• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Phone hacked

ReturnOf66TALL

ReturnOf66TALL

Newbie
Hey man, someone hacked into my account through IP account, also, was on a different website, then was redirected to a (electronics quiz< no link clicked) This person control of my labtop, all 3 phones, accounts, EVERYTHING!!! So spoke to sprint, dude changed my account, as well as all others (gmail,aol,wells fargo,etc) Also had a way to see/hear my conversations, pin changes. So, long story short, he had remote access to my phones, even after 3 swipes, and a canceled hotspot. ALSO all started again after swipe, then I respond to unknown text about craigslist add, then person had control of phones again. So, heres where I am, phones been swiped again, all accounts and passwords changed. How can I prevent this from happening again? Sprint, fraud, police, etc can do nothing. I am about to root me phone now. Anything we I can do to protect myself from this happening again?
 
*Bump*

I've made this into a proper thread rather than a visitor message for you, so that hopefully you'll get some quick help.
 
We need a lot more details. What phone / OS do you have? What site(s) did you visit? How do you know it was an IP attack?

Android may have some security vulnerabilities, like all electronic devices, but I have never heard of this "IP hacking". It sounds pretty hard to believe, especially with virtually no details.

Please share more information so we can help you.
 
Post is difficult to read/decipher for me, but it's very early in the morning as well and the caffeine hasn't kicked in. The first thing I can think of to suggest is to use a strong password. I know that's ridiculously generic advice, but without details I can't offer much more.
 
They have both the Evo 4G and 3D.

There is a class of malware making the rounds that seems to get under the radar of the normal security checkers.

I think the IP account thing is just a point of confusion in how it was explained rather than a specific claim to focus on.

I guess, I'd start with suggesting Lookout and doing a scan of the phone. I'm wondering if this isn't something as simple as the malware auto-downloading courtesy of infected Market app that is auto-installing after the clean wipe.

And as those of us who remember the great Cisco router virus of ... what? ... 10 or 12 years ago? ... once you get one that is truly pernicious and clever, it can get really frustrating to fix.
 
i wonder if OP was using an unsecure Wifi connection... that (with linux and a decent modem) can give you pretty free access to everything connected to the signal. i also think that after 3 wipes and still a problem, this may be a cause.

if that is the case, go into router settings --> security and choose WPA encryption (wep is pretty easy to crack anymore) and as a previous post stated... use a strong password (at least 8 characters, letters and numbers, and at least one CAPITAL letter)
 
EarlyMon said:
They have both the Evo 4G and 3D.

There is a class of malware making the rounds that seems to get under the radar of the normal security checkers.

I think the IP account thing is just a point of confusion in how it was explained rather than a specific claim to focus on.

I guess, I'd start with suggesting Lookout and doing a scan of the phone. I'm wondering if this isn't something as simple as the malware auto-downloading courtesy of infected Market app that is auto-installing after the clean wipe.

And as those of us who remember the great Cisco router virus of ... what? ... 10 or 12 years ago? ... once you get one that is truly pernicious and clever, it can get really frustrating to fix.
Click to expand...
EarlyMon!! That is exactly what happens. Spring says wipe phones, (done 4X), change#, cancell hotspot,etc. stuff still happening to pnohe. HELP!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
i had an ip adress w/ default pin# (dumb) but rarely used wiifi. But my neighbor (upsairst, also with im around 98% is the one hacking, has an open wifi i may have logged into before previously obtaining my own
 
Not sure what you mean you have an IP and a PIN? Do you have your own router/wireless WiFi access point?

If so, the three kinds of security you can have:
- none (open)
- WEP (weak)
- WPA/WPA2 PSK (strong/best)




Here's one thing to try: disable all WiFi on the phone -- Disable auto sync of apps from the market. (settings -> privacy). Then go somewhere like a coffee shop, or your university computer lab, or a library or something, do a factory reset.

Then log into your accounts over 3G (or the computer lab/library computer) and change all the passwords -- dont use WiFi for a few days and see what happens. Make sure WiFi stays comepletely off.
 
I don't think Wifi is the issue. Unless I'm mistaken, Google sends your account information over SSL anyway even if you're on an open network. There's no way that I know of to take remote control of a phone without installing some sort of malicious app on the phone. If that was the case, then a wipe of the phone would fix that.
 
dunno it's hard to say -- it could also be some of that DNS poisoning that was going on. All the parts of the story dont really add up it seems.

