• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Note 8 Hacked

Dnice23

Lurker
my note 8 was hacked and I'm sending it to samsung to get fixed. It seems the phones firmware or software is damaged. Also my sd card and it won't let me send or receive mms messages like before. Will they be able to fix the phone so Im able to access all features. How do I know if its the firmware or software or both? Im assuming this is what it is since Im getting error messages at the recovery screen saying;

#fail to open recovery_cause(No such file or directory)#

#Reboot Recovery Cause is [UNKNOWN]#
Support SINGLE-SKU
File-Based OTA
Supported API: 3
E:unknown volume for path [/odm]
E:unknown volume for path [/vendor]
E:unknown volume for path [/odm]
E:unknown volume for path [/vendor]
# MANUAL MODE v1.0.0#
remove failed dir ‘/system/carrier/ATT/priv-app/AttIqi_ATT’ (No such file or directory)

No unknown apps on the phone but tons of files that I looked up on google that lead to hacking activities websites. Will I need to sell it and get a new one or something. i hope it can be salvaged. thanks in advance.
 
I would usually caution that people tend to be far too quick to jump to the conclusions "virus" (sic) or "hacked" when something not understood happens, but without knowing what odd files you see I can't say one way or another. Given that you'd need root access to damage the recovery I'd still be wary of jumping to that conclusion though: a "hack" capable of remotely rooting a fairly recent Samsung phone (especially the more locked-down US models) isn't something I've heard of before. Or have you allowed someone else to have unsupervised physical access to the device?

The reason I put that preface there is that another possibility would be a hardware error, e.g. failure of part of the system storage. A bad system update could also do it, but I would think it would have been a while since a Note 8 got a system update.

If the problem is software then they'll certainly be able to fix it (or firmware: people tend to be sloppy about the distinction, and indeed even different engineers use the term "firmware" to mean different things depending on their experience). You might even be able to do it yourself if you can get the device into the right mode to reflash it (i.e. completely reload the system software, overwriting the current stuff). If it's a hardware failure, probably not.

One thing to consider: if it was hacked, how do you stop it happening again? The most common way for someone to gain remote access to the device is through a compromisd Google account, so have you checked that that account is secure? Though as noted I'm a little wary of the idea that a remote hack could compromise system software, so I'd definitely be careful about giving people unsupervised access to it.
 
I would usually caution that people tend to be far too quick to jump to the conclusions "virus" (sic) or "hacked" when something not understood happens, but without knowing what odd files you see I can't say one way or another. Given that you'd need root access to damage the recovery I'd still be wary of jumping to that conclusion though: a "hack" capable of remotely rooting a fairly recent Samsung phone (especially the more locked-down US models) isn't something I've heard of before. Or have you allowed someone else to have unsupervised physical access to the device?

The reason I put that preface there is that another possibility would be a hardware error, e.g. failure of part of the system storage. A bad system update could also do it, but I would think it would have been a while since a Note 8 got a system update.

If the problem is software then they'll certainly be able to fix it (or firmware: people tend to be sloppy about the distinction, and indeed even different engineers use the term "firmware" to mean different things depending on their experience). You might even be able to do it yourself if you can get the device into the right mode to reflash it (i.e. completely reload the system software, overwriting the current stuff). If it's a hardware failure, probably not.

One thing to consider: if it was hacked, how do you stop it happening again? The most common way for someone to gain remote access to the device is through a compromisd Google account, so have you checked that that account is secure? Though as noted I'm a little wary of the idea that a remote hack could compromise system software, so I'd definitely be careful about giving people unsupervised access to it.

Never gave anyone physical access to it but when i first moved in to my new place where another person lives already he warned me that people might park across the street to hack the wifi and hack me. I feel like that was his way of saying he's going to hack me sooner or later but I can't say for sure. I kind of feel like maybe he had access to my room since he's been friends with the landlord for many years. This guys is on social security and stays home all day everyday with nothing else to do so why wouldn't he hack me? If he had access to my room he could've easily got the box to this phone which I just got in August and got the imei number and used it to hack me. he also has my phone number so maybe that could've been his way. A lot go the files I see on my phone are also on my tablet and computer. Ive looked the file types up and they lead me to hacking websites like github and androspy etc.

I tried doing all that flashing myself but I couldn't get odin to work on my mac and after trying a couple times I gave up and just sent my phone to samsung. Hope i don't have sell the phone. its still new and in immaculate condition hardware wise. So I think. Maybe there issues inside that I can't see.
 
A couple of corrections:

1) you can't hack a phone with the IMEI. That's an urban myth. The reason you don't post your IMEI publicly is because people may clone it to get a blacklisted handset working again, and if that is detected (e.g. two phones with the same IMEI show up on the same network) then your IMEI (and hence your phone) will be blacklisted too. That's something you don't want, but it doesn't mean that your phone is hacked.

2) Github isn't a hacking site. There may be people who place hacking tools there, but many legitimate apps and parts of the android operating system (such as the Linux kernel source) are hosted there. So it would be amazing if an android device didn't have references to github in some of the files on it.

Androspy is a different matter. That is a tool that can be used to create malicious apks. But an apk still has to be installed by the user, which leads us back to physical access or trickery (download from a site you shouldn't have trusted, for example).
 
Back
Top Bottom