Secure compromised device - Android Q&A, Help & Troubleshooting

Hi everyone! This is my first post, but I have used the search tool already without success. I am just a user, not developer and quite noob regarding mobiles and security.
Situation
1. I've got hacked, total control (photos, emails, camera, contacts, whatsapp, screen etc) of my unrooted android phone (xiaomi redmi note 7).
It was a targetted attack, no manual app installed, no unsafe 3rd party apps allowed. Attackers only had my gmail account (linked to android) and telephone number. I know them personally, and they leaked personal information to people at work (who enjoy it between them but won't help me at all).
No high consumption of battery/data. Just leeching information, launching some apps eventually, and few interactions with the screen minimizing etc.
2. I Installed antimalware (e.g malwarebytes), antivirus (avg, esset etc). No positive results. I also installed "Noroot firewall" to control programs accessing internet, nothing strange.
3. I've changed emails(new), SIM + Telephone. Got hacked again. I suspect my own wifi was compromised.
Additionally, added 2 step verification to emails, changed passwords, encrypted the device etc. I have found no IP from them in the emails log, nor alert from gmail. Only once a session from Linux device (not mine). I believe they have accessed through the device.
4. I want to restore the device somehow and avoid getting hacked again.
One of the problems I face is taht that now I'm not in the same circle of people from which I gathered most of the info on the leaked information, so I can't get to know if the actions I am taking got rid of the hack, besides some punctual actions they may do (launch app etc). So I have to act quite paranoid and do the most secure action.
Question
1. Any idea on how they managed to do that? how can I prevent it or prove it? a reset would get rid of any proof, but I kinda prefer it if it is once and for all.
2. A hard reset only formats one partition (user data), so if there is a trojan located in /system it would be pointless. With an unrooted device I can only get rid of /cache and /data.
Should I install another ROM?(my phone has always been unrooted) which one? (restoring the stack ROM would probably be pointless if the vulnerability is due to android...
3. Is there any other measure I could take?
I'd appreciate any help.
Thank you!

Related

How to circumvent the Pocket PC Password

If you have a device password set then you think you are safe? Not necessarily if you also have some toolbar apps, like xBar or Pocket Nav.
On the xda you can get to the start menu and run programs by following these steps. For this example I use PocketNav.
Tap on the Pocket Nav icon and close the Password program.
Press the green Phone button to start the Phone application.
Type *#06#
The Start menu appears and you can now run programs that appear in the menu, and change settings and access data, but not run files in the Programs folder.
A soft reset puts the device back to normal.
8)
The password is like a car door lock--only keeps the average casual observer out. Your data is unencrypted and accessible in a variety of ways. If you have sensitive data, get encryption. Things like CodeWallet Pro are great for specific items, or get a system-level encrypter to hide contacts, schedule, etc.
Carlos said:
The password is like a car door lock--only keeps the average casual observer out. Your data is unencrypted and accessible in a variety of ways. If you have sensitive data, get encryption. Things like CodeWallet Pro are great for specific items, or get a system-level encrypter to hide contacts, schedule, etc.
Click to expand...
Click to collapse
All nice and well: you create an encrypted file-system on an SD-card. But given that the device has persistent RAM, I would tend not to trust any encryption solution at this time. I mean: anything you enter anywhere gets stored in RAM, and none of the regular Pocket PC user applications even attempt to clean up after themselves.
If I'm shown a text-aditor or an addressbook manager that was especially written to be secure, did not use things like the Pocket PC addressbook, and came with sourcecode, I could begin to trust it.
I guess it all depends on whether you need to store the launch codes for nuclear missiles or your Visa numbers. How much effort is a potential thief willing to put towards getting your device and then getting the data out?
The data in RAM can be encrypted also by most security programs. They don't create encrypted stores necessarily; they can encrypt the built-in contacts database for example.
Carlos said:
I guess it all depends on whether you need to store the launch codes for nuclear missiles or your Visa numbers. How much effort is a potential thief willing to put towards getting your device and then getting the data out?
The data in RAM can be encrypted also by most security programs. They don't create encrypted stores necessarily; they can encrypt the built-in contacts database for example.
Click to expand...
Click to collapse
Bruce Schneier said:
There are two kinds of cryptography in this world: cryptography that will stop your kid sister from reading your files, and cryptography that will stop major governments from reading your files. [...]
(preface to "Applied Cryptography")
Click to expand...
Click to collapse
Heh, exactly. Most of us only need to keep the "kid sister" or a person who finds a lost device out of our data. Some may need slightly more--to prevent a lost device from divulging a company secret, for example. If you really need to keep governments from reading data on your PPC, you should probably re-think your choice of storage device for such data.

