jackslimgr
Lurker
Unfortunately my samsung has been hacked. A long with my google account. And its been rooted even though i never did that. Please help
-
After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.
S8 Hacked
- Thread starter jackslimgr
- Start date
You should not be able to remotely root an S8. Did you buy it new from a reputable source?
The account is the big problem. You need to secure that, and obviously not using a compromised phone to do so. I'd use a computer that you know is clean to secure the account: charge password, enable two-factor authentication (do not use the phone for authentication either - you can change this later) and remove access from any devices you don't recognise. Do this for Google and Samsung accounts (if Samsung account has such features - I've never created one even for my Samsung tablet).
As for the phone, disconnect from data and WiFi. Back up anything important (contacts, photos), remove the Google account from the phone, factory reset it and then reflash the firmware (which you need a computer for, with software called Smart Switch or Odin - I'm not a Samsung expert so can't talk through this). You can find the official firmware at Sammobile.com - you'll need the full model number, not just "S8". A firmware flash will overwrite the system partition and thereby remove anything that's installed there (important if it's rooted as a factory reset won't do anything to the system). Removing the Google account first is to stop you being locked out by factory reset protection.
If the phone has been hacked I'd be wary of reinstalling apps from a backup.
Of course this all assumes you have been hacked - I say this because we do see people who assume that anything they don't expect must be either a hack or malware, when it often is not. So if you'd like to check do tell us why you believe you have been hacked?
The account is the big problem. You need to secure that, and obviously not using a compromised phone to do so. I'd use a computer that you know is clean to secure the account: charge password, enable two-factor authentication (do not use the phone for authentication either - you can change this later) and remove access from any devices you don't recognise. Do this for Google and Samsung accounts (if Samsung account has such features - I've never created one even for my Samsung tablet).
As for the phone, disconnect from data and WiFi. Back up anything important (contacts, photos), remove the Google account from the phone, factory reset it and then reflash the firmware (which you need a computer for, with software called Smart Switch or Odin - I'm not a Samsung expert so can't talk through this). You can find the official firmware at Sammobile.com - you'll need the full model number, not just "S8". A firmware flash will overwrite the system partition and thereby remove anything that's installed there (important if it's rooted as a factory reset won't do anything to the system). Removing the Google account first is to stop you being locked out by factory reset protection.
If the phone has been hacked I'd be wary of reinstalling apps from a backup.
Of course this all assumes you have been hacked - I say this because we do see people who assume that anything they don't expect must be either a hack or malware, when it often is not. So if you'd like to check do tell us why you believe you have been hacked?
jackslimgr
Lurker
Hello thanks for getting back to me. For the wifi i found that there was numorous off admin accounts setting in that. Anytime i factory reset my modem it would automatically confg back to the setting that the weblink set. As for my cell phone i found that a alcatel phone had rooted my cell phone somehow. With that also i found a lot of codes being entered from github that i was unaware of
jackslimgr
Lurker
So to remedy this i downloaded malware which helped for a small time until they got through that. Then i downloaded exstentions to stop them which also worked for a short time then stopped working. When i downloaded this certain exstention it told me how many cache that were trying to get through it was about 6 to 700 or so. Also it had anti track and showed me how many tracking codes were trying to get through it was quite a lot
TBH I have doubts that another phone rooted your phone. Rooting does not work that way. Especially on a Samsung device that had Knox.
How do you know this for sure?
How do you know this for sure?
Last edited:
jackslimgr
Lurker
Because thats what the software said and what my security provider had to say. Well at least thats where the root codes are coming from that dont allow me to use my settings system function
What exactly is this "software" and who is this "security provider"? Need more details I think.
FWIW usually an S8 must be rooted manually and deliberately, and using a computer physically pluggrd into the phone.
FWIW usually an S8 must be rooted manually and deliberately, and using a computer physically pluggrd into the phone.
A router hack is unusual indeed unless you have a particularly weak router (I assume when you talk about resetting your "modem" you mean a router). Do you have other devices on your network which might be compromised? Actually are you sure your router isn't working normally? Remember that we only know what you write, so if you refer to things like "the weblink" with no explanation that means nothing to anyone else.
And yeah, I share the scepticism about "an alcatel phone rooting your phone". But I don't suppose that matters - you want to clear your entire system as well as secure your accounts. I'd just like to understand better what actually is compromised.
And yeah, I share the scepticism about "an alcatel phone rooting your phone". But I don't suppose that matters - you want to clear your entire system as well as secure your accounts. I'd just like to understand better what actually is compromised.
You just need a brand new Gmail account with a brand new strong password. Created on a pc, not a mobile device. Then take this phone to your carrier and explain your situation. They may give you a new sim card. It may take 48 hours for the new creditials to take effect
jackslimgr
Lurker
I understand where you are coming from. Im sure it shows someone is using peplink and pepwave and ruckus wireless to log into my router. It is auto confg to them so that when i reset my router and gain access to the admin page the minute i try to do something it will automatically set back to what that admin configured it to. With my phone and accounts i know that my gmail has been compromised and my outlook email account. My gmail is attached to my phone which i think is how they gained access to my phone system. I know that they have used hacking codes from an online forum called github which has a how to configure everything. Also the same with my outlook email account instead though they have used azure to control my outlook account with the codes from github online forum i can get some photos to show you. When i try and delete my account for azure which is attached to my outlook email it wont allow me and i need certain codes to gain access to delete it.
jackslimgr
Lurker
In the first one for my outlook email login it is this online forum that isnt allowing me to delete anything. And in the second one those are the admins who are not supposed to be there. They are not my network provider either.
Attachments
Change your router to something that's not so easily pwned and hacked?
jackslimgr
Lurker
I have none of them are me
Huh?