• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

Malicious Software Removal Help

Search This thread

Kjharahuc

Member
Nov 2, 2019
17
0
So need a little help. I have an identified attacker on my phone who has injected spyware which is actively listening to all conversations, reading messages in real time, has access to all apps and full access to the phone. Essentially its an illegal wire tap thats able to view and listen to what i am doing. My question is this, can i clone my phone with all the data on to a thumb drive? Reason i have to turn over the phone to the local police for forensic examination and id rather just give a copy then my personal phone. 2. Is there a way to isolate the program to stop the massive leak without totally wiping my phone? Thanks for your help, I know this is an odd question and a little off the norm any help is deeply appreciated.
 

blackhawk

Senior Member
Jun 23, 2020
6,468
2,121
Nuke it now.
Change Google and all account passwords after reloaded.
In the future be careful what you install and download or you'll be doing this again!
 

Kjharahuc

Member
Nov 2, 2019
17
0
Nuke it now.
Change Google and all account passwords after reloaded.
In the future be careful what you install and download or you'll be doing this again!
cant i have to give the information to the police here, long story but the person who did the attack is involved in criminal activities im witness to and my phones going to be evidence. so i need all of the data on my phone to be transfered either to another device or to a thumb drive , after that i can nuke the phone
 

blackhawk

Senior Member
Jun 23, 2020
6,468
2,121
cant i have to give the information to the police here, long story but the person who did the attack is involved in criminal activities im witness to and my phones going to be evidence. so i need all of the data on my phone to be transfered either to another device or to a thumb drive , after that i can nuke the phone
Well take it offline and backup the data. It should already be backed up though.
That data may have been tainted too.
Your biggest issue is you don't know how or by what it was infected.
Keep the phone completely disconnected from the carrier/internet until it's reloaded.
At this point it is a 100% liability.
 

Kjharahuc

Member
Nov 2, 2019
17
0
Well take it offline and backup the data. It should already be backed up though.
That data may have been tainted too.
Your biggest issue is you don't know how or by what it was infected.
Keep the phone completely disconnected from the carrier/internet until it's reloaded.
At this point it is a 100% liability.
absolutly 100% agree, i cannot use the twrp backup since the phone has another user on it. I get an error due to the inability to decrypt the data. So im hoping imiging the phone over to a SSD that i can then turn into the police will be effective enough. I was able to identify several folders that are not mine or have anything to do with the apps on my phone so they should be able to do the same. To bad there isnt a way to tunnel back through and gain access on the other side of the leak.
 

blackhawk

Senior Member
Jun 23, 2020
6,468
2,121
The only things I be concerned with be securing the data, accounts and getting it operational.
I be done with it in under a day.
 

blackhawk

Senior Member
Jun 23, 2020
6,468
2,121
Don't transfer to another Android platform...
Verify the data is readable and all there.