[Q] How do we protect our Android device from the CelleBrite UFED?

Someone mentioned this in another thread, but this is a topic that should have it's own separate thread.
Some of you may have already read the news: Michigan: Police Search Cell Phones During Traffic Stops
Don't assume it won't come to your town.
I can't say I plan to do anything that would warrant police suspicion, yet I don't like the idea of anyone being able to easily pull data from my device. And we know cops won't be the only ones with these devices. So I've been wondering, how can we protect our Android devices from the CelleBrite UFED?
Check out this video that shows some of the features it has, keep in mind it does much more and can even extract DELETED data.
See the company's product page here: http://www.cellebrite.com/forensic-products/ufed-physical-pro.html
This research paper talks about the CelleBrite UFED and other extraction methods. (CelleBrite UFED is talked about starting on page 9.) I doubt there's a means to prevent all of those methods given some involve long term handling of the device, but CelleBrite UFED can extract data when a device is retained by the CelleBrite UFED user for a short period of time. It looks like HTC Android type devices can only be extracted from via the (micro)USB Port and it requires USB Storage and USB Debugging turned on. The CelleBrite UFED has to gain Root Access. It can get by screen passwords and root even a device that was not yet rooted.
There's another thread where someone was requesting a ROM that would not work with the CelleBrite UFED. I'm not sure how to make a ROM or anything else that would not work with the CelleBrite UFED without limiting certain features we all may use from time to time.
Over on Slashdot, someone said they hacked their device (Nexus One) to not do USB client mode. This is another option that would limit some features many of us may use.
So, how can we protect our privacy and our data? Does it mean sacrificing some features like USB storage mode?
The biggest problem is what's missing from Android itself. Meego might be protected but not Android.
You would need an encrypted boot loader that retains root for some users.
A kernel and os files that support different users so the default user is not root like Linux and a prompt with a password for superusers not just an Allow like now for Android.
Encryption libraries that would support truecrypt encryption of both internal and external (SD card) encryption in toto not just individual files.
A true trash system that overwrites files like srm in linux and sswap for wiping the swap file after every system reboot.
Ultimately I don't see it happening. In theory if you were running Ubuntu on your phone then yes cellbrite would just crap out not knowing what to do with your phone. Same possibly with meego. But then no real app support, no navigation and driver support is crap even for ROMs using the same os let alone a different OS like true linux.
It's amazing how many don't even bother deleting thumbnails hanging around on their computers or securely wiping files on their computer. Same with swap files retaining passwords or even website cookies that have the same password as their computer.
Best thing to do, don't keep anything that could be bad on your phone. Use a cloud system or home server sync that requires a seperate login every time and keeps no local files. Or as I do, encrypt the hell out of anything you find valuable, which currently is only my complete backups...
Sent from my Xoom the way it should be, rooted and with SD card.
This is where that cheap Boost Mobile phone comes in, or any other prepay phone. Just hand the officer that one. Store your personal data on your smartphone.
chbennett said:
Best thing to do, don't keep anything that could be bad on your phone. Use a cloud system or home server sync that requires a seperate login every time and keeps no local files. Or as I do, encrypt the hell out of anything you find valuable, which currently is only my complete backups...
Sent from my Xoom the way it should be, rooted and with SD card.
Click to expand...
Click to collapse
Hello, All. This is my first post at xda-developers!
Since I'm new to Android, data security has concerned me. Climbing the learning curve of rooting and tweaking my SGH-T989, I've focused on control, security, and privacy. So far pretty good, thanks largely to members' posts at this site. Thank you very much!
Then this thread crushed me. Visions of "1984", "THX 1138", "Terminator", etc.
I considered the suggestions here. Thoughts about the OS seem right to me, but that's beyond my abilities. I did try following chbennett's advice: I enabled encryption in my backups and moved them to the internal SD.
But I don't yet know how to do the 'home server / log in on demand' scheme for contacts and calendar. I will appreciate any help with that.
Meanwhile, I looked for a way to make a 'panic button' that would let me wipe my phone immediately. What I chose was making a contact whose phone number is the USSD code for Factory data reset.
