Post Reply

I've been hacked, can you help me to see where was the problem?

8th February 2014, 01:49 AM   |  #1  
OP Senior Member
Thanks Meter: 103
 
895 posts
Join Date:Joined: Oct 2007
Hello

Information:

Just 2 hours ago I have been hacked and I think that was in my phone. I was making a paypal payment to a friend using the paypal app when sudently, seconds after sending the payment I received a mail of paypal with that transaction and another one of 2.500€ that obviously I never did.

The payment was never make because I don't have so many funds, but they tried 5 times with different quantities and all of my cards. Well, after seeing this I changed my password and all of that **** and right now I want to know before I make a clean rom install if I could investigate where the hack came from.

I am using a Galaxy note 3, it is rooted but limited apps have access to root and I also use xprivacy.

The apps with access to root and the xposed modules are this ones



and my rooted apps



Hacker paypal data

The data of the money receptor is:

Sent to: Enrique Gallardo Boto (The recipient of this payment is Non-US – Verified)
Email: BotoGallardo@hotmail.com

What I want

I want to investigate if is possible a little bit more of this. I was thinking on restoring a Titanium of all my apps to yesterday, open logcat or any app that can help me to know where the leak came and what app was the malware and try to make another legit transaction to see if happens anything from my phone.

The problem is that I don't really know how should I proceed and I want to solve this for me and more people.

Any idea?
Last edited by kersh; 8th February 2014 at 02:23 AM.
8th February 2014, 05:30 AM   |  #2  
Junior Member
Thanks Meter: 2
 
16 posts
Join Date:Joined: Sep 2010
Is the network you used secure out of curiosity? What kind of apps do you have as far as security just curious?
8th February 2014, 05:43 AM   |  #3  
wtoj34's Avatar
Senior Member
Flag San Antonio, TX
Thanks Meter: 150
 
613 posts
Join Date:Joined: Jan 2012
More
You could try taking a look at some of the applications' play store reviews as well as the modules' forum threads to see if anything had been reported. I'm always very cautious with root permissions, hard to always know what an app will use it for. Personally I stick to my PC for transactions and stay as far away from Google wallet as I can

Sent from my SCH-I605 using xda app-developers app
8th February 2014, 10:21 PM   |  #4  
Veeshush's Avatar
Member
Thanks Meter: 5
 
31 posts
Join Date:Joined: Feb 2014
More
There's a VirusTotal app you could try, maybe one of your apps is malicious. But if you'd know how to, I'd also just copy all the apps to your PC and then upload them to VirusTotal that way, it'd be a lot easier.

There's also some pc malware out that can infect your phone even. I'd run a decent anti virus on both your phone and your pc as well. (I like Kaspersky, Malwarebytes and ESET personally).

The other thing too is maybe your passwords are just really weak. I'd recommend a password generator like Keepass.
12th March 2014, 11:37 AM   |  #5  
simonbigwave's Avatar
Senior Member
Flag a secret point break
Thanks Meter: 186
 
585 posts
Join Date:Joined: Nov 2013
More
Fyi only
Jus saw this https://blog.lookout.com/blog/2014/03/06/dendroid/ dendroid malware can takeover ur cam and audio and sneak into your googe play.. features:

Ability to intercept and block SMS received by the target device
Download Pictures from the target device
Spy on the user by taking pictures or making audio and video recordings
Download the userís web browser history and any saved bookmarks
Download any other accounts (email, social media, VPN) stored on the device
Send texts as the device owner
Record any ongoing calls
Open a dialogue box to ask for passwords or send messages to the victim
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools
Display Modes


Top Threads in Questions and Answers by ThreadRank