The reason I suspected WiFi too is that session hijacking can be done even when the communicating devices are using SSL.

If he wiped it 3 times though I would think that woulds remove the app.
 
I think the neighbor has to be the culprit as it is impossible to do what the OP said just from an IP address. You would need some major computer skills to do so over a wifi connection, which I don't think is even possible.
 
Saltine713 said:
I think the neighbor has to be the culprit as it is impossible to do what the OP said just from an IP address. You would need some major computer skills to do so over a wifi connection, which I don't think is even possible.
Click to expand...

Not only do I not think it's possible, but I think you'd need several different methods. I'm not sure if the redirection thing happened on his laptop or his phone. It's not clear. On a laptop, a simple virus infection would explain all of the behavior.

I have no clue about the pin changes though. That has me stumped. I don't know of any keyloggers at all that run on a phone and survive a complete wipe.
 
Saltine713 said:
I think the neighbor has to be the culprit as it is impossible to do what the OP said just from an IP address. You would need some major computer skills to do so over a wifi connection, which I don't think is even possible.
Click to expand...


That would explain a lot -- someone with physical access could do a lot of damage.
 
Without any real answers from the OP, it's anyones guess.

Public or private wifi? If private, is the router locked down as well as the wifi being encrypted? It's not hard to steal sessions on a public wifi, SSL or not.

What do you have installed on the device?

Did you buy the phone second hand? It's not hard to hide an app under the guise of Admin privileges

Are you sure you didn't just get phished, and it just so happens all of your account passwords are the same? This is what I'm betting my money on.
 
Guys I'm a neewb and apologize for not includind possible importantces. All started when posting a couple phones on Craigslist. I only read/responded to one phone#, which was legit. I'm new to sprint, about 30,days or so. I purchased a hotspot (through Sprint) yet later found out the IT guy not only put EVO3D inrouter name, and de fault password (1,2,3,4,5,6,7,8,9,0) So, guess it may b my Faust as well for not just using the default pin. Again, extreme newbie and did not know. So, never clicked a link, BUT, was on a DIFFERENT Android site. Then re-directed to an electronics quiz. I did participate for about 4 ?'s. But again, never clicked a link. So, next thing we know, we can hear people in the background of our phone while calling. He'd lock screen and mute, or and blkout screen when on phone w, sprint. It gave him possible to hear what i heard, and c what i c, so had issurs w/ new passwords. I would call Sprint, they tell me everything from wiping phone clean x3, I cancelled hotspot, and change our #'s. I could be on the phone w/ it guy from sprint, and he'd ask what's running/ downloaded, and memory attached. So, w/ out SD card in, he had so much memory in some categories, the IT guy could not figure out how much storage W/Out SD card inserted. He had a remote desktop app,(tried to force close or erase data, but all options were grey so i coukd nout change. Numerous other apps were unchangeable as we. Jersey printer,backup contacts, reset notify, connect to pc, and tons like pecasa I never use. As soon as I'd turn on phone, you could c downloads coming in. Another thing, after taking to spring to wipe, seems like alll the things downloaded to my w
Phone, would start to dissapear in those menus, and memory back to normal. BUT, start all over again once complex was entered. SO, now I have all accounts changed, and did so from miles away LOL. I still have questionable things happen to my phone, but not quite as often. All I know, is that its this IT guys that leaves his I/P adress open, so who knows how many he's done this to... One last thing, even though he took my wells fargo account info (took money), He went through my browser, and changed all passwords, so that I may not talk to u guys about issue...
 
I don't mhang out w/the guy, I live right below him,I hear him drilling something in all rooms on out place. Not through the wall to where we can see what he's doin. It for at he
 
I don't hang out with him ever. never leaves the house. He mived in around 2 month ago and at night, when the ac would kick on, is rear him drilling all over the house (all wall corners,etc) that may huat be a coinky dink...
 
So, the next AM, I was yelling through ac vent about if it was not fixed, I'd call police. Immediately, phones back to normal, pc was repairing via remote. Then he leave (rare I know.) Then about 15min later, I lost my AOL,gmail,wells Fargo, and Droid forums again. My girlfriend is the muanager, I can't walk up to him,and handle it. I've called sprint each tume nothing. ANY HELP PLZ
 
You must log in or register to reply here.
Back
Top Bottom