Jump to content

google/samsungcloud/findmydevice exploited and infected


Recommended Posts

yesterday out of blind luck I clicked a link on whatsapp that redirected me to a phishing website. I installed malwarebytes and ran a scan deep, clean but maps kept showing again and again as installed app on the scan screen, I freaked and disabled every permission google and google related find my device functions, factory reset, immedeatly download malwarebytes and scan again, now it was instagram that was installing again, and some other app I forgot. I completely wiped the rom and reflashed the stock factory rom from an isolated laptop, same thing again.

this is the url analysis of the phishing page I immedeatly exited without pressing anything but it seems this sandbox only runs desktop stuff so its not that accurate with what it supposedly tried to do to my device (the page I saw was a mobile page but this one below only sees an error page)

https://www.joesandbox.com/analysis/799705/0/html

 

Screenshot_20230401_222649_Malwarebytes.jpg

Link to post
Share on other sites

5 hours ago, Porthos said:

It's best to open a support ticket so one of the mobile device support agents can assist you with this.

Please note it may take a few days before a reply though due to high ticket volumes. Please only open one ticket

Consumer Support
https://support.malwarebytes.com/hc/en-us/requests/new

Thanks

ok meanwhile is it normal for galaxy apps to have used 1.4gb data exactly when I slept? also from the moment i slept there is a spike in battery use and Im freaking out please at least give me an opinion brother 

Screenshot_20230402_051018_Device care.jpg

Screenshot_20230402_045757_Settings.jpg

Link to post
Share on other sites

11 minutes ago, helpmepleaseman said:

meanwhile is it normal for galaxy apps to have used 1.4gb data exactly when I slept?

This might help. I do not have one of those phones. https://forums.androidcentral.com/threads/what-is-the-samsung-galaxy-app-and-why-is-it-sucking-huge-amounts-of-my-data.480915/

Edited by Porthos
  • Like 1
Link to post
Share on other sites

15 minutes ago, Porthos said:

thank you very much for the guidance, what spookes me is that I had stripped it of all permissions as in that guide, however I didnt uninstall updates so I will do that

the second spook is that the data usage is the exact size of my whatsapp backup that I downloaded 10 hours prior

the third and the weirdest spook is that the first 2 hours I put my phone down and slept spotify was the top battery usage (from no usage the past 3-4 hours before this)

I had not used spotify since morning and I constantly close apps when I dont use them, when I woke up and saw this usage I immedeatly opened the app and there was some text in the search bar (it was not searched,it was simply sitting in the bar) 

could a malware that can use the find my mobile backdoor possibly allow the hacker to run absolute code that even allow them to mask their data use and log it as other apps?

could an exploit like this survive a complete rom wipe then new rom flash?

I had turned off 'find my mobile' but theoretically the permissions that function has is capable of these?

should I root my device and wipe any system file and data of "find my mobile" I can find ?

also there are some interesting results on google when I google this particular user id that I spotted checking the data usage immedeatly after both factory resets and rom flashing

android.uid.samsungcloud:5009

I had not either loggen into samsung account or a google account when spotting this, having checked a couple other galaxy A (A50 and A30) of my friends, I did not spot this

sorry for the bother mate but I've been a victim of a silent uncommon virus before and it had nearly ruined my life I have had some serious mental complications since then but since the last 4 years this is the first time I actually suspect something is up

Screenshot_20230402_054745_Device care.jpg

Screenshot_20230402_050856_Spotify.jpg

Screenshot_20230402_060107_Settings.jpg

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.