Related
I jumped on the bandwagon and installed the 2.1 Leaked rom for my Droid Eris as soon as possible.
Last week my gmail accounts password was stolen. Also, my gmail account was sending out spam.
I ran a ESET32 Anti-virus security scan and found no threats. Afterwards I ran Malwarebytes and also found the same results, nothing. I changed my gmail password and all other accounts associated with my gmail.
I am a competent computer user and keep my Windows 7 64bit install clean, tidy, and updated. I use Google Chrome to browse the web carefully and I only visit websites I trust. Although it is very possible, I find it highly unlikely that my system was infiltrated.
I assumed I screwed up somewhere and my desktop was hacked.
Heres where the interesting part starts, Although I changed my password around a week ago, apon logging into Gmail today I was notified about my account being accessed on June 3 (3 days ago) from 6 different Chinese Ip's. I changed my password and security question today and closed all of the email sessions located in China.
My system shows 0 threats after running ESET ENOD32 Anti-Virus and Malwarebytes.
I don't have any other device that stores my Email password besides my Droid Eris.
I could be stepping out onto a limb here, but I still have to enter my Gmail password everytime upon opening the Android Market. I know this has been listed as a bug before. Also, I can't enter my password to enter the Market unless my 3G AND GPS is turned on. It does not work if the GPS is off.
Could it be possible that everytime I enter my GMAIL password into the Market app, it sends a copy out to China?
Why does my GPS have to be turned on to accept my password?
Is the "leaker" from china who released the 2.1 ROM to XDA a trusted source?
Help me out guys!
update to the latest leak and you wont be having these problems
rohanic said:
Is the "leaker" from china who released the 2.1 ROM to XDA a trusted source?
Click to expand...
Click to collapse
The leak, although it appeared to come from riverrunner, actually was leaked by one of the devs that has put in a lot of work in making the eris awesome.
Like Royel said, update to the latest version of the leak and you shouldn't have any of the password login problems.
Not sure about the gmail problems, but I've been running all the leaked versions and had no problems so far.
This post prompted me to check on my account also
Confirmed, IP in China has been logging into my gmail account also.
LexusBrian400 said:
This post prompted me to check on my account also
Confirmed, IP in China has been logging into my gmail account also.
Click to expand...
Click to collapse
Where do you find out how to check.
Log in to Gmail, scroll all the way to the bottom. It will show which IP you last logged in from. Next to it is a link, I think it says "details". A window will pop up showing you all IP addresses that your account has been logged in from.
korben dallas said:
Where do you find out how to check.
Click to expand...
Click to collapse
I am a new user, so I can't post links to the how to. Basically log in to gmail, click on settings, scroll down to the bottom where it shows how much storage you are using, just below that in tiny print is "last account activity", click on details.
I just checked the details on my account and I am getting no logins from China, or anywhere that isn't me.
Just a thought, but have you checked to see if it's the same IP address each time? If so, you may be getting a weird IP address from VZW that google is geo-locating to be from China even if it isn't.
Unless we start getting a lot more people confirming this, I would say it is probably not an issue with the leaked rom but more likely something else (virus on your computer, an app that logs into google accounts for you).
wow, weird. i've often checked my "last account activity."
i'll randomly get some logins (all mobile logins) from another state (Michigan... right next door to me). i imagine it's just due to the IP that i'm getting on my phone...
now, i've NEVER seen anything from China before... and i've run just about all the leaked ROMs out there
strange indeed... i'm assuming all the "china" IP's were mobile logins?
I just checked mine and I had multiple logins from two different IPs. The ones from a desktop were my IP (in Oklahoma) and all of the ones from a mobile device were from a Florida IP. I logged off all of the other accounts and changed the password to a long string of letters and numbers, then logged in on both my desktop and my phone. After that the same two IPs were logged in, so apparently my verizon IP is somewhere in Florida.
I'm not sure why they would use an IP in china, but it could be a similar thing happening to you guys.
