Recovering Photos From An Old Phone With Malware On

Associate
Joined
24 Jan 2012
Posts
1,062
As per the title really. My brother in law was telling me that he lost a few photos on a old phone before he had Google backing them all up. I'm happy to have a go at helping him but turning to the OCUK hive mind in case it's something anyone's dealt with before.

I have a feeling there must be something that can be done, either launching into safe mode or ADB via a computer. Problem is he's never wanted to connect it to a PC if there is indeed something harmful on it. I also doubt he's the kind of person who would have enabled 'allow installs from unknown sources' or whatever the setting is, so I'm not entirely sure how he's got anything on there. I think he said the phone is an old Samsung S8.

The way he described the malware just sounded like a dodgy app to me. Apparently he can turn the phone on and if he's quick enough just use the phone normally for a short period before a ransom screen pops up blocking him from doing anything else. Sounds to me like it's something that takes a little while to launch at startup but not necessarily untouchable and if we could just get into the system we might be able to remove it?

Any ideas welcomed, cheers!
 
Assuming the ransom screen isn't counting down to a doomsday event - encryption/wipe, I'd probably use a bootable USB drive to bit into Linux and then mount the phone as storage and read the files off.

Then back into Windows with the phone unattached and virus check the jpegs.

The ransomware might stop this but I doubt it.
 
Back
Top Bottom