Spyware on my phone

[snapper.fishes]

all they need is access to their google account to install anything from the market remotely.

All it takes it's to forget to log out.

The "....successfully installed" notification that appears after a remote Market install should also be a giveaway that something has happened. Afaik that is unavoidable with Market apps.

That. Any normal person will find it suspicious to suddenly see a notification like this. There's no way to circumvent that notification message.

 

[Gmash]

I agree this is a troll, but if there was an app like that, doubt that it would come from the "official" Market.

 

[ari-free]

hmm at first I thought this thread would be about Pandora...

 

[rubiconjp]

Apple fanboi trolling... nothing more!

 

[A.Nonymous]

all they need is access to their google account to install anything from the market remotely.

All it takes it's to forget to log out.

That is a perfectly legitimate concern. I'd still like to see exactly what apps this stalker is using on this person's phone to follow them around.

 

[iphoneuser1]

Apple fanboi trolling... nothing more!

Ha! I think you want to believe that, but it isn't true - I was the one who recommended my girlfriend get an android. I didn't realize that the phone is pretty much "unlocked" - and she is not technically competent to have a phone like that, whereas I would be in the phone's root finding this crap malware. Unfortunately she is living 800 miles from me right now and it isn't easy to do this over the phone.

Anyway, my point is that there are many technically incompetent people and the android should have some sort of lock-down mode for the technically incapable - and a second mode for those who can handle an open phone.

As for the iPhone, I was an early adopter and have most of my music in iTunes so it isn't easy to have something different. Also, I have seen the iPhone's hidden locations file and that is also disturbing and has made my opinion of Apple drop considerably - this whole insane tracking stuff is pretty sick.

Again, until you have experienced this nightmare for yourselves you can't appreciate how disturbing it is. I never understood it before, in fact I may have laughed too - you won't care about it until someone you care about is in danger because of it. And again, those who don't think it can't happen are really too technically dumb to comment.

Update: I still haven't found any anti-spyware app to send her that fill me with any confidence the spyware is gone. I will likely have the phone wiped by verizon. Possibly swapped as a precaution.

Finally, if you guys are so smart, why can't you give me an answer in this area? I could tell you how to fix this on the iPhone. So how about it? Who can tell me how to delete heavy duty malware/spyware? Again, it is probably "m0bistealth" (I spelled it with a zero for the o because I don't want to encourage them as they suck as human beings).

 

[iphoneuser1]

I agree this is a troll, but if there was an app like that, doubt that it would come from the "official" Market.

Of course it didn't come from the market - but that doesn't mean it can't be installed. Do some research before you call it a troll - go look up "m0bistealth" (change the zero to an o). These are sick individuals. If you had a stalker doing this to your sister or mother I can guarantee you'd be very pissed off.

 

[moondrius]

We should just make google lock our phones down like the iphone and all of our problems will go away.

 

[iphoneuser1]

I've made people aware of the danger and named 2 potential pieces of software that can do this.

Also, I have a legitimate concern. I am seeing some bad stuff first hand. Someone I care about can potentially be assaulted based on this tracking software. The police have been no help.

Knowing how to defeat these exploits could protect the people we care about. Ignoring it will not make the malware/spyware go away.

I put it to you. Do you know of any software that can defeat this kind of spyware? I would actually appreciate it. And that would be on topic.

Also I am not against the android at all - like I said - I suggested she buy it. I just think there needs to be a protected mode for less sophisticated user - or at least an awareness that these exploits are possible. Personally I chose my user name quickly - I could give a damn about iPhones - and if you read my earlier posts I'm angry at Apple's tracking file which just got reported this week! So I am no fan of the iPhone either.

 

[Casual Pete]

snip

You sound like your scaremongering,you sound like a troll your name suggests your a troll.

And I'm certainly not going to carry on a conversation with a troll.

 

[iphoneuser1]

We should just make google lock our phones down like the iphone and all of our problems will go away.