Maybe Tasker, etc. could streamline this approach; but my trials showed that, unlike MMI codes (e.g., to toggle caller ID blocking), USSD codes cannot be submitted to the OS indirectly. So swiping a contact, direct dial shortcut, etc. did not work. On my phone, all that worked was either 1. manually dialing the code, or 2. dialing the contact name, then tapping the contact.
So the routine to use this 'panic button' is:
1. launch Dialer
2. dial the contact name
3. tap the contact name in the search results
4. tap "Format USB storage" in the "Factory data reset" dialog
5. tap "Reset phone" button in the "Factory data reset" dialog.
It sounds clunky, but it's actually pretty quick. I named the panic button contact "XXX" to avoid confusability when dialing (it needs only "XX" for a unique match.)
If you can suggest improvements to this scheme, or think it is misguided, please let me know. Thanks.
Any updates on this? I'm curious as to how to guard against ufed.
I think an instant hard brick option would be better so theres nothing to recover as i dont believe the factory reset is a secure wipe
Possibly a voice activated secret phrase or keypress u could say/do super fast in a tricky situation that autoflashes a corrupt/incompatible bootloader and recovery to device after secure superwipe that should stump them for awhile
im still interested in this i disabled usb debugging on my phone but unsure if the UFED can still access anything on my ICS full encrypted passworded evo3d im assuming they could dump the data at most but i highly doubt they could access the decrypted data unless you used an insecure pass
If you have encryption enabled for your data partition, then all you need to do is to turn off your phone when you see a cop. If they take it from you, they can turn it on and hook up their device, but they will only be able to snarf the system partition, which does them no good. They'd need your password to mount the data partition.
If you look around on this forum, you can find the steps necessary to switch the lock screen back to a simple pattern lock while leaving the disk encryption enabled.
Are you sure Cellebrite and UFED or w/e can't access encrypted data partion? I know it can take an image of the phone "hard drive". They then can run password tools against image to unlock it no?
dardack said:
Are you sure Cellebrite and UFED or w/e can't access encrypted data partion? I know it can take an image of the phone "hard drive". They then can run password tools against image to unlock it no?
Click to expand...
Click to collapse
I'd like to know about this too. I am about to set up encryption on my device and I'd like to know more about what type of attacks it can beat.
Edit to add: I assume brute force attack protection is like any other type of encryption.....dependent on the strength of your password. But, assuming we all know that already, I'm still curious about this.
If the question is how to protect your device when you think someone would scan your phone, you'd have to have some sort of inclination that a scan is about to happen. I'm assuming this is many people's concern as they're considering wiping their device through a quick process. In that scenario, just turn off your device. Unless you warrant suspicion of something fairly bad, they wouldn't be confiscating your cell phone.
smokeydriver said:
...Unless you warrant suspicion of something fairly bad, they wouldn't be confiscating your cell phone.
Click to expand...
Click to collapse
We all wish all law enforcement was just and honest, but so far in world history that has not been the case. Even a pretty woman may have her phone scanned by a curious cop snooping for pics.
Sent from my HTC One using Tapatalk 2
I would still like to know if there is an answer here...
So I recently had some dealing with assisting in a Cellbrite search. We initiated and enlisted the help of law enforcement for an employee who was doing some illegal activity which is not relevant to this discussion other than the person used an iphone. Anyway, the investigator came in and wanted to know if I can enable the bypass for the automatic screen lock in 5 minutes because when it locked, it disabled the Cellbrite copy.
Now, couple things here, he was only doing what he was "allowed' to do in the local municipality, and he did say they sell a more expensive Cellbrite device which would be able to crack it. I did find it interesting that the simple corporate Activesync policy I have set up was actually having this effect. Anyway I removed the policy and it worked. Funny thing is he could have done it himself had he known anything about that kind of thing. He was presented to us as an expert but I guess that mainly covered a basic Cellbrite expertise.
So, I do think encryption would be a great answer as the partition would be hard to bust in to. Nothing is impossible but I would rather not smash my phone on the highway next time I get pulled over so I would like to know definitively that this is the right approach. This is definitely not paranoia as there are at least 3 states where it looks like it happens regularly.
Time to look at a 2600 group for stuff like this I guess. I am early in my investigation
Later

[Q] Problems with developing a custom GS2 rom for medicinal purposes.

