1. hackedup's Avatar
    My Epic 4g touch has been hacked by someone. I am going through a divorce and have little doubt who and why it was done. I dont currently have access to a computer to even try and fix it. I downloaded a few permission notifocation apps today and found out whoever is doing this has complete control of my phone. They are taking video audio pics sending files out by mms and gmail they are making outgoing calls and recording my calls. when i hang up a call it stays connected for a few minutes my brother and a few freinds called me back and told me they could hear me. I lose my connection every time i try to lookup a lawyer its insane. Sprint is useless they tried to do a reset but it doesnt reset anything. Ihave over 200 apps on my phone that i never installed. Here are a few of them.

    mobile tracker
    Key logger
    Bluetooth sharing
    Gogle framework
    Wifi sharing
    keylock disabler
    Mms provision
    Service mode
    Wifi sharing manager
    Log provider
    Badge permission
    I realize some of these are normal apps but these all have long version numbers and there are multiples of the same apps witj different version numbers there are 5 task managers that use version1.5.13 ,1.6, 1.3.tz.5, 2.3.7, and 3.3.4.
    Please advise
    02-15-2012 05:36 PM
  2. Paul627g's Avatar
    If you want to at least put a stop to things until you can straighten things out and/or get a computer I would call Sprint up and report the phone as missing/lost and just ask them to put the line/phone on vacation or missing... I did this with my daughters phone a few times at no cost. Once I found the phone a 5 minute call to Sprint reactivated the line.

    At least in the mean time all activity incoming or outgoing from the phone will be shut off.
    02-15-2012 06:07 PM
  3. hackedup's Avatar
    Unfortunately I need it right now its my only phone and my only access to the internet. I need both for my job.
    02-15-2012 06:10 PM
  4. hackedup's Avatar
    My is kernel version now says 2.6.35.7-SPH-D710.EL29-CL852097 it was on ek02 yesterday
    Also my phone number and msid are different

    I also have a prl 60683
    An meid with a dec and hex that i can post if it will help lmk
    02-15-2012 06:35 PM
  5. JayWill's Avatar
    My is kernel version now says 2.6.35.7-SPH-D710.EL29-CL852097 it was on ek02 yesterday
    Also my phone number and msid are different

    I also have a prl 60683
    An meid with a dec and hex that i can post if it will help lmk
    That is the stock EL29 kernel version and the standard retail Sprint customer PRL. EK02 was the previous firmware version, so it sounds like you installed the EL29 OTA update. Or someone did.

    Did you perform a factory reset on your phone? If not I would try that, and I would do it from recovery not from the phone menu itself. To do that ...

    1) Power off your phone
    2) Remove your SD card if you have one installed.
    3) Hold down the Volume Up and Power buttons simultaneously.
    4) Continue holding the Volume Up and Power buttons until the Android System Recovery menu is displayed.
    5) Once you are on the Android System Recovery menu, select the wipe data/factory reset option. Moving the selection up and down is done with the Volume Up and Volume Down buttons. Once you have the wipe data/factory reset option highlighted, you select it by touching the Home button.
    6) Once you have chosen the factory reset option, you will see a confirmation screen. Highlight the Yes delete all user data option and touch the Home button to select it.
    7) The procees of wiping the phone should only take a few seconds and when it is finished, you will be returned to the Android System Recovery menu.
    8) Highlight and select the reboot system now option

    Your phone will reboot back into normal operating mode (this first boot will take a little longer than usual). Also, you will lose all system data but I'm guessing that's not a primary concern of yours right now.

    Good luck.
    02-15-2012 07:14 PM
  6. shiftr182's Avatar
    All the apps you mentioned above are stock system apps. Your kernel version changed because Sprint just did an update not too long ago. MSID and phone number usually are different.
    02-15-2012 09:30 PM
  7. sfhub's Avatar
    Usually those zombie phone apps install themselves in the rom /system partition and hide themselves from app management. They do this so they can survive factory resets, which only reset /data

    I would just use the ek02 odin one-click to reset your phone.
    http://forum.xda-developers.com/show....php?t=1409634
    02-15-2012 10:28 PM
  8. JayWill's Avatar
    Usually those zombie phone apps install themselves in the rom /system partition and hide themselves from app management. They do this so they can survive factory resets, which only reset /data

    I would just use the ek02 odin one-click to reset your phone.
    forum.xda-developers.com/showthread.php?t=1409634
    Good to know. The only problem in this case is the guy doesn't have access to a PC right now. Maybe he should take it in to a Sprint repair center and have them reflash the entire ROM.

    Edit - Or maybe mobile Odin if he can manage it.

    Sent from my SPH-D710 using Tapatalk
    02-15-2012 11:39 PM
  9. hackedup's Avatar
    Usually those zombie phone apps install themselves in the rom /system partition and hide themselves from app management. They do this so they can survive factory resets, which only reset /data

    I would just use the ek02 odin one-click to reset your phone.
    forum.xda-developers.com/showthread.php?t=1409634
    02-16-2012 08:13 AM
  10. hackedup's Avatar
    Thanks for the advise
    . i have reset this phone with the vol key 5 times or more. it doesnt help. immediately after confirmi g the wipe it scrolls a cross in red "backup enabled" all that changes are all my settings and contacts. it doesnt even remove the google acct.

    I am pretty sure it is running a java middle attack with jar i can see all the files just as its described on wikipedia. i just dont know how to get it ofg every file i delete comes back through a hidden usb tether. I was able to remove the gmail account which ended up with 20 google apps attached to it, i only used gmail. i have insurance on it and i am considering just upgrading to something else. i love the phone this sucks. anyone have any last suggestions. Im using an app lock for now thats a pita but it seems to be working for now. i havent seen any new log files or call minites since i installed it.
    02-16-2012 08:30 AM
  11. sfhub's Avatar
    Thanks for the advise
    . i have reset this phone with the vol key 5 times or more. it doesnt help. immediately after confirmi g the wipe it scrolls a cross in red "backup enabled" all that changes are all my settings and contacts. it doesnt even remove the google acct.
    Reseting using the vol key doesn't reset everything. It is more like a baby reset, just erasing your user data, but leaving places where black hat apps can hide.

    If you have access to a PC, use the reset method I mentioned earlier. it is a more complete reset.
    02-18-2012 01:35 PM
  12. bigboy96's Avatar
    I didn't know that this phone could be hacked
    03-10-2012 01:06 AM
  13. ElectroWiz's Avatar
    A quick fix is a factory reset. You will go back to the status of when you first purchased it. Try to save any pictures of anything of importance to you before you do the factory reset though. Good luck.

    Update: Sorry I did not see that you had already tried doing the factory reset.
    03-10-2012 04:45 PM
  14. dtm_stretch's Avatar
    Fellas, this thread is old. The OP double posted also and has been helped in another thread.
    03-10-2012 05:00 PM
  15. Paul627g's Avatar
    Fellas, this thread is old. The OP double posted also and has been helped in another thread.
    Taken care of dtm. Threads have been merged.

    Thanks.
    dtm_stretch likes this.
    03-10-2012 05:07 PM
LINK TO POST COPIED TO CLIPBOARD