security - Captivate Q&A, Help & Troubleshooting

What is a good security suit for android? i looked on market but they all seem to do diffrent things..thanks..

I like Lookout. In addition to scans for malware and spyware, it can also help you find your missing device.

You don't need a security app... I haven't known anything in the market to be malicious.
Sent from my SGH-I897 using xda premium

^ You haven't seen alot of the apps, specially the chinese ones. Regardless half the time you do get one is because you don't read. Still good idea to have something just in case.

what are your expectations of the app?
personally i run cerberus because i only expect to be able to locate a lost or stolen phone. I can set basic options with it, take pictures with it, geo locate with it... all even if wifi is turned off. It has the option to communicate via text messages with the cerberus servers.
http://cerberusapp.com/

Related

[Q] Is Antivirus necessary ?

Hi,
I searched but couldn't find in this forum the answer of my question.
So, is an antivirus software necessary for Android? i can see a many of them on the market.But i don't want to install something that only "appears" do a lot of things but actually does nothing.
i personally think antivirus is essential, you have it for your pc right ? why not for your phone ? especially since android is open source, its easy for someone to make a virus and pretend its an amazing app.. even so our phones have everything on them.. contacts. passwords, personal info. email messages, saved bank details. i highly recommend antivirus for your phone.
i use lookout mobile security, its free ( or 30day free trial for pro ) and it scans every new app installed, it updates regularly, and best of all, if you ever lose your phone or have it stolen. you can go on to mylookout.com and block the phone / wipe all data / even track it down thru gps (even if gps is disabled ) all via your pc. its well worth it..
Thanks for the reply !
Actually i was wondering if Android is linux based, it could not be affected by a virus.
What you are talking about is more of a malware/spyware related problem (like stealing passwords, CC numbers etc.).
But if a software can prevent that kind of stuff , its well worth it.
Just wanted to know does Lookout mobile security makes your SGS( I am Assuming) slow ?
You can try avg pretty fast.
Sent from my GT-I9000 using XDA App
Superuser_x said:
Thanks for the reply !
Actually i was wondering if Android is linux based, it could not be affected by a virus.
Click to expand...
Click to collapse
Sure it can be, the scale of viruses written for Linux is just smaller than is for Windows OS (imagine how many people use Windows), but since Android is growing at a really fast pace, I think that AV programs will be needed in the future if not now (at least for average users).
Superuser_x said:
Just wanted to know does Lookout mobile security makes your SGS( I am Assuming) slow ?
Click to expand...
Click to collapse
Not, that I have noticed it. It's pretty light weight...
I don't think so, not yet at least. Android is designed so that when you install apks or market apps, you are shown the permissions they require. This goes some way to helping you decide whether an app is trustworthy or not.
If in future, we get a spate of viruses/fake apps hitting android, then it might start becoming a standard feature. If you follow sites like xda or android websites daily, you will probably hear about any viruses before you even get the chance to download them (imo).
In the meantime, antivirus apps probably just reduce your battery life and performance...
No not at the moment. If your phone isnt rooted then apps wont have full access to system files, so in that sense i guess your protected to an extent.
If you only install apps from trusted sources then you should be fine. Perhaps over the coming months you may wish to implement a security solution as threats emerge more often.
Personally im awaiting a solution from ESET if ever. If it is somewhat similar to their desktop sloution but optimised for android then im hoping it will be just as light on resources. Avg just slows my phone right down. In any case im sure that you can expect a slight decline regarding phone performance with a security solution implemented.
every one has their own opinion, personally i cant see what harm it can do having a antivirus, lookout for me doesnt slow down my phone at all, and its reassuring knowing that all my apps get scanned regularly, some think its easy to get a virus, some say different, least if you do have an anti virus, you know your covered just incase,,, plus the extra benefits of lookout are superior...
Hmm.. Appreciate you all replying
As for AVG , i never trusted it to be working(on PC).So i am going to lookout for something else... like Lookout
Seems it is still a debatable issue that is an antivirus really effective on android platform.May be some hardcore developer can answer it more clearly.
I see some paid Antivirus softwares on market, can't make out there worth.
So the question still remains the same....Is an antivirus necessary on android ?
well looks like you will have to make your own conclusion on that one... there are free anti viruses out there, so you cant go wrong