While blocks of IP addresses are allocated regionally (hence the different IP registries such as ARIN, RIPE, and APNIC, this happens at very small prefixes (huge blocks of IP addresses).
Geo-location of an IP address is imprecise for a wide variety of reasons. (Despite what you see on popular "crimefighter" TV shows). An AS (BGP Autonomous System) can emit packets from multiple points within their network, depending on instantaneous routing conditions; this is especially true for large national carriers such as Comcast, Verizon, Sprint, AT&T, etc.
One thing that no-one mentioned here is that every one of the Leak ROMs were cryptographically signed by somebody at HTC. If there is malicious code in the ROM, it came from HTC. Seems kind of unlikely. Feasible, but still seems unlikely.
bftb0
Leak isn't sending out passwords. In fact, if i remember right your pass isn't stored on the phone, a key is.
Virus scan won't catch everything, especially new things.
1) Do any OS upgrade on your PCs, I recommend for non techies http://tinyurl.com/m7r5h or for techies http://tinyurl.com/mkly.
2) change all your passwords
3) dont cross use passwords
4) choose complex passwords >10char in length.
jcase said:
Leak isn't sending out passwords. In fact, if i remember right your pass isn't stored on the phone, a key is.
Virus scan won't catch everything, especially new things.
1) Do any OS upgrade on your PCs, I recommend for non techies http://tinyurl.com/m7r5h or for techies http://tinyurl.com/mkly.
2) change all your passwords
3) dont cross use passwords
4) choose complex passwords >10char in length.
Click to expand...
Click to collapse
2nd to that, also Another great one for techie http://www.archlinux.org only if you like getting ur hand dirty and learn more about how Linux work from ground up, less hassle than doing Linux from Scratch lol, although it's fun, very rewarding experience and it'll come in handy when you want to do ROM cooking since it's based on Linux.
Just opened my viewsonic Gtablet from Tigerdirect. Ran the OTA update and now running 3588, otherwise straight out of the box.
I am unable to log into any account using an app (mail, contacts, skype, tdameritrade, twitter apps). I am able to log in fine when I visit the website and login through the web.
Is there someplace I have to grant apps permissions to use the internet? Why can't I log in?
Thanks.
Just checking if anyone else had this problem. If not other responses, I'll let this thread die. Thanks for reading.
seldeen said:
Just opened my viewsonic Gtablet from Tigerdirect. Ran the OTA update and now running 3588, otherwise straight out of the box.
I am unable to log into any account using an app (mail, contacts, skype, tdameritrade, twitter apps). I am able to log in fine when I visit the website and login through the web.
Is there someplace I have to grant apps permissions to use the internet? Why can't I log in?
Thanks.
Click to expand...
Click to collapse
No. There is no special place to grant permissions to use the internet. Do you get any kind of error message? Force Close? Some indication of symptoms might help us diagnose the problem.
Get an app called Superuser. You will need to root the tab, as well. I think there's something like "oneclickroot" out there.
Honestly, grab a custom ROM, they all come with this standard.
Rooting shouldn't be necessary to make any of those apps work so I doubt that will help him.
Google login fails, 2 step verification is culprit
This may not solve your problem, but it knocked me for a loop for a whole evening with my new motorola defy this week.
You get a new android device, and everything looks so nice, but then you try to log in to your google account. Repeatedly. You keep getting an error that says the username or password are wrong, even though you can log in on your pc. OBVIOUSLY the password is fine, but it wont work on your new android device.
Well, if you turned on 2-part authentication then you have a problem. (If you have never heard of 2-part authentication then move on, you would have to have done this on purpose and it is way to painful to forget having done it.)
Android doesnt support 2-part authentication. So you have to generate a special password for your android device.
Start by logging in to gmail, or whatever google service you wish. Go to your account settings (the little gear-looking thing in the upper right.) Under Personal Settings, Security you'll see an entry called "Authorizing applications & sites". Go here and make