Hello to you all people of XDA, firstly I must state that I've scoured the forums far and wide and have yet to find some valuable info regarding my problem.
So what we're doing is developing (or trying to, as is obvious from this post) a custom rom for the Galaxy S2 which would be used for a single medical application for sensor tracking and the processing and displaying of said data on the SGS2, while at the same time sending it to his/her doctor.
What we need to be able to achieve with this rom is to put it into the hands of the end-user (a chronical patient which will in turn be able to stay at home instead of being hospitalized) and be able to completely lock down the phone for his use (I know, it sounds terrible) so that he loses the phone/sms/games/youtube/internet functionality as we need the phone to run as stable and for as long as possible without any additional battery stress (the constant sending, processing and processing of data seems enough of a problem for now).
I've searched into some custom roms but we eventually came up with the need for a stock Samsung rom which could be modified as we want to.
See this is where the problem begins, we can't seem to get the phone rooted, the ROM customized and then unrooted again so that the phone can't be fiddled with anymore, except when it's completely dead and we need to fix it.
So to cap it all up:
It needs to allow for a custom load and bootscreen (I almost got this to work)
It needs to be completely locked down for the end user.
It has to have full BT, NFC and WiFi functionality
It has to be able to call out and reciev calls, but only to/from specific numbers (911, doctor, etc..)
It has to basically allow for 2-3 programs to be running, while the others simply don't exist on the phone.
I am terribly sorry if anything like this has been asked about before, I swear I put 2 days of me life into researching already.
Any help, any help at all, ideas and solutions, but mostly links are welcome.
Thank you and good day to all.
Just a detail, but the SGS2 doesn't have the NFC functionality. Project seems to be possible, I would look into CyanogenMod sources if I was you.
Sent from my GT-I9100 using XDA App
Why are you afraid of leaving the phone rooted and in hands of the patient?
Is he so uncritical that he can search the web and find means of unrooting a mobile phone and then get around to actually doing it?
LucLucLuc said:
Hello to you all people of XDA, firstly I must state that I've scoured the forums far and wide and have yet to find some valuable info regarding my problem.
So what we're doing is developing (or trying to, as is obvious from this post) a custom rom for the Galaxy S2 which would be used for a single medical application for sensor tracking and the processing and displaying of said data on the SGS2, while at the same time sending it to his/her doctor.
What we need to be able to achieve with this rom is to put it into the hands of the end-user (a chronical patient which will in turn be able to stay at home instead of being hospitalized) and be able to completely lock down the phone for his use (I know, it sounds terrible) so that he loses the phone/sms/games/youtube/internet functionality as we need the phone to run as stable and for as long as possible without any additional battery stress (the constant sending, processing and processing of data seems enough of a problem for now).
I've searched into some custom roms but we eventually came up with the need for a stock Samsung rom which could be modified as we want to.
See this is where the problem begins, we can't seem to get the phone rooted, the ROM customized and then unrooted again so that the phone can't be fiddled with anymore, except when it's completely dead and we need to fix it.
So to cap it all up:
It needs to allow for a custom load and bootscreen (I almost got this to work)
It needs to be completely locked down for the end user.
It has to have full BT, NFC and WiFi functionality
It has to be able to call out and reciev calls, but only to/from specific numbers (911, doctor, etc..)
It has to basically allow for 2-3 programs to be running, while the others simply don't exist on the phone.
I am terribly sorry if anything like this has been asked about before, I swear I put 2 days of me life into researching already.
Any help, any help at all, ideas and solutions, but mostly links are welcome.
Thank you and good day to all.
Click to expand...
Click to collapse
Block all internet access apart from ones you want or you can just setup iptables rules, shouldnt need root apart from when setting it up
As far as removing programs, just delete the apks from the zip, or before you remove root. My sig has a list of all apks in a upto date rom and what they do.
You can use gemini app manager to control autoruns (stop them etc) also to block (hide and disable apps)
As far removing root, your best bet is to once you are done, use adb (from the android sdk) to remove the superuser.apk then flash the stock kernel back, as far as I know without superuser apps cant grain root permisions.
OR
This app will allow you to block any app behind a password
This app will block incoming and outgoing sms and calls on white and blacklists
Custom boot logo (the first screen before the animation)
Custom boot animation need to go into system/media, I am not sure about the format but there are loads around, like this thread has loads, stock kernel should support them.
I hope that helps
Most of that is easily possible.
If you listed the apps needing removed, the apk files just need deleted.
To control calls, you can use a third party app from market for that.
It's possible to have the custom rom unrooted, and easily flashed, regardless of how badly the phone gets rooted
Boot animation is easy anyway... If you can provide it in a zip like other ones (zip containing numbered png's) then it's a piece of cake.
A little bit of clever firewall stuff would prevent any web traffic, in or out, except to your defined server, which is obviously a concern when a phone is handling sensitive medical info.
genieass said:
Why are you afraid of leaving the phone rooted and in hands of the patient?
The phones are going to be used by around 500.000 people in a year, it's not that we want to take anything away from the user, it's more about not having any problems with the firmware - like ever.
Thanks for all the help!
Click to expand...
Click to collapse
genieass said:
Why are you afraid of leaving the phone rooted and in hands of the patient?
The phones are going to be used by around 500.000 people in a year, it's not that we want to take anything away from the user, it's more about not having any problems with the firmware - like ever.
Thanks for all the help!
Click to expand...
Click to collapse
LucLucLuc, not sure where you live, but you're entering the patient confidentiality minefield with big, big boots.
Apart from the legal considerations, your question is definitely OS related and not device related.
I see what you want, but legally - where I live anyway - it's too much of a grey area to get involved with.
I use call recording a lot for referrals and info from other doctors, but I've always asked the other party if they're OK with it. I won't record patient conversations, and I won't accept any files whatsoever that have seen RIS or PACS first - not worth it.
Can't see it's worth your while, but I'd appreciate it if you keep me informed should you decide to work on it.
Big boots indeed
We are from Slovenia, Europe.
I'm actually just a student doing the research and some basic Android programming, thank god I wasn't let into the bigger of the projects
But yes, this project is a colaboration of several european firms and you can read more about it at chiron-project.eu - it's a very very interesting project afaic.
I don't think we'll be swimming with lawyer piranhas soon though, the project uses sensor data (which sorta is a privacy issue) which will be monitored on a tablet running Android (currently testing the Galaxy tab 10.1 - we were lucky to order one before Steve had another one of his fits), proccessed in real time and then stored on the central server, from where it will only be accessible by the patients doctor.
Patient consents are dealt with before we even start talking about mobile hospitalizations.
It's very encouraging to see some actual interest, if anyone wants to know more about anything related to this project contact me at [email protected]
Thanks again for all the help.

