FORUMS
Remove All Ads from XDA

Secure compromised device

1 posts
Thanks Meter: 0
 
By Goingby, Junior Member on 11th September 2019, 05:47 PM
Post Reply Email Thread
Hi everyone! This is my first post, but I have used the search tool already without success. I am just a user, not developer and quite noob regarding mobiles and security.

Situation
1. I've got hacked, total control (photos, emails, camera, contacts, whatsapp, screen etc) of my unrooted android phone (xiaomi redmi note 7).

It was a targetted attack, no manual app installed, no unsafe 3rd party apps allowed. Attackers only had my gmail account (linked to android) and telephone number. I know them personally, and they leaked personal information to people at work (who enjoy it between them but won't help me at all).

No high consumption of battery/data. Just leeching information, launching some apps eventually, and few interactions with the screen minimizing etc.

2. I Installed antimalware (e.g malwarebytes), antivirus (avg, esset etc). No positive results. I also installed "Noroot firewall" to control programs accessing internet, nothing strange.

3. I've changed emails(new), SIM + Telephone. Got hacked again. I suspect my own wifi was compromised.

Additionally, added 2 step verification to emails, changed passwords, encrypted the device etc. I have found no IP from them in the emails log, nor alert from gmail. Only once a session from Linux device (not mine). I believe they have accessed through the device.

4. I want to restore the device somehow and avoid getting hacked again.

One of the problems I face is taht that now I'm not in the same circle of people from which I gathered most of the info on the leaked information, so I can't get to know if the actions I am taking got rid of the hack, besides some punctual actions they may do (launch app etc). So I have to act quite paranoid and do the most secure action.

Question
1. Any idea on how they managed to do that? how can I prevent it or prove it? a reset would get rid of any proof, but I kinda prefer it if it is once and for all.

2. A hard reset only formats one partition (user data), so if there is a trojan located in /system it would be pointless. With an unrooted device I can only get rid of /cache and /data.

Should I install another ROM?(my phone has always been unrooted) which one? (restoring the stack ROM would probably be pointless if the vulnerability is due to android...

3. Is there any other measure I could take?

I'd appreciate any help.

Thank you!
 
 
Post Reply Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes