Is this phone Android 13 hacked?

[Joshua Britz1]

My fiance has a Samsung galaxy s21 5g, with Android 13 through Verizon, she has been dealing with very odd and sometimes malicious activity occurring on her phone and in her accounts. She has been getting messed with by some unseen person or thing to the point where it is seriously causing us both to have relationship issues because at first she thought I was the one responsible. Can anyone clarify as to what the stuff in these screenshots means?

 

[B. Diddy]

Welcome to Android Central! Looking through System and Event Logs will probably be futile, because unless you're an Android engineer, all you'll do is worry yourself even more as you encounter more and more things you're not familiar with (i.e., pretty much all of it).

Read these for now:

“I’ve been hacked” - Android Forums at AndroidCentral.com
[GUIDE] How To Avoid Malware - Android Forums at AndroidCentral.com

If your fiance has not followed those basic guidelines, they put themselves at risk for being taken advantage of by opportunistic people. Keep in mind that the most effective "hack" is not malware, viruses, spyware, etc. -- it's social engineering, which means falling victim to phishing, or using/re-using weak passwords that are easy to guess, or sharing passwords with others, etc.

 

[fuzzylumpkin]

OK, What made you /her start digging through system logs in the first place? They aren't useful to anyone without context, and, as Diddy mentioned, they certainly aren't something an average user should be poking around. That way leads to madness.

I notice in the screenshots that accessibility services are activ(that "little person" icon) is this something she actually uses? because you can do some pretty nasty stuff with full accessibility access... which I am actually a bit hesitant to mention, what I'm asking is what accessibility services are running? I'm not saying "all accessibility services are bad if you have one on your phone THAT IS A MALWAREZ VIRUS, BURN YOUR PHONE NOW!".

 

[rvbfan]

Nice work, I think they set it alight.

Sent from my Pixel 6 using Tapatalk

 

[fuzzylumpkin]

Nice work, I think they set it alight.

Sent from my Pixel 6 using Tapatalk

You can't prove that was because of me! I specifically told them NOT to!

 

[mustang7757]

My fiance has a Samsung galaxy s21 5g, with Android 13 through Verizon, she has been dealing with very odd and sometimes malicious activity occurring on her phone and in her accounts. She has been getting messed with by some unseen person or thing to the point where it is seriously causing us both to have relationship issues because at first she thought I was the one responsible. Can anyone clarify as to what the stuff in these screenshots means?

Welcome to AC!

That doesn't mean your hacked , just means you don't understand those logs .

 

[belodion]

she has been dealing with very odd and sometimes malicious activity occurring on her phone and in her accounts. She has been getting messed with by some unseen person or thing

Have you told the police about this?

 

[Golfdriver97]

Most of those screenshots seem to be tied to SPay:

- [COLOR=var(--color-prettylights-syntax-keyword)]package[/COLOR]com.samsung.android.smartclip;

Here is a code sample on GitHub:

https://github.com/pandalion98/SPay...droid/smartclip/SmartClipDataCropperImpl.java

If you are truly worried about hackers, I would sign out of the phone, reset, and create a new gmail with a long password. Minimum 18 characters. Use a favorite movie quote, with no spaces. From Jaws: youregonnaneedabiggerboat would take a long time to crack:

Any paid apps, songs, etc....You won't really be able to recover. Your phone security takes precedence over purchases anyway.

 

[Mooncatt]

If you are truly worried about hackers, I would sign out of the phone, reset, and create a new gmail with a long password. Minimum 18 characters. Use a favorite movie quote, with no spaces. From Jaws: youregonnaneedabiggerboat would take a long time to crack:

Yeah, about that...

https://lifehacker.com/using-common-phrases-makes-your-passphrase-password-use-5893510

"The trouble though is that so many people, when they embrace passphrases, use common phrases from books, popular movies, memorable quotes, sports teams, or other proper nouns that are easily guessed. A group of researchers from Cambridge University recently published a study (PDF link) where they found that using a dictionary of these common phrases allowed them to crack open about 8,000 passphrases in Amazon's old PayPhrase system. They conclude that passphrases as a password system ultimately provide less then 30 bits of security, which they note is too weak to withstand most online attacks."

Basically there are password dictionaries floating around the web for hackers to use to shortcut the brute force method. Movie quotes are not special here.

https://github.com/initstring/passphrase-wordlist

And before you suggest "just use a random obscure movie quote," most people won't do that, it can make it harder to remember, it'll become even harder over time as a person's password list grows, and these dictionaries only grow over time to add more possibilities.

Your jaws quote would probably get hacked in a few minutes or less with one of those dictionaries.

That's why password managers are pretty much the only long term solution these days. Ironically, that Life Hacker article suggested at the end ways to modify and strengthen pass phrases and then to store them into a manager. Any half decent manager has a built in random string generator that can create super strong passwords instantly, rendering that entire article moot.

 

[fuzzylumpkin]

Yeah, about that...

https://lifehacker.com/using-common-phrases-makes-your-passphrase-password-use-5893510

"The trouble though is that so many people, when they embrace passphrases, use common phrases from books, popular movies, memorable quotes, sports teams, or other proper nouns that are easily guessed. A group of researchers from Cambridge University recently published a study (PDF link) where they found that using a dictionary of these common phrases allowed them to crack open about 8,000 passphrases in Amazon's old PayPhrase system. They conclude that passphrases as a password system ultimately provide less then 30 bits of security, which they note is too weak to withstand most online attacks."

Basically there are password dictionaries floating around the web for hackers to use to shortcut the brute force method. Movie quotes are not special here.

https://github.com/initstring/passphrase-wordlist

And before you suggest "just use a random obscure movie quote," most people won't do that, it can make it harder to remember, it'll become even harder over time as a person's password list grows, and these dictionaries only grow over time to add more possibilities.

Your jaws quote would probably get hacked in a few minutes or less with one of those dictionaries.

That's why password managers are pretty much the only long term solution these days. Ironically, that Life Hacker article suggested at the end ways to modify and strengthen pass phrases and then to store them into a manager. Any half decent manager has a built in random string generator that can create super strong passwords instantly, rendering that entire article moot.

Exactly. any common (or uncommon) phrase is a bad idea and is about as secure as Password1234. as you say, you should use a password manager (that isn't LastPass) and make sure that whatever pass phrase you use is a string of randomly generated nonsense words so it isn't easily ccrackable when LastPass gives away your vault in one of it's password vault giveaway events.

You can use a mnemonic to remember your passphrase, but honestly these days I think it's probably better to have a very strong passphrase written down and hidden in a safe place than a weak password that you can remember. (Note, a safe place is not your wallet or anything else that you would have with you or be easily accessible to other people.)