Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,772,327 Members 44,653 Now Online
XDA Developers Android and Mobile Development Forum

I've been hacked, can you help me to see where was the problem?

Tip us?
 
kersh
Old
(Last edited by kersh; 8th February 2014 at 02:23 AM.)
#1  
Senior Member - OP
Thanks Meter 90
Posts: 884
Join Date: Oct 2007
Default I've been hacked, can you help me to see where was the problem?

Hello

Information:

Just 2 hours ago I have been hacked and I think that was in my phone. I was making a paypal payment to a friend using the paypal app when sudently, seconds after sending the payment I received a mail of paypal with that transaction and another one of 2.500€ that obviously I never did.

The payment was never make because I don't have so many funds, but they tried 5 times with different quantities and all of my cards. Well, after seeing this I changed my password and all of that **** and right now I want to know before I make a clean rom install if I could investigate where the hack came from.

I am using a Galaxy note 3, it is rooted but limited apps have access to root and I also use xprivacy.

The apps with access to root and the xposed modules are this ones



and my rooted apps



Hacker paypal data

The data of the money receptor is:

Sent to: Enrique Gallardo Boto (The recipient of this payment is Non-US – Verified)
Email: BotoGallardo@hotmail.com

What I want

I want to investigate if is possible a little bit more of this. I was thinking on restoring a Titanium of all my apps to yesterday, open logcat or any app that can help me to know where the leak came and what app was the malware and try to make another legit transaction to see if happens anything from my phone.

The problem is that I don't really know how should I proceed and I want to solve this for me and more people.

Any idea?
 
XP_1
Old
#2  
Junior Member
Thanks Meter 2
Posts: 16
Join Date: Sep 2010
Is the network you used secure out of curiosity? What kind of apps do you have as far as security just curious?
 
wtoj34
Old
#3  
wtoj34's Avatar
Senior Member
Thanks Meter 147
Posts: 579
Join Date: Jan 2012
Location: San Antonio, TX
You could try taking a look at some of the applications' play store reviews as well as the modules' forum threads to see if anything had been reported. I'm always very cautious with root permissions, hard to always know what an app will use it for. Personally I stick to my PC for transactions and stay as far away from Google wallet as I can

Sent from my SCH-I605 using xda app-developers app
If I help any one any where at any time, please let me know by clicking thanks!
Current devices: HTC ONE M8, Galaxy Nexus, Motorola Xoom Former devices: Droid X2, Droid Charge, Note 2,
 
Veeshush
Old
#4  
Veeshush's Avatar
Member
Thanks Meter 5
Posts: 31
Join Date: Feb 2014
There's a VirusTotal app you could try, maybe one of your apps is malicious. But if you'd know how to, I'd also just copy all the apps to your PC and then upload them to VirusTotal that way, it'd be a lot easier.

There's also some pc malware out that can infect your phone even. I'd run a decent anti virus on both your phone and your pc as well. (I like Kaspersky, Malwarebytes and ESET personally).

The other thing too is maybe your passwords are just really weak. I'd recommend a password generator like Keepass.
 
simonbigwave
Old
#5  
simonbigwave's Avatar
Senior Member
Thanks Meter 177
Posts: 534
Join Date: Nov 2013
Location: a secret point break
Fyi only
Jus saw this https://blog.lookout.com/blog/2014/03/06/dendroid/ dendroid malware can takeover ur cam and audio and sneak into your googe play.. features:

Ability to intercept and block SMS received by the target device
Download Pictures from the target device
Spy on the user by taking pictures or making audio and video recordings
Download the userís web browser history and any saved bookmarks
Download any other accounts (email, social media, VPN) stored on the device
Send texts as the device owner
Record any ongoing calls
Open a dialogue box to ask for passwords or send messages to the victim
 
CM11 819 nightly w ART/Alucard Kernel AOSP V.2/4.4.4/Jflte/FNAD/Philz Touch Recovery v.6.57.2/Greenified /edSDfix/SuperSUPro.v2.02/avFonts-Aroma/3D Wood icons/Titanium Pro/UltraSD64G/Orbot+Orweb+VPN : previous device TW 4.4.2 changelist 481100 w/Xposed/Wanam/deBloated/XPrivacy bla bla bla ."remember, it is good karma to give thanks"..first device mod Palm Pilot 1997
Cool app here. Test at own risk
To all my haters click here
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes