“I’ve been hacked”

Status
Not open for further replies.

belodion

Co-Ambassador Team Lead
Moderator
Jun 10, 2014
39,695
644
113
Smartphones have brought out various kinds of neurotic and paranoid reactions from users. The technology is difficult to understand, and it is easy for us to allow ourselves to suspect that bad things are happening, when in fact they’re not. Android Central regularly receives posts from guests who are convinced:

• That their phones are hacked.

• That notification icons seen on a partner’s phone are an indication of secret sexual relationships.

• That manufacturers intentionally install software bugs in their products in order to hobble a device or render it so obsolete that the customer will be driven to buy a later model.

•That someone is watching them through their front-facing camera.

• That their phone calls are being monitored or recorded.

• That something sinister has caused their photos to appear on someone else’s phone, or someone else’s photos to appear on their phone.

• That the Instant Apps auto-downloads, even though auto-updating of apps may be switched off, is some sort of malware.

• That their partners have hacked into their phones and are controlling and altering accounts and monitoring activities.

• That certain app permissions - such as the permission to make phone calls which may use credit - are malevolent and purposely designed to spend the user's credit fraudulently; or that permissions are designed to invade privacy for malevolent purposes, such as access to Contacts or Photos.

• That certain items mentioned in their - or a partner's - search history are inexplicable and mean something sinister.

• That certain system apps have a sinister purpose; for example, that the LIA Informant app means that incriminating evidence about them is being passed directly to the police, FBI or other security agency.

The favourite by far is being hacked. “I’ve been hacked”, people say, and sometimes, “I know who it is and can provide proof”. Why they think that anyone would wish to hack them is never explained. Reassuring answers and explanations from us are often ignored or disbelieved.

Of course, bad things do happen on phones, but they are very unusual and it is almost certain that innocent explanations can be found. This of course is where the difficulty lies: it can be difficult to know where to look. We may be able to help there, but otherwise, it is unwise to jump to the worst conclusions when simpler ones are more probable.
 
Last edited:
  • Like
Reactions: Mr. Lucky
"I've been hacked" 2

I'll add to belodion's excellent guide:

The likelihood of getting "hacked" in the Hollywood/Mr. Robot sense is very low. Breaching the security of a modern device takes a good amount of knowledge and skill (especially if the user follows some basic precautions), so unless the person suspected of "hacking" one's phone is a known tech wizard, there is most likely a less sinister explanation for what is going on. There are three general categories of concern: (1) a device that is behaving erratically, (2) other people seeming to know a lot about a user's personal life and activities, and (3) fear that someone else has access to a user's sensitive accounts (like their Google account).

If you think about it, erratic device behavior (such as phantom screen touches, random keypresses on the keyboard, apps opening automatically or crashing, random nonsense messages being sent, etc.) would be a useless manifestation of being hacked. A hacker's goal is to infiltrate a system and obtain information (like credit card and personal identification data) without being detected. If a hack just threw a phone into disarray, that would immediately alert the user, and the hack would essentially be a failure. It is much more likely that erratic behavior is due to a software or hardware problem. For example, phantom screen touches or random keypresses can be due to a poorly fitting screen protector -- the first step in that case would be to remove the screen protector and see if the problem persists. App crashes are typically due to glitchy code or some screwy data -- the first step there would be to clear the app's cache and data in Setting>Apps, then see if the problem persists.

Unfortunately, cyberstalking has been and will continue to be a problem (and make no mistake, it's a crime). But the ability for a person to know a lot about what a user is doing, where they are, and who they're with usually doesn't have anything to do with spyware. If a user overshares their life on social media (Facebook, Twitter, Instagram, TikTok, you name it), then anyone who can see those posts can learn a lot about that user and their activities. The important thing here is to be conscious of what you're sharing on the web, and with whom you're sharing it.

There is always some possibility for online accounts to become compromised at some point. How likely that is depends on a user's account security habits. An account that does not have 2-factor authentication turned on and that has a non-random, relatively easy-to-guess password that has been used multiple times in various other accounts is much more likely to be compromised than one with 2-factor turned on (preferably using an authenticator app and not SMS as the 2nd factor, since the latter can be intercepted) and with a password that is difficult if not impossible to guess or crack with a brute-force attack.

Here are some general tips and guidelines:

  • If your device is behaving erratically, see if it persists after a regular reboot, or booting into Safe Mode. (If the problem goes away in Safe Mode, then you know that something you installed is causing the problem.) If it's possible to wipe the cache partition, try that as well. Removing the screen protector or the case might solve phantom touches.
  • Be conscious of what you share on social media, and with whom you're sharing it. If you're worried someone is tracking you, don't say where you are, and don't tag your location or who you're with. Avoid posting to the general public; instead, post only so friends (and I mean friends that you know and trust) can see it.
  • Take advantage of 2-factor authentication wherever you can, but avoid SMS as the 2nd factor if possible, since that can be intercepted. It's best to use an authenticator app like Google Authenticator or Authy, but if that's not an option, then a voice call for the 2nd factor is the next best option.
  • Do not reuse the same password across multiple sites. Although it can be a hassle to maintain unique passwords for all of your sites and accounts, it can be easier with a good password manager (like LastPass or 1Password) -- then you just need to remember a master password (which should be very complex).
  • If you think any account has been compromised, then immediately change the password (again, to something that is either random or otherwise difficult to guess).
  • If you have incontrovertible evidence that someone has hacked your device or your accounts, or is cyberstalking you, then bring that evidence to the local police, or report it to the appropriate government agency. In the US, it's the Internet Crime Complaint Center.
  • See also my guide on how to avoid malware: [GUIDE] How To Avoid Malware - Android Forums at AndroidCentral.com
 
Last edited:
Status
Not open for further replies.

Forum statistics

Threads
958,681
Messages
6,977,441
Members
3,164,119
Latest member
vinod681