I only suggest a mode for the "nontechnical" who are unable to know enough to protect themselves. I in no way believe in any overall forced lock down mode. Actually it would be a good app that would put the phone in a safe mode - I have spent hours searching the web for such a thing and had no luck whatsoever.

I typically jailbreak my phones so I can load things I like. I personally think the Apple approach is too strict as I typically have to hack features onto their devices (which is irritating).

Also, my apologies if I have ranted here - but this whole issue has been extremely frustrating and a little disturbing. I am really only looking for some help from people who know this device.

 

[iphoneuser1]

You sound like your scaremongering,you sound like a troll your name suggests your a troll.

And I'm certainly not going to carry on a conversation with a troll.

I explained the name - it was a spur of the moment choice - I thought it would explain that I do not have a full technical understanding of the android.

Also, I didn't ask to have a conversation with you, did I? You have chosen to have one with me. I would actually like to hear from someone who knows how to defeat spyware (the topic of this thread). If you can help me and suggest something - I am listening. If not, why are you attacking my posts?

Also if you saw the harassing emails I and my girlfriend have received you would understand that it is ACTUALLY scary.

In fact here is a quote from just one email I've received:

Subject: shes allone in that house
Date: April 11, 2011 11:03:42 PM EDT
To: XXXXXXXXXXXXXXX

& u cant due any thing abowt it.​

​

Don't you think that would worry you? And that is not the worst one. The others are filled with cursing and other perverse crap. And I have been to the police - until he assaults her they say they can't do anything.

 

[A.Nonymous]

If you want to fix it so much just factory reset the phone. It's not a hard solution. I really, really, really doubt she has any sort of spyware on her phone that was installed without her knowledge.

You do realize that you can stalk someone who doesn't have a smart phone right?

 

[iphoneuser1]

If you want to fix it so much just factory reset the phone. It's not a hard solution. I really, really, really doubt she has any sort of spyware on her phone that was installed without her knowledge.

You do realize that you can stalk someone who doesn't have a smart phone right?

Thank you! You have to understand she is clueless, she is not technically adept at all. I have tried to avoid the wipe so she doesn't lose all her info. She literally has to go to the verizon store to have them enter her mail passwords. I am 800 miles away or I would do it myself.

And yes, I know you can stalk someone no matter what, hence my contacting the police. But I will tell you, the police have been of so little help it is shocking - I guess there is no revenue in this - maybe if the stalker had unpaid parking tickets they would be of more help.

Before this happened I would never have believed there are people out there that are this crazy! I really can't tell you how disturbing this is. Just hope you never experience such a thing.

Also I have had her put put AVG and NetQin (that was hard enough to have her do) - I am hoping they are short circuiting things, but I can't be sure. That's why I'm trying to find something that is aware of the exploit and can lock it out or delete it in the future.

 

[A.Nonymous]

If you cared so much you'd have her reset the phone. It takes all of 5-10 minutes and it fixes the problem with 100% certainty.

It's still extremely unlikely the guy is using her phone to stalk her.

 

[iphoneuser1]

If you cared so much you'd have her reset the phone. It takes all of 5-10 minutes and it fixes the problem with 100% certainty.

It's still extremely unlikely the guy is using her phone to stalk her.

I think the reset may be the only answer at this point. I was hoping there might be a magic bullet. From what I've read you have to do it completely clean reset and not resync from the cloud or any backup - which mean you lose everything. Seriously though, do a search on mobiStealth or flexispy, or "cell phone spyware." It is just plain creepy what stuff is out there. I have been trying to hunt for manual for this stuff so I can figure out how to uninstall it, I am not sure but it is apparently a rootkit. Another search for google android and rootkit - read it and see what is possible.

I only began considering this because a PI I talked to suggested it. Then I found out her data usage was off the chart - she doesn't do much browsing or anything that would cause it. Plus some other weird indicators, slowness, phone not able to shut off, etc. The spyware apparently takes the data in the background and it uploads it to a remote site which the stalker can then access it.

