Jump to content

Recommended Posts

Hi there,

i possibly got hacked. I used malwarebytes on my android smartphone.

Over telegram i wanted to got support by a problem and i suddenly got a new chat open. So far everything was ok.

I didn't install any apk or anything else but i stupid opened a link which looked safe for me to a chat. I didn't download anything, and everything happend in the firefox browser.

The point is i am very interessted in stuff like hacking and xploits and because of that i know that it is possible, e.g. to infect an apk which will then open a door to my device. So i am normally very carefull.

 

Malwarebytes did't found any malware. But i also know there is the possibility that this kind of infections are not detected by the antivirus antimaleware-programms.

I reset no script, i uninstalled with SD Maid Firefox and i installed firefox again.

 

I also used wicap (wireshark) to capture the traffic and i found the IP 100.65.5.20/29 where whois found nothing over the internet. Perhaps you can tell me if this ip is ok and i am paranoid?

Also i found d38dmyc704gday.cl**dfront.n*t.

 

After this evening i also get a Bitcoin scam, that my device... bulls**t the Email is coming from russia from this ip 45.156.26.160

 

So my main question is could there any, keylogger / backdoor virus still be on my smartphone? Is this possible to install it over java api?

I hope really you can help me with the cloudfront link and with the ip 100.65.5.20

 

Regards affasa

 

Link to post
Share on other sites
  • Staff

Hi @affasa,

What you are most likely experiencing is browser related ads.  You did the right thing by not downloading anything, and should be malware free.  If you encounter these kinds of pop-ups/web redirects again, try clearing your history and cache within the browser.  In addition, clearing the storage & cache within the browser itself may help:

  1. Go to Settings > App Info
  2. Go to your browser app (such as Chrome) and click
  3. Go to Storage & cache
    1. Click Clear Storage
    2. Click Clear cache

As far as the internet traffic, your phone is constantly creating noisy internet traffic.  They don't add up to much data, but turning on a internet traffic sniffer can look overwhelming.

If you're still worried about a malware app being installed, I'd be happy to check it out for you.  Just send an Apps Report.

To send an Apps Report with Malwarebytes for Android use the following instructions.

1. Open the Malwarebytes for Android app.

2. Tap the Menu icon.

3. Tap Your apps.

4. Tap three lines icon in upper right corner.

5. Tap Send to support

Choose an email app to send Apps Report.

Your email app will open with the Apps Report included.

At this point, it would be very helpful to mention you are submitting via recommendation from the Malwareybtes forum.  This allows our support staff to know where to direct it.

By sending the Apps Report, you will create a ticket in our support system.

Private Message (PM) me the email used and/or the ticket number assigned.

Nathan

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.