• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Please HELP?

Cher Mauk

Cher Mauk

Lurker
I found a app on my galaxy 8 today by the name of "Chameleon v4.1.1 497kb" so I googled it and I did not like what I read. The reason for my dislike is I have a serious hacker on my device. I have had someone spying on me thru my camera, taking over all my gmail accounts and has complete control of this device and any other device I have tried to use. I have waited this issue out and have collected tons of IP addresses, web activity, devices logged in and slot of other things. I know who he is and how he got on my device but now the question is, how does one remove him? This chameleon app doesn't show up when looking thru my apps it showed up after installing a app uninstaller. There are a few other apps on there too such as: Ese plugin, carrier login engine, multi-link settings, sprint OMADM and a sprint OMADM PHONE INTERFACE. Getting new devices and accounts have proven useless so I need to address this issue head on. I need to gather evidence and loose this loser. I'm not very techy but I am learning quick. Can someone please offer any advice?
 
What you've got here is someone whose got your Google account credentials. With those, they can do all that other stuff.

Here's what I'd do ... First, backup all important data from your phone (and any other device you use with your Google account) then using a friend's laptop (just to make sure in case there was a key logger on my PC) I'd log into my Google account and review the security settings. Make sure you remove any devices, email addresses and phone numbers you don't recognize. Then change your password to something secure and complex ... the longer the better. Next, turn on two factor authentication. Make sure you have a contact email you can access that's NOT a Google account and that can be accessed from somewhere that's Not an android device -- this is for 2-factor authentication in case your phone is inaccessible for any reason.

Now, on your phone, remove ALL accounts including the primary Google account. Make sure under settings>accounts there are ZERO accounts listed. Now go ahead and factory reset your phone (it's all backed up, right?). As long as you haven't rooted it, then this should wipe it completely clean. Once the factory reset is done, log back in with your Google account (this is where that alternate email is needed -- you'll be sent a code for 2-factor authentication) but do NOT restore from Google. If anything malicious was backed up, you'll end up reinstalling it.

Now one by one, you can re-install your apps, being careful to ONLY use the play store.

That should stop the nonsense.
 
lunatic59 said:
What you've got here is someone whose got your Google account credentials. With those, they can do all that other stuff.

Here's what I'd do ... First, backup all important data from your phone (and any other device you use with your Google account) then using a friend's laptop (just to make sure in case there was a key logger on my PC) I'd log into my Google account and review the security settings. Make sure you remove any devices, email addresses and phone numbers you don't recognize. Then change your password to something secure and complex ... the longer the better. Next, turn on two factor authentication. Make sure you have a contact email you can access that's NOT a Google account and that can be accessed from somewhere that's Not an android device -- this is for 2-factor authentication in case your phone is inaccessible for any reason.

Now, on your phone, remove ALL accounts including the primary Google account. Make sure under settings>accounts there are ZERO accounts listed. Now go ahead and factory reset your phone (it's all backed up, right?). As long as you haven't rooted it, then this should wipe it completely clean. Once the factory reset is done, log back in with your Google account (this is where that alternate email is needed -- you'll be sent a code for 2-factor authentication) but do NOT restore from Google. If anything malicious was backed up, you'll end up reinstalling it.

Now one by one, you can re-install your apps, being careful to ONLY use the play store.

That should stop the nonsense.
Click to expand...
I only wish I had that advice in the beginning. It has been months now and I cannot access the initial account it started from. Even though I am on a verified device Google will not verify me. I find it troubling that Google holds so much power over us. You can't reach them anyway except the internet and that is like chasing your tail. I have had the phone refreshed even and somehow it came up with a message saying some unauthorized person did a factory reset. Also when I reset it the hijacker is able to turn on the bluetooth and wifi while I am setting up the phone and it become useless af that point. I am almost sure my device is his device. He uses the notifications and settings like he is using it just for this purpose. It has become very personal for him, he is definitely devoted. Is there a way to Identify this user? If there is a mirror link to my phone to be sure there is a reflection of his? I sound like some sort of lunatic that is crazy paranoid so I need a tangible piece of evidence. What about those apps I mentioned? Would sprint have a record of the device if it is a service app?
 
lunatic59 said:
What you've got here is someone whose got your Google account credentials. With those, they can do all that other stuff.

Here's what I'd do ... First, backup all important data from your phone (and any other device you use with your Google account) then using a friend's laptop (just to make sure in case there was a key logger on my PC) I'd log into my Google account and review the security settings. Make sure you remove any devices, email addresses and phone numbers you don't recognize. Then change your password to something secure and complex ... the longer the better. Next, turn on two factor authentication. Make sure you have a contact email you can access that's NOT a Google account and that can be accessed from somewhere that's Not an android device -- this is for 2-factor authentication in case your phone is inaccessible for any reason.

Now, on your phone, remove ALL accounts including the primary Google account. Make sure under settings>accounts there are ZERO accounts listed. Now go ahead and factory reset your phone (it's all backed up, right?). As long as you haven't rooted it, then this should wipe it completely clean. Once the factory reset is done, log back in with your Google account (this is where that alternate email is needed -- you'll be sent a code for 2-factor authentication) but do NOT restore from Google. If anything malicious was backed up, you'll end up reinstalling it.

Now one by one, you can re-install your apps, being careful to ONLY use the play store.

That should stop the nonsense.
Click to expand...


Great advice
 
Cher Mauk said:
It has been months now and I cannot access the initial account it started from.
Click to expand...

that's a problem. It probably means that whoever gained access to your account has changed both the password and the security contact information to prevent you from resetting the password. :( At this point all I can suggest is you create a new Google account, factory reset your phone and only use the new account for everything. If this was your primary email for account contact with banks, credit cards, shopping sites, etc. you will have to contact each one and have them change your account information to the new email. Each will have their own way to verify who you are, so be patient. Ultimately you'll be free of this hacker.
 
lunatic59 said:
that's a problem. It probably means that whoever gained access to your account has changed both the password and the security contact information to prevent you from resetting the password. :( At this point all I can suggest is you create a new Google account, factory reset your phone and only use the new account for everything. If this was your primary email for account contact with banks, credit cards, shopping sites, etc. you will have to contact each one and have them change your account information to the new email. Each will have their own way to verify who you are, so be patient. Ultimately you'll be free of this hacker.
Click to expand...

Well it has gotten much deeper than that, I think when I purchased the phone it may have been corrupted to begin with because it has gotten as deep as my SIM card and the google play store. I noticed a week ago the mac address on my phone is from the Netherlands and this is also the location of my hacker. I personally can't Imagine someone going to such lengths considering no money has been taken except for some little google charges and one or two movies, unless there is a running credit that I am unaware of at the time. I guess I will go the distance and continue on gathering information each time this person messes up. When someone is unstable and doing things like that you always have the upper hand because of their mind set. They can't help but to show themselves in one way or another because what is the point of doing all that stuff if they can't get any credit for it. The narcissist in them is their downfall. I am a patient woman and all I have is time sense he has left me with nothing to keep me busy. Thank u for all your help and I hope you have a great weekend.
 
You must log in or register to reply here.
Back
Top Bottom