[Q] How can I prove that my Android Device (SGS2) has been used by someone else?

Back Story:
My phone was left in my house (shared with other people) yesterday while I was at work. When I got home I was checking missed calls, voicemail etc and I noticed that some text messages were missing. I looked a bit more and it seems that 2 seperate sms message threads had been deleted and a number of contacts had been deleted too. Now, this has happened before to another housemate but we couldn't prove that it had been done. We are pretty sure we know who did it but I need concrete evidence that the phone was accessed.
Phone Specs: Samsung Galaxy S2, rooted, running CM7 latest nightly. I also have Cerebrus installed if that helps.
So my questions are as follows:
1) Is it possible to see what activity was happening on my phone yesterday? I don't have any "logging" software running.
2) Is it possible to retrieve the deleted SMS messages?
I work in IT so am pretty tech savvy, just not in the workings of the Android OS!
All help greatly appreciated.
P.S. I have already been able to restore the contacts that were deleted using the restore functionality in gmail.
The short answer is no. It is, at least in theory, possible to "undelete" stuff, but it isn't usually practical. Even if you did, you wouldn't have "proof" in the legal sense.
That said, I have been involved in a similar situation. Here's the approach we used. It is reasonable to assume that this behavior will continue. Therefore, get some logging software installed. Do NOT talk about it. Do nothing out of the ordinary. Just quietly install some software that will let you see what is going on with your phone. I know there are apps which will email an alert when accessed, snap a pic from the front-facing camera, log SMS to email, remotely lock the phone, etc etc. Based on what you need to accomplish, get these set up and then BE PATIENT. wait a few days (unless you normally leave your phone at home) and leave it again when the person in question might be around.
A pic would be sufficient proof I would think for confronting a roomie. If nothing else log your sms's. I use integrated Google Voice so I'd get an alert on my PC even if I didn't have the phone (very handy, that), but that may not be an option for you.
I also use SeekDroid for remote locking, and I -think- there's a remote camera provision, but it's at a higher paid level than I am subscribed to. At any rate that's my suggestions.
Or, the simple solution: Put a better lock code on your phone.
-JB
A lock code would help prevent the behavior in the future. For catching the vandal red-handed, I believe an app like Gotcha! may do what you need.

Perpetual Infection. Is it possible?

Hi guys, I was just thinking if my PC , from which i read emails sent for my gmail account which is the same account I have on my Android device , gets hacked one day, and the hacker also has some virus app hidden at Play Store, if he could remotely keep installing this virus app at my Android device perpetually , even if I format my device .
Gmail is pretty bullet proof as long as you don't bring in downloads. What's kept in the cloud, stays in the cloud.
Never in over 12 years had a virus infect either Android or Window device via Gmail. Which is why I use it.
Most infections are downloaded or installed by the user including those nasty jpegs and pngs. Had one recently that destroyed files in my downloads folder but never got beyond that.
Perhaps because I discovered it within minutes and was able to isolated it ie delete it.
Simply changing your password after the Android reload would defeat the hacker anyway. Right?
For real paranoia there are viruses that can allegedly escape a reload purge by hiding in what should be immutable areas of the internal memory. Presumably only a firmware reflash could eradicate them.
The SD card is another hiding place...
Keep at least 2 hdd backups of it that are physically and electronically isolated from each other. Enforce this isolation if there is the slightest sign of malware until it's eliminated.
Losing your head with a infected device can destroy your whole data base... got to keep them separated.
It may get one, even two devices but not the isolated hdds unless you screw up bad.
Tks for the reply and for the hints
The reason for my thread was that I got at my new tablet, an adware which would pop up the Google Play Store with the app IQ Option ( a Forex app , from IQ Option ) . The IQ option "pop up" started after installing Netflix , Amazon Prime and... a paid calculator app called Calculator Infinity from Inception Mobile.
I already contacted Samsung which asked me to take the tablet to the repair service, I contacted Google which asked me to take numerous steps which didnt prove succesful, including formating the device.... It has stopped after 2 months, not sure why ( Android update??? Banishment of IQ Option Forex of Brazil due to law transgressions??) . I dont think it was the law enforcement since I saw some cases reporting this virus at another foruns after the banishment of IQ Option... Due to the pandemic, I didnt take the tablet yet to service repair. Planning to do it at march. But I would like some more advices... Dont want to migrate in the future for IOS because of this.
P.S: Ive already flagged the app at the Google Play Store, but Im afraid Im pointing the wrong culrprit... Nothing happened , so maybe Google didnt find anything...
If you reloaded the OS that should be the end of it unless you installed it after the reload or it's in your data that you added after the reload.
It may not be the app(s) you suspect...
Scan with Malwarebytes.
Thats the question, it was a new tablet . I instaled only Netflix, Amazon Prime and when I put this calculator app, the problem started. As soon as the the problem started, I ran the antivirus that comes with Samsung tablet ( McAfee ) , and nothing was detected, I later instaled Avast, nothing was detected, then AVG, nothing was detected again, but the problem continued for 2 months.
@malandrex
Forget all the mentioned scanners and comparable ones: they all are absolutley useless on Android. These scanners all exist for one purpose only: to pull money out of the pocket of fearful Android users like John Doe / Jane Doe
Take note that latest Android versions by default come with AVB ( read: Android Verified Boot ) feature, what prevents any changes can be made to Android's system - of course unless this feature gets disabled by user ( what is a bit complicated because user must know how to modify device's bootloader ).
Knowing this you must not fear Android's system gets infected, IMO.
jwoegerbauer said:
@malandrex
Forget all the mentioned scanners and comparable ones: they all are absolutley useless on Android. These scanners all exist for one purpose only: to pull money out of the pocket of fearful Android users like John Doe / Jane Doe
Take note that latest Android versions by default come with AVB ( read: Android Verified Boot ) feature, what prevents any changes can be made to Android's system - of course unless this feature gets disabled by user ( what is a bit complicated because user must know how to modify device's bootloader ).
Knowing this you must not fear Android's system gets infected, IMO.
Click to expand...
Click to collapse
So what does explain the autonomous opening of Google Play at the app IQ Option on my new Galaxy tab s6 which was acquired at the beginning of 2020? This behavior lasted from february to april and resisted, during this period, inumerous factory resets. Was it caused from an adware installed by the calculator app?? Was an app remotely installed from a PC virus that used the same Google account of the tablet? Or was something else?

Categories

Resources