How do I stop a root level attack through Google test adds on my ATT Galaxy S5?

A

AC Question

how do I stop a root level attack through google test adds on my ATT Galaxy S5

I have been suffering a root level attack on my ATT Galaxy S5 (not rooted) running Lollipop 5 and newest 5.1.1 The attack involves setting up alternate background connections to the internet that are then used to reroute DNS to dead ends or alternate locations. I cannot stop the loading of apps that are tagged as "system" so I cannot un-install. Current count is 311 system apps (seems to have topped out) and I have maybe 10 user apps of my own. Seems to be turning on every form of data sharing possible, facebook messenger, messages, emails, NFC, Directshare, Tethering, Audio connections of every kind, two phones (system information says I have two phones on my phone), screen savers, S beam (older versions), Link, video editing, text to speech, spoolers, sim-kits..., well you get the picture. There are many other issues but will stop here for now. I have been trying to get control of the phone for over a year and did not understand the severity of the problem. I know I cannot root (yet). Can I do other things like flash rom or upload new os? The big issue is if it is done through google test ads then whatever I do will be undone again. I did not seem to see any threads on this but maybe someone can steer me.
 

kayak krazy

Member
Nov 6, 2015
9
0
0
Visit site
Re: how do I stop a root level attack through google test adds on my ATT Galaxy S5

yes, it is an attack similar to that but as I understand it the ATT S5 running lollipop CANNOT be rooted yet so it appears that someone at google who can run test ads on my phone is doing it. They would have to gain access through very locked down enterprise access. I will send some pics of log.
 

kayak krazy

Member
Nov 6, 2015
9
0
0
Visit site
Re: how do I stop a root level attack through google test adds on my ATT Galaxy S5

First time on this forum. Sent up one wrong image. I have hundreds. Tested my phone for root and tried to root it two times but negative. Can this variant be rooted yet?
 

Javier P

Ambassador
Feb 21, 2014
19,480
3
0
Visit site
Re: how do I stop a root level attack through google test adds on my ATT Galaxy S5

Do you remember downloading any app outside Play Store, Amazon or Samsung?
 

thinkinfinity

Member
Sep 28, 2015
9
0
0
Visit site
Re: how do I stop a root level attack through google test adds on my ATT Galaxy S5

Have you ever installed apps outside of Google Play Store? Do you have an antivirus on your phone?
 

kayak krazy

Member
Nov 6, 2015
9
0
0
Visit site
Re: how do I stop a root level attack through google test adds on my ATT Galaxy S5

most offending apps found in /system/priv-app/ and cannot be deleted, although I have extracted some. One extraction is a pre config routine that seems to run right after a factory reset and then resets the phone again making you think you have a factory reset but is not.
 

kayak krazy

Member
Nov 6, 2015
9
0
0
Visit site
Re: how do I stop a root level attack through google test adds on my ATT Galaxy S5

maybe, over a year ago. have done factory resets since then (5 I think).
 

Javier P

Ambassador
Feb 21, 2014
19,480
3
0
Visit site
Re: how do I stop a root level attack through google test adds on my ATT Galaxy S5

Unfortunately this trojan seems to hide deep into the ROM and a factory reset or a system update don't touch it at all. I think only reflashing the ROM would work.
 

kayak krazy

Member
Nov 6, 2015
9
0
0
Visit site
Re: how do I stop a root level attack through google test adds on my ATT Galaxy S5

maybe, over a year ago. have done factory resets since then (5 I think).
 

kayak krazy

Member
Nov 6, 2015
9
0
0
Visit site
Re: how do I stop a root level attack through google test adds on my ATT Galaxy S5

Thank you for letting me know. I was new to android when I bought this phone and have been educating myself for a year now and have come to the same conclusion. Do you know if I am able to flash the rom myself? I am told that I can take the phone to best buy and have them do it. They might be gifted by ATT.
 

Javier P

Ambassador
Feb 21, 2014
19,480
3
0
Visit site
Re: how do I stop a root level attack through google test adds on my ATT Galaxy S5

I don't have any experience with the S5 and even less with AT&T phones :) I'll ask around and let you know. But if you can get a professional to do this process for you I wouldn't think twice.
 

Trending Posts

Forum statistics

Threads
942,379
Messages
6,913,759
Members
3,158,384
Latest member
FarajWala800