Again, you have to experience such a thing directly to appreciate it. I was like you before - I would have had my doubts before, but not now.

 

[G~JOOSE]

To iphoneuser1

From what I gather you have an issue with the android and apple software because of a hole that can be compromise to allow spying on the user. Your girlfriend lives 800miles away and is being harassed by a thug who has mental issues. Well lets start with some basic trouble shooting. Go to the app management to access what is running in the background. I prefer using third party applications like android system information to really show what is there. If you see somethi g you are not familiar with, force stop it. The app what I mention earlier will also show you what apps starts when the system starts. Well if there be somethng you are not familiar with, force stop then uninstall.

Your girlfriend could also download an app like ''copy to sim card'' to back up her numbers and she can go on the android market, type in back up apps in the search bar and download the first thing she and see to back up her apps and then restore the phone system to factory setup.

Now if none of this works you have to start thinking how serious the situation is (and to start thinking if maybe you are just getting played). In the event that you want to take precautions, then discarding the phone is best. Get a cheap phone until you can buy her a blackberry or windows 7 phone since our beloved android and even the ''divine'' iphone has fail you. When done find out were did she got the phone because the person could of install some app that does do such a thing as you said.

Lastly dont think it farfetch that you could just be getting played as it is very unlikely that a woman would keep the means of her privacy being invaded with her at all times.

 

[iphoneuser1]

To iphoneuser1

From what I gather you have an issue with the android and apple software because of a hole that can be compromise to allow spying on the user. Your girlfriend lives 800miles away and is being harassed by a thug who has mental issues. Well lets start with some basic trouble shooting. Go to the app management to access what is running in the background. I prefer using third party applications like android system information to really show what is there. If you see somethi g you are not familiar with, force stop it. The app what I mention earlier will also show you what apps starts when the system starts. Well if there be somethng you are not familiar with, force stop then uninstall.

Your girlfriend could also download an app like ''copy to sim card'' to back up her numbers and she can go on the android market, type in back up apps in the search bar and download the first thing she and see to back up her apps and then restore the phone system to factory setup.

Now if none of this works you have to start thinking how serious the situation is (and to start thinking if maybe you are just getting played). In the event that you want to take precautions, then discarding the phone is best. Get a cheap phone until you can buy her a blackberry or windows 7 phone since our beloved android and even the ''divine'' iphone has fail you. When done find out were did she got the phone because the person could of install some app that does do such a thing as you said.

Lastly dont think it farfetch that you could just be getting played as it is very unlikely that a woman would keep the means of her privacy being invaded with her at all times.

Very much appreciated - good info!

I've checked into the possibilities and only spyware fits the situation properly - it would take 20 pages to explain the whole thing in detail (which I will spare you) needless to say, I've done my homework, it's spyware. Take for granted that I have looked into everything and it was Private Investigator's opinion (whom I hired) that it's spyware - he uses something similar himself he told me.

Needless to say any device that is more than "appliance" can have issues.

Also, I think I have found the software on my own that can defeat this type of spyware - one is 'Lookout' and the other is 'SMobile Security Shield' - both seem to have the signatures of these spyware apps. I'm posting this for the 700+ viewers of this thread, maybe it will help someone with a similar issue. Other than "A.Nonymous" and "G~JOOSE" no one was of any help whatsoever.

Ultimately that's all I was looking for, basically someone that said, "oh yeah, go get Lookout or SMobile, they delete spyware and malware" Or what the 2 guys above said which is, "you have to do a factory reset."

I didn't expect people to say that there is no such thing - when a simple google search reveals clearly that there is - and, for all devices. Sheesh! Is ignorance a badge of honor?

Again (3rd time?), let me state again that I am NOT an iPhone fan. Again - I am NOT a fan, I just use one. Did anyone actually read my posts? I told her to buy an android, I like android, I want her to KEEP her android - I almost bought one myself. Again - sheesh!!

 

[A.Nonymous]

I've checked into the possibilities and only spyware fits the situation properly

This is what makes no sense to me whatsoever. Assuming you are correct and it is spyware then the following has happend:

1. Someone has developed spyware for Android that is undetectable.
2. No one in the world knows about this and it has not be detected by Google or any other groups that specialize in detecting malicious apps and security exploits.
3. This spyware has somehow acquired root privileges on a user's phone with no interaction with the user. (This alone is virtually impossible unless you want to tell me that someone got physical access to her phone, rooted it, installed the malicious app and returned it to her without her knowledge.)
4. This spyware shows no indication to the end user at all that it is even installed.

None of those things are even remotely likely. In fact, all of them are extremely unlikely. The odds of all of them happening is virtually impossible. I suspect you are merely trying to advertise the two apps you keep mentioning over and over. One of them does not even run on Android according to it's own web site. The other one is extremely dubious IMO as the entire first page of google is just them spamming their own programs benefits. If you dig, you can find pages of user comments saying the program either doesn't work as described or doesn't work because they can't get physical access to the phone to install it.

 

[iphoneuser1]

This is what makes no sense to me whatsoever. Assuming you are correct and it is spyware then the following has happend:

1. Someone has developed spyware for Android that is undetectable.
2. No one in the world knows about this and it has not be detected by Google or any other groups that specialize in detecting malicious apps and security exploits.
3. This spyware has somehow acquired root privileges on a user's phone with no interaction with the user. (This alone is virtually impossible unless you want to tell me that someone got physical access to her phone, rooted it, installed the malicious app and returned it to her without her knowledge.)
4. This spyware shows no indication to the end user at all that it is even installed.

None of those things are even remotely likely. In fact, all of them are extremely unlikely. The odds of all of them happening is virtually impossible. I suspect you are merely trying to advertise the two apps you keep mentioning over and over. One of them does not even run on Android according to it's own web site. The other one is extremely dubious IMO as the entire first page of google is just them spamming their own programs benefits. If you dig, you can find pages of user comments saying the program either doesn't work as described or doesn't work because they can't get physical access to the phone to install it.

Good points. I'll go through it to the best of my knowledge.

1. I think it's detectable, but I am not very knowledgable of the intricacies of the Android. I am talking to my girlfriend on a landline as we go through the menus - not very efficient. Plus I am a novice on android and don't know what should be in the system or not.

2. Well the SMobile guys have info on it:

MobiStealth | Juniper Global Threat Center

MobiStealth
Affected Operating Systems: Android, BlackBerry
Aliases:
Discovery Date: 2010-01-13
Overview: MobiStealth is a spyware application for Android and BlackBerry platforms
Detailed Information: MobiStealth is a spyware application that currently runs on Android and BlackBerry devices. MobiStealth has the ability to completely hide itself from detection by the intended user. MobiStealth has the following capabilities:
Call Recording
Call History
Call Duration
On Demand Surround Recording
Location History
On Demand Location Information
Alternative Location Retrieval Method
Email Logging
Web History
Bookmarks
Picture Logging
Video Logging
Contact Details
Text Message / SMS Logging
Reverse Phone Lookup
SIM Change Notification (Only Applicable to GSM Phones)
Encrypted Communication
Phone Wipe
For Android, MobiStealth arrives as mobistealth.apk and installs on the device as EmailClient. MobiStealth hides itself from detection by the intended target in that no application icon is visible in the application drawer on the device. However, viewing the list of installed applications through Settings > Applications > Manage applications will reveal the existence of the EmailClient application. For BlackBerry, MobiStealth arrives as .zip file that contains the following files:

EmailClient.cod
EmailClient-1.cod
mmv2.jad
Once installed, MobiStealth exists on the device as EmailClient and does not offer an application icon as it is completely hidden from the user. MobiStealth can only be installed on a target device with physical access. Detection and Removal: Detected and removed with SMobile VirusGuard virus definitions from 2010-01-13

3. I am pretty sure he got ahold of her phone. He has already hacked her e-mail although I wouldn't call it hacking really as she is the type of clueless user who used her birthday and pet names for password. I've gotten her to stop that nonsense.

4. See the answer to 2 again, to wit "MobiStealth has the ability to completely hide itself from detection by the intended user."

Again, I do think that the stalker somehow got a hold of the phone. Some people don't have their phone duct taped to their bodies. I've left mine on countless occasions, I was never that paranoid before. Also I read those reviews as well, but you'll notice that even the negative one's say they got some data off the phone but they were upset that the results were inconsistent - partial voice, partial email, etc. But there are other packages out there as well and I haven't traced them all down. I am not sure if it is mobistealth or flexispy or one I haven't heard of. But that's why I came here in, I admit, an agitated state. I didn't realize that the other users (not you, as you've been helpful) would go into psycho gang attack mode on me for suggesting something was wrong with the android!

Note: Again - I LIKE the android!!!

I am only interesting in finding facts myself. And if this exploit is at all possible it is worth knowing about.

Final note: most people will never be the target of stalking, but for the small percent who are the target, it is worth having some info. And my hope is that these sick people who write this software will fail because people will have counter-measures installed to stop it. If this thread helps people to be cautious then that can't be a bad thing.

 

[G~JOOSE]

Lets just assume that this gentleman know what he is talking about and say it is a spyware exploitation software then there is a knave software designer that is going to create some havoc in the near future. Iphoneuser1, the people using this site are not naive so expect them to challenge other view points when they do not share the same experience as you did. It is highly unlikely as well as it is not impossible, the bottom line is that you must take action for the welfare of your girlfriend. If you find a solution then good for you, if you still uncertain then switch phones. As for people assuming that you is a apple fanboi, consider that you are on a android dedicated site(thus the name) and you have for your user name ''iphoneuser1'', your in the wrong hood if you want to wear that color shirt pal. Hope this solve all your inquiries.

 

[iphoneuser1]

Lets just assume that this gentleman know what he is talking about and say it is a spyware exploitation software then there is a knave software designer that is going to create some havoc in the near future. Iphoneuser1, the people using this site are not naive so expect them to challenge other view points when they do not share the same experience as you did. It is highly unlikely as well as it is not impossible, the bottom line is that you must take action for the welfare of your girlfriend. If you find a solution then good for you, if you still uncertain then switch phones. As for people assuming that you is a apple fanboi, consider that you are on a android dedicated site(thus the name) and you have for your user name ''iphoneuser1'', your in the wrong hood if you want to wear that color shirt pal. Hope this solve all your inquiries.

Ha! I know, I really wasn't thinking - I figured the name would show that I was a novice on android - and that I would get more help from the expert here!

Boy was I wrong about that!!!!! Wow!!!

 

[sonofaresiii]

Do you have Lookout or one of the antivirus apps? Aren't they supposed to stop, and/or remove this stuff?

.

 

[iphoneuser1]

Quote:
Originally Posted by bigbadwulff
Do you have Lookout or one of the antivirus apps? Aren't they supposed to stop, and/or remove this stuff?
.

No, not yet I put on AVG and NetQin, but i don't think they have the right definitions in them, I will try Lookout and then buy SMobile. I want to know if they catch something. Ultimately, if all else fails it will be a clean wipe and reset. I will post my findings either way.

 

[Slug]

I am pretty sure he got ahold of her phone.

Either that, or she inadvertantly installed it herself. According to the info you posted

MobiStealth can only be installed on a target device with physical access.

It also states that

viewing the list of installed applications through Settings > Applications > Manage applications will reveal the existence of the EmailClient application

so if that app is present it confirms your diagnosis.

If so, then as suggested forget about disinfection and simply nuke it from orbit i.e. factory reset the handset. Yes it's a PITA but better that than continue worrying about a loved one's safety.