[Q] Antivirus for Gtablet - Experiences/Preferences

I am aware that Android being Linux based doesn't suffer from all the malware of other devices but with so much personal information being kept in our smart devices it is only a matter of time before less than savory individuals attempt ways to separate us from ourselves so..
I am interested in your experiences with FREE antivirus products. Personal opinions.. ones you have tried.. how secure you think they are. I am only interested in the anti-virus portion of these apps. Not really interested in the backup portions. Perhaps if they offer free secure remote data wipe that would be of interest in the future.
I currently use Lookout Mobile Security but not totally secure with it due to such a limited amount of threats. It is why I am asking for personal opinions and personal preferences so more of us can make better choices to protect our favorite toy.
Of interest would be NetQin due to their experience and experience with other phones.. mostly Symbian.
AVG's version due to their experiences with anti-virus but I have heard of issues where their desktop version failed to identify virus or malware.
And also BluePoint Antivirus and their entry into protecting Android OS. BluePoint seems to be a solid antivirus provider but the reviews for the android device have been less than favorable.
There is also Dr.Web and MyMobile Protection of which I have no clue
Antivirus Free by creative apps appears to have built and designed by an individual an not a company so I am not sure of the trustworthiness of this app although alot have downloaded it.
I would expect them all to scan as apps are downloaded and installed. Most seem to be cloud based scanners.
Your opinion is appreciated..
Thanks
Amazing - 254 views
254 views and no opinions or preferences.. surely someone is using antivirus software on their gtablets?
There are no know viruses for Linux in the wild. So what would it be scanning for? You really should be more worried about the permissions that are given when you install an app. If you rooted your device (and who hasn't), this would provide access for any malware.
wasserkapf said:
There are no know viruses for Linux in the wild. So what would it be scanning for? You really should be more worried about the permissions that are given when you install an app. If you rooted your device (and who hasn't), this would provide access for any malware.
Click to expand...
Click to collapse
One of the things I like most about it the android platform is the permissions it presents when installing apps. There has been malware reported that exploits sms sending your bill threw the roof and lining the pockets of some foreign company. There is also reports of a Trojan that is designed for Android. It collects personal info on the phone and sends to remote servers. I completely understand that the threat is very limited but with the opportunity to collect personal data I believe it is only a matter of time before the threats increase. I am only trying to stay ahead of the curve. While most threats at the moment require a user to allow they will get more sophisticated with time. Thanks for your reply!
i second your worry but i think mainly we must watch on apps. maybe a sandboxing app would be nice?
I use DroidWall on my G Tablet. That way I can whitelist what apps have internet access and what one's don't. Best way I've found for protecting my information and malware. I've used it with pershoots kernal on vegan and on BitTrix's CM7.
For virus scan's I've used both AVG's pro version and Lookout for my tablet and my phone. AVG's did detect some settings, like it warned when it detected root, warned on some programs that use root access, and on my phone would flag some SMS's. But the tracking on AVG is pretty worthless. On my phone setting it at lost would start it tracking, but every time I tried it it would be somewhere around 5-6 miles from where I actually was. The phone lock and wipe don't work either, at least with moto droid.
Lookout's scanning only seems to report based on the permissions. The tracking on lookout is much better. The couple times I've tried reporting lost on my phone it would have a very accurate reading in a matter of 3-4 minutes.
But can't say how well they work in virus's or malware as I've never ran into any yet.
Thanks for the input.. what I was curious about.. which ones are actually looking for malware and which ones are just scanning permissions. Off to search for droidwall.. thanks!
lordgodgeneral said:
I use DroidWall on my G Tablet. That way I can whitelist what apps have internet access and what one's don't. Best way I've found for protecting my information and malware. I've used it with pershoots kernal on vegan and on BitTrix's CM7.
For virus scan's I've used both AVG's pro version and Lookout for my tablet and my phone. AVG's did detect some settings, like it warned when it detected root, warned on some programs that use root access, and on my phone would flag some SMS's. But the tracking on AVG is pretty worthless. On my phone setting it at lost would start it tracking, but every time I tried it it would be somewhere around 5-6 miles from where I actually was. The phone lock and wipe don't work either, at least with moto droid.
Lookout's scanning only seems to report based on the permissions. The tracking on lookout is much better. The couple times I've tried reporting lost on my phone it would have a very accurate reading in a matter of 3-4 minutes.
But can't say how well they work in virus's or malware as I've never ran into any yet.
Click to expand...
Click to collapse
Unable to use Droidwall with TnT ver4.2 due to an error I receive "can't initialize iptables table 'filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded.
This error message unfortunately means that your kernel does not support iptables/netfilter, so DroidWall will not work.
There is nothing I can do on DroidWall to make it work, and the only possible solution is to flash a customized ROM with netfilter support."
Kind of a disappointment - was looking forward to it

How to avoid someone stole you nexus and read your personal info

im a happy nexus 7 owner but im wondering how i can protect my nexus private data or even FB or TW from other people, in my phone i use avast so i can "delete" all data by sms, but i cant do this on my nexus, i was thinking use "pattern" or pin unlock screen, but its annoying doing this on every time i want unlock my screen, i was thinking on apps that put password on selected apps, but again maybe this could be annoying, and maybe someone with a little skill can use ADB or uninstall TB and re install and delete "data" from the app who its protecting (im rooted) so im wondering its other way to protect my nexus 7? i guess this are the best but im wondering if its other way that i didint know.
Thanks
Cerberus app
Sent from my Nexus 7 using Tapatalk 2
ateebtk said:
Cerberus app
Sent from my Nexus 7 using Tapatalk 2
Click to expand...
Click to collapse
+1 for Cerberus.
I use it on my nexus 7 and my att Samsung galaxy s ii. It can remotely wipe your device, lock it, track it via GPS even if you don't have GPS on, set off alarms, take pictures and video from the camera, and many other things. It is 110% worth it. I recommend it highly.
patriot720 said:
+1 for Cerberus.
I use it on my nexus 7 and my att Samsung galaxy s ii. It can remotely wipe your device, lock it, track it via GPS even if you don't have GPS on, set off alarms, take pictures and video from the camera, and many other things. It is 110% worth it. I recommend it highly.
Click to expand...
Click to collapse
Any noticeable effects on performance and battery life?
Lookout App.
Cerberus is a life saver! When both my Galaxy Nexus and my wallet were stolen in a restaurant I could track my mobile using a friend's phone within 2 mins after noticing the theft. I directed the police to the shop based on Cerberus' tracking and eventually got both my mobile and my wallet back within 15 mins after the call.
The issue with tracking a tablet without 3G is that you will only see it once it's logged into a wireless network rather than on the go. You'd also need to activate a pin which could be deactivated at home by an app like Tasker.
I suggest you also use Avast to scan for malware and as second protection which could survive a factory reset but not a new rom.
Sent from my Galaxy Nexus using xda premium
Yeah I'm testing thanks I will check seems kind of better than avast, not sure if this app will survive to factory reset, custom recovery should have password or something xD the bad it's nexus 7 doesn't had 3g u.u oh well thanks all
Enviado desde mi HTC One X
zen kun said:
i was thinking use "pattern" or pin unlock screen, but its annoying doing this on every time i want unlock my screen
Click to expand...
Click to collapse
Protection is sometimes not convenient, but if you don't have a code lock your device is wide open to whom ever picks it up.
Pattern or Pin Lock
When I am out, I use a pattern lock on all devices. If I am home for the weekend, I turn it off however it is turned back on before I leave the house.
Cerberus
I use this on my Nexus and it works good. You do need to have a WiFi connection which limits it greatly since I never allow my device to connect to a public WiFi... but with the lock out, 5 tries and the device locks.
Backups
While the data is fairly secure, losing the data and even perhaps more important the time and effort setting up the device in the first place, means that using a good backup and having that available OFF the device so that if it is lost/stolen/destroyed, I can simply re-root and then restore and have it back to where I was when the backup was made. I do full backups every Sun.. and other occasionally when I make big changes.
Two Factor Authentication
When Possible, use 2-Factor authentication. If you not using it, you should look into it.
Check out the app Android Lost on the play store.
It securely links with your gmail account and does not do any polling to servers so it saves your battery.
When you lose your phone it allows you to do many many things such as activate an alarm, track using gps or wifi, take a picture with the front or rear camera, wipe the phone or lock it and many more features. All remotely.
Best part is its free and has a minimal footprint on device.
Check it out!
Run L1ke H3LL said:
Check out the app Android Lost on the play store.
It securely links with your gmail account and does not do any polling to servers so it saves your battery.
When you lose your phone it allows you to do many many things such as activate an alarm, track using gps or wifi, take a picture with the front or rear camera, wipe the phone or lock it and many more features. All remotely.
Best part is its free and has a minimal footprint on device.
Check it out!
Click to expand...
Click to collapse
The Nexus 7 is not a phone, so it doesn't by default it doesn't have SMS, it by itself has no 3G/4G communications. The only way you can talk to it is via WiFi.
I use Android Lost on all my phones... but since my phone uses the same same gmail account, it can't control the Nexus, hence the use of Cerberus.
is cerberus better than where's my droid?
krelvinaz said:
The Nexus 7 is not a phone, so it doesn't by default it doesn't have SMS, it by itself has no 3G/4G communications. The only way you can talk to it is via WiFi.
I use Android Lost on all my phones... but since my phone uses the same same gmail account, it can't control the Nexus, hence the use of Cerberus.
Click to expand...
Click to collapse
I use my Nexus tethered to my phone so it uses WiFi. I suppose if I lost it would still connect to the WiFi networks in my area and I could locate it by those methods. My cable company provides public WiFi which is ubiquitous so 90% of the time if I'm not tethered I have data.
Sent from my Nexus 7 using Tapatalk 2
hoponpop said:
is cerberus better than where's my droid?
Click to expand...
Click to collapse
Much better.
---------- Post added at 12:12 AM ---------- Previous post was at 12:10 AM ----------
nyijedi said:
Any noticeable effects on performance and battery life?
Click to expand...
Click to collapse
None at all.
If u really want to protect ur data, I suggest don't root the device and encrypt the entire tablet. Then set up a PIN to unlock. Security often means you have to give up some convenience at times but the reward is satisfying.
Also like some one already suggested use 2-factor auth for FB and make sure u deprovision the tablet account when u find it lost or stolen.
Sent from my Nexus 7 using xda app-developers app
I use seek droid for my phones, but purchased cerberus with my gift moolah and am happy with its performance and have also installed it on my Acer a500. The Developer is active with the community and has beta releases that fix some of the JB bugs.
So how secure is the Cerberus site? What's the dev's credentials in IT security? Is he just some dude with an app?
In signing up for this, you're putting the ability to remote-wipe/track/spy your online life into some dude's hands. You're paying him 3 bucks and hope he can keep it secure. Can he? In mitigating one risk (device theft), you're incurring a new risk of having your device remote wiped, or being spied upon, if the site gets hacked. Good trade-off?
With a one-time fee of $3, I don't see that much incentive for the dev to continuously maintain security, assuming he even has the expertise. It's his hobby, not his livelihood.
From a cursory inspection of the Cerberus site and its support forum, I don't see the word "security" or "2-factor authentication" anywhere.
Ditto SeekDroid or any similar app.
e.mote said:
So how secure is the Cerberus site? What's the dev's credentials in IT security? Is he just some dude with an app?
In signing up for this, you're putting the ability to remote-wipe/track/spy your online life into some dude's hands. You're paying him 3 bucks and hope he can keep it secure. Can he? In mitigating one risk (device theft), you're incurring a new risk of having your device remote wiped, or being spied upon, if the site gets hacked. Good trade-off?
With a one-time fee of $3, I don't see that much incentive for the dev to continuously maintain security, assuming he even has the expertise. It's his hobby, not his livelihood.
From a cursory inspection of the Cerberus site and its support forum, I don't see the word "security" or "2-factor authentication" anywhere.
Ditto SeekDroid or any similar app.
Click to expand...
Click to collapse
Have to somewhat agree with the sentiment here.. that said, I'm presently using the Cerberus demo on my N7 and it appears quit good.... would prefer this to have been a mainstream vendor product ....
Sent from my Nexus 7 using xda app-developers app
Seek droid, and I think I only paid $.99
Sent from my Nexus 7 using Tapatalk 2
They have some really good reviews on their web site. And from very qualified sources,check it out. I just installed Cerberus and tested out great.
Sent from my Nexus 7 using xda app-developers app
>They have some really good reviews on their web site. And from very qualified sources,check it out. I just installed Cerberus and tested out great.
Yes, very qualified. Hahah.
Here's a "review" maybe you should read. It's by Cerberus itself (emphasis added). Welcome to spyware.
https://www.cerberusapp.com/privacy.php
THE INFORMATION LSDROID COLLECTS
REGISTRATION INFORMATION: You provide to LSDroid certain personally-identifiable information (such as device ID number, wireless operator / operator, your name, email address, etc.) when choosing to subscribe to the LSDroid Services.
LOCATION INFORMATION: To provide the LSDroid Services, we derive location information from your wireless operator, certain third-party service providers, or directly from the mobile device that you used to register with the LSDroid Services. This location tracking of your mobile device may occur even when the LSDroid Services mobile application is not actively open and running, but your location is being securely transmitted and logged in accordance with your privacy and opt-in settings.
COOKIES, PERSISTENT FILE INFORMATION: When you use the LSDroid Services, we may send one or more cookies (small text files containing a string of alphanumeric characters) to your computer. LSDroid may use both session cookies and persistent cookies. A session cookie disappears after you close your browser. A persistent cookie remains after you close your web browser and may be used by us during your subsequent visits to the LSDroid Web site. Persistent cookies set by the LSDroid Web site can be removed. Please review your web browser "Help" file to learn the proper way to modify your cookie settings.
LOG FILE INFORMATION: When you use the LSDroid Services, our servers automatically record certain information about your usage from your mobile device and web browser. These server securely logs may include information such as a mobile device identification number and device identifier, web requests, Internet Protocol ("IP") address, browser type, browser language, referring / exit pages and URLs, platform type, number of clicks, domain names, landing pages, pages viewed and the order of those pages, features used in the LSDroid mobile application, the amount of time spent on particular web pages, the dates and times of your requests, and one or more cookies that may uniquely identify your browser.

Any app that can log all phone activity?

Ok long story short having trouble with one of my kids, I have an app (couple tracker) installed that allows me to see location, sms, and Facebook messages, but what I need is and app that can basically log all activities that I can install and hopefully password protect. I'm mainly looking to see what all email addresses get logged into via apps and Web browsers. And would also like to know what websites my kids been visiting. App does not have to be hidden but needs to be to where I can install it and it can't be tampered with.
Sent from my Nexus 6 using Tapatalk
msd24200 said:
Ok long story short having trouble with one of my kids, I have an app (couple tracker) installed that allows me to see location, sms, and Facebook messages, but what I need is and app that can basically log all activities that I can install and hopefully password protect. I'm mainly looking to see what all email addresses get logged into via apps and Web browsers. And would also like to know what websites my kids been visiting. App does not have to be hidden but needs to be to where I can install it and it can't be tampered with.
Sent from my Nexus 6 using Tapatalk
Click to expand...
Click to collapse
Get them a flip phone
msd24200 said:
Ok long story short having trouble with one of my kids, I have an app (couple tracker) installed that allows me to see location, sms, and Facebook messages, but what I need is and app that can basically log all activities that I can install and hopefully password protect. I'm mainly looking to see what all email addresses get logged into via apps and Web browsers. And would also like to know what websites my kids been visiting. App does not have to be hidden but needs to be to where I can install it and it can't be tampered with.
Click to expand...
Click to collapse
Well first off, there is no such thing as installing something that is beyond tampering. Especially not with a Nexus -- these things are DESIGNED FOR tampering.
At the moment, I'm not aware of any system developed in this manner to offer the type of monitoring that you are proposing.
One of the big issues with this, is that in order for it to work in a user friendly manner, it would actually require that EVERY application be modified to cooperate with it.
Otherwise, you're stuck basically with remote access and digging through system logs and application databases manually.
It is also worth noting that certain applications like the web browsers actually have privacy modes (some people call them "porn" mode) where they won't actually log activities.
The reason why sms can be relayed using the program you found, is that the sms database is system-level, not application-level. It is designed so that you can choose your own sms front-end, while leaving the complex telephony software at the root of it, all alone.
By the sounds of things, the problem you are having with your kid is beyond what you can deal with by adding controls and monitors to his/her phone. Since the kid knows you are watching, they WILL find alternative means of making those communications that you clearly don't want happening -- the ones you are watching for. You are going to have to find a better way to deal with this.
You want a keylogger, I've never used one on Android but a quick search popped this up http://www.vagueware.com/keylogger-software-for-android-phones/
Not sure if any work, search around for keylogger and find out you feel comfortable to try on your phone. Good luck

I need good hacker protection on my phone. Any suggestions?

I have noticed that my important email has been compromised. I've seen logins from the US (I've never been in the US) and even parts of Sweden that I have not visited (and by a browser that I've never used, so it's not me).
I am really surprised by this considering I use 2-factor authentication on it and my Note 8 doesn't even have Google authenticator visible. It is installed but I've hid it and use it by going to app store and searching for it.
All my important websites are protected by 2-factor authenticator. Except for my phone. I have BitDefender antivirus but I am not sure if this is enough.
I need something really strong to protect my phone from people accessing it and its apps. Mainly a protection against keyloggers.
My phone is rooted if that makes any difference.
Also, I don't mind if it costs money. I will pay well for top notch protection.
Nebell said:
I have noticed that my important email has been compromised. I've seen logins from the US (I've never been in the US) and even parts of Sweden that I have not visited (and by a browser that I've never used, so it's not me).
I am really surprised by this considering I use 2-factor authentication on it and my Note 8 doesn't even have Google authenticator visible. It is installed but I've hid it and use it by going to app store and searching for it.
All my important websites are protected by 2-factor authenticator. Except for my phone. I have BitDefender antivirus but I am not sure if this is enough.
I need something really strong to protect my phone from people accessing it and its apps. Mainly a protection against keyloggers.
My phone is rooted if that makes any difference.
Also, I don't mind if it costs money. I will pay well for top notch protection.
Click to expand...
Click to collapse
If it wasn't rooted I would just encrypt the sd card, make sure you have a good pattern/password and use Secure Folder for anything more sensitive. Between all that, bitdefender, and 2-factor authentication on accounts where possible, the only other thing I can think of is using a VPN when connecting to public wifi. Of course root breaks Knox though, so that changes things here for Secure Folder, etc. Maybe there are some other security apps you could use instead for sensitive stuff, as well as a firewall app, but root does run counter to maximum security.
Nebell said:
I have noticed that my important email has been compromised. I've seen logins from the US (I've never been in the US) and even parts of Sweden that I have not visited (and by a browser that I've never used, so it's not me).
I am really surprised by this considering I use 2-factor authentication on it and my Note 8 doesn't even have Google authenticator visible. It is installed but I've hid it and use it by going to app store and searching for it.
All my important websites are protected by 2-factor authenticator. Except for my phone. I have BitDefender antivirus but I am not sure if this is enough.
I need something really strong to protect my phone from people accessing it and its apps. Mainly a protection against keyloggers.
My phone is rooted if that makes any difference.
Also, I don't mind if it costs money. I will pay well for top notch protection.
Click to expand...
Click to collapse
Rooted phone = lack of security!
As soon as a phone is rooted there is little security as all the inbuilt security (safe folder & knox) are gone and banking apps won't work!
Sent from my SM-N9500 using Tapatalk
sefrcoko said:
If it wasn't rooted I would just encrypt the sd card, make sure you have a good pattern/password and use Secure Folder for anything more sensitive. Between all that, bitdefender, and 2-factor authentication on accounts where possible, the only other thing I can think of is using a VPN when connecting to public wifi. Of course root breaks Knox though, so that changes things here for Secure Folder, etc. Maybe there are some other security apps you could use instead for sensitive stuff, as well as a firewall app, but root does run counter to maximum security.
Click to expand...
Click to collapse
Thanks. I guess I already have enough security. I was baffled that my e-mail was compromised. Maybe it was, maybe it wasn't. I noticed no change to any of my files etc. But it does show suspicious logins from countries I have never been to.
robmeik said:
Rooted phone = lack of security!
As soon as a phone is rooted there is little security as all the inbuilt security (safe folder & knox) are gone and banking apps won't work!
Sent from my SM-N9500 using Tapatalk
Click to expand...
Click to collapse
Yeah thanks for the obvious pointer. But rooting a phone is a must. Also, all my banking apps work just fine. I am not dependant on Samsung.
As was mentioned earlier, use a VPN when using the internet. It does protect your IP and is handy to get to content you can't access from your country..
Nebell said:
Thanks. I guess I already have enough security. I was baffled that my e-mail was compromised. Maybe it was, maybe it wasn't. I noticed no change to any of my files etc. But it does show suspicious logins from countries I have never been to.
Click to expand...
Click to collapse
I assume you have already done this, but I would immediately change my password to that account (along with any other accounts that share the same password), even though you have rwo-factor authentication. Unless you logged in while on VPN or proxy, suspicious logins from other countries you haven't visited sounds like a red flag.
sefrcoko said:
I assume you have already done this, but I would immediately change my password to that account (along with any other accounts that share the same password), even though you have rwo-factor authentication. Unless you logged in while on VPN or proxy, suspicious logins from other countries you haven't visited sounds like a red flag.
Click to expand...
Click to collapse
I changed every important website to a password that is so hard to type I need to do it carefully every time. I got in contact with Fastmail (who btw is an awesome e-mail service, although paid) and they said that my phone is compromised.
Damnit.
I use my phone far more than my computers. They also suggested that I use a password manager but if my phone is compromised so easily then I probably am better off just getting better protection for my phone.
Nebell said:
I changed every important website to a password that is so hard to type I need to do it carefully every time. I got in contact with Fastmail (who btw is an awesome e-mail service, although paid) and they said that my phone is compromised.
Damnit.
I use my phone far more than my computers. They also suggested that I use a password manager but if my phone is compromised so easily then I probably am better off just getting better protection for my phone.
Click to expand...
Click to collapse
Damn that really sucks...sorry yo hear that. Hmm at this point I would backup photos, etc, flash stock firmware, and start fresh. Be careful with what you reinstall, as one of those apps/mods may possibly be the culprit.
@Nebell are you using sms to get your 2step-authentication code? maybe all your sms are being forwarded (via some malware app). You should be using a firewall if you are rooted.
Lots of apps have permission to access sms text messages and even send it.
Before i side load any apps, i use virustotal.com , go to website, upload APK file and if malware then install (if you must have it) but block it using firewall, any other red flags, then find another apk version or similar app.
Let Fastmail know of your breach and they can check which other devices or websites are registered/ linked to your account.
I suggest you backup your data, virus scan it all on a PC, wipe your android phone and start fresh. I use backup-your-mobile by Artur, to export my calendar, contacts, sms, call logs, etc. it works quite good.
good luck mate.
I think it might have been a false positive.
I reset my phone to factory settings and changed all passwords and suddenly "Ashburn US" login kept getting failed attempts on my email. But as soon as I reinstalled Edison Mail app and logged in, the success login from Ashburn US resumed.
It must somehow be connected to that app. I've sent a message to Edison and asked them if they are associated with that location. Maybe their server is located there or something, but I will wait and see what they reply before I take next action.
The fact that makes me believe this was a false positive is that I never noticed anyone reading my email or actually trying to do something, and I do have sensitive stuff in there.

Categories

Resources