
     
    ocnbrze likes this.
  17. Vtmonster1952

    Vtmonster1952 Newbie
    Thread Starter

    It was some random porn site and freaked me out
     
  18. ocnbrze

    ocnbrze DON'T PANIC!!!!!!!!!

    malware will get deleted by a factory reset........yes
     
    Xavier Black likes this.
  19. Vtmonster1952

    Vtmonster1952 Newbie
    Thread Starter

    When several emails threatening me I did a data wipe and reset on my tablet but read somewhere that some malware can reinstall itself?
     
  20. Hadron

    Hadron Smoke me a kipper...
    VIP Member

    Porn sites have been associated with unsolicited downloads and other scams before now. From a computer security point of view those sites are not amongst the safest.

    But it's a common trick in these scams to claim that they have information about your porn viewing (or indeed to claim to have filmed you while you were viewing porn: the ones I got last year claimed to have filmed me masturbating while watching porn). Of course that doesn't work if you know it's not possible, but they send hundreds of thousands of these so it doesn't matter if only a small fraction fall for it. But as many people have watched porn it's a claim that has a chance of resonating with enough people, and as most won't want their family or colleagues to get details of their porn habits there's a chance of the blackmail being successful if they think it is genuine. That's why claims of information about porn viewing are a common approach by scammers.
     
    #20 Hadron, Apr 27, 2020
    Last edited: Apr 27, 2020
    Xavier Black and ocnbrze like this.
  21. ocnbrze

    ocnbrze DON'T PANIC!!!!!!!!!

    it can depending how the malware was installed. some malware gets sideloaded when you down load an app. so if you factory reset and then re-install this particular app, then the malware will also get installed as well.....so it depends if you gave that situation or not.
     
    Xavier Black and Hadron like this.
  22. Hadron

    Hadron Smoke me a kipper...
    VIP Member

    If malware is removed it can't reinstall itself.

    However most Android malware is of the "trojan" type (hidden inside what the user thinks is an innocent app), and has actually been unknowingly installed by the user. In some cases the trojan then installs other malware. So if the user doesn't know how they got infected and reinstalls their apps after the reset then they may also reinstall the malware. (Edit: this is the case that @ocnbrze describes above).

    Another example is when the source of the infection was that user's accounts were hacked. If that isn't addressed then the hacker can reinstall the malware after a reset.

    The final case is that if a device is vulnerable to the sort of malware that can install itself to the system (as I mentioned in post #4) a reset won't remove it, only a reflash.

    But all of that said, in the vast majority of cases a reset will remove malware. I'm just listing all possibilities here.
     
    ocnbrze likes this.
  23. Vtmonster1952

    Vtmonster1952 Newbie
    Thread Starter

    It was not an app I use Chrome for searching
     
  24. Vtmonster1952

    Vtmonster1952 Newbie
    Thread Starter

    Thanks after my reset I only have a few apps installed
     
  25. Vtmonster1952

    Vtmonster1952 Newbie
    Thread Starter

    Is the free free version of avg anti virus any good
     

Galaxy Tab4 Forum

The Galaxy Tab4 release date was May 2014. Features and Specs include a 7.0" inch screen, 3MP camera, 1.5GB RAM, Marvell PXA1088 processor, and 4000mAh battery.

May 2014
Release Date
0
Reviews
Loading...

Share This Page

Loading...