Anyone know how to get rid of this WI-Fi connection?

[potatoguy]

Found this WI-FI connection on my phone, not sure how it got there, and can't get rid of it .

"5099251212"

Googled it and found a few people are finding it on their phones and can't get rid of it. Some think its a hacker.
Anyone ever come across it any suggestions on getting rid of it.
Been said some have done a reset on phone and it still there.

 

[N4Newbie]

What phone/OS is this?

On mine, at the bottom of that screen would typically be "More settings." From there, I can long-press on any network and then tap "Forget network."

 

[potatoguy]

Samsung S7 Nougat.
Any other wifi connection has "forget" network, then long press and its gone, but not that one..........

 

[N4Newbie]

Samsung S7 Nougat.
Any other wifi connection has "forget" network, then long press and its gone, but not that one..........

Well, that *is* interesting and I too would be a bit concerned about it.

I don't have any further advice, though. Anyone else?

 

[Gayle Lynn]

Reset Network Setting ?

Block that number. I use ESET to block unknown and hidden phone and message numbers.

Oh, and reboot and check your router for firmware, change used and password in case that was entry point.

 

[potatoguy]

Did the reset and got rid of all networks except for that one and BELL_WIFI.......

When I get home all reboot the router.

 

[N4Newbie]

Did the reset and got rid of all networks except for that one and BELL_WIFI.......

When I get home all reboot the router.

Who is your carrier? What country are you in?

Is there a chance that this is carrier-related; like if your carrier has city-wide Wi-Fi service (like Xfinity does here in many parts of the US)?

 

[potatoguy]

Canada and Bell.

The Bell WI-FI could be, but not sure where that # WI FI connection would be from

 

[Gayle Lynn]

Did the reset and got rid of all networks except for that one and BELL_WIFI.......

When I get home all reboot the router.

Interesting. Could it be your SIM? Was there an update right before this? Triggered me to look and found something similar I think.

Settings -

Connections. Data Usage.

Restrict Networks.

In there you might be able to block it.

 

[potatoguy]

Yes I did put a restriction on it.

I never replaced the sim, but when I googled the #, the page I was looking at with comments about

that mysterious #. One poster said they had replaced the sim, and it was still there. So for now I guess

I'll have to be happy with putting the restriction on it until I can find out who or what it is.

And I don't recall an update , but then again I just found this the other day. So how long its been there I don't know.

 

[potatoguy]

Interesting. Could it be your SIM? Was there an update right before this? Triggered me to look and found something similar I think.

Settings -

Connections. Data Usage.

Restrict Networks.

In there you might be able to block it.

//uploads.tapatalk-cdn.com/20171212/1e2d88d4e8695138aad8b472bc80b9de.jpg

And it looks like you have a similar WI-FI# network on your phone.

Found this article .

https://arstechnica.com/information...ones-vulnerable-to-device-hijacks-over-wi-fi/

 

[Gayle Lynn]

Interesting. Could it be your SIM? Was there an update right before this? Triggered me to look and found something similar I think.

Settings -

Connections. Data Usage.

Restrict Networks.

In there you might be able to block it.

//uploads.tapatalk-cdn.com/20171212/1e2d88d4e8695138aad8b472bc80b9de.jpg

I found that is present after enabling use of AT&T Wireless. When I turned that off it was no longer listed in available WiFi networks or Restricted access.

 

[potatoguy]

How did you disable AT&T Wireless? I would like to try to disable the BELL WI FI and see if that makes a difference.

 

[Gayle Lynn]

I didn't disable. I merely turned off AT&T WIFI and told it not to use or look for an AT&T hot spot.

 

[potatoguy]

Ok, Not sure how to do that.

 

[ashleedawg]

[Note, this forum isn't letting me post links, so I'll try try abbreviating the url's]

I guess there's no update on this issue?

I have the same issue with a mystery connection "5099251212", was do apparently many many others, yet nobody has any solid answers

I'm running Android 9 on a Samsung S8+ (originally from carrier Bell Canada).

I did find a vague mention of this in a research paper (pdf attached) about malicious networks, but i'm not clear on whether it was implying that this specific SSID is a concern.


From the pdf:

"We are able to accurately evaluate unique devices using the UUID-E value as the unique identifier. We filter for any instance where the device sends a directed probe, retrieving the SSID value for each. Sorting by most common occurrence the top three most common SSIDs were BELL WIFI, 5099251212, and attwifibn. The SSIDs BELL WIFI and 5099251212 are used by the mobile carrier Bell Canada for seamless WiFi offloading."

(I cant find anything backing up that statement.)

Numerous others have made(vague) mentions of this, such as:
github.com/BramBonne/privacypolice/issues/40
forum.xda-developers.com/t/cant-forget-5099251212-and-bell_wifi-networks-on-lg-g4-virgin-mobile-canada.3518058
arstechnica.com/information-technology/2017/04/wide-range-of-android-phones-vulnerable-to-device-hijacks-over-wi-fi

This is probably an unrelated coincidence, the the telephone number 509-925-1212 is apparently registered to someone named "Mohamad Hussain" of Kennewick (near Tacoma in Washington State....while both me and my phone ahave always been Canadian... But probably irrelevant anyway.)

When searching for that number I aIlso saw several references to "Karma Attacks" but again (as far as I can tell) nothing concrete either way. (Karma, aka "Evil Twin" attacks, are a method of opportunistic Man-in-the-Middle attacks, often via public wifi hotspots)
Wikipedia: wikipedia.org/wiki/KARMA_attack


SOMEONE, somewhere, knows for sure what this is all about! ... But whom?!

Does anyone have any further insight?

 

[B. Diddy]

Are you with Bell Canada? It might be worth calling their tech support to confirm if that SSID is related to them, as previously suggested in that other site.

Considering that the PDF is a scholarly article, it seems pretty trustworthy.