S7 Edge compromised question

Kainz

Kainz

Kainz

Soldato
Joined
15 Dec 2002
Posts
23,927
Location
In a cowfield, London, UK
Hey all,

I need to run this by you all as I need some suggestions.

A neice of mine contacted me earlier asking about her S7E running 7.0 as she believes it may have been somehow comprised by an ex who is accurately quoting names in her contacts as well as being able to work out her approximate location.

She's a bit far from me so I can't sadly check her phone out myself. I've asked her to check for signs of Cerberus and Find My Device but they aren't installed.

Does anyone know of ways this chap could have got into her phone? If her Google account was compromised I'm sure she'd know. Personally I believe he's bluffing but who knows.

Any ideas guys? Cheers.
 
Find my device is built in to android, it'll be installed. However, you get a notification when someone tracks you.

Also, isn't Cerberus designed to be undetectable? It can survive a reset and can be hidden from app drawers.

Change the Google account password to be on the safe side. Also, have a look at currently logged in devices to see if there is anything suspicious.

Not saying it is either of these, just thought I'd mention it.
 
Both the google accounts with location services on, etc. and the Samsung software can be used to remotely see contacts and location.

If and depending how it is setup the Samsung account can be used to remotely lock and even wipe/disable the device BTW so you want to change passwords ASAP if that is setup.
 
Before messing around with the phone, first check the google account on a pc in the section where it shows a list of all logged in devices and see if there are any that shouldn't be. You can log out of them from there.

Having access to the google account would show all her contacts and gmaps would show her approx location.
 
Cheers guys, you're helping heaps.

Cerberus WAS designed to be undetectable - it can be hidden from the Appdrawer yes but the latest builds thanks to Googles policies means that it must display that the target phone has been 'located'. The developer has an apk on his site that can still be manually downloaded and bypasses this.

Checking the google account is a great suggestion, thanks for that. I'll give it some thought as to how to handle this as she may not be clued up accessing her account online. I'll also get her to change her password asap.

Good point about the Samsung account - hopefully that hasn't been setup. I'll check with her.
 
You must log in or register to reply here.
Back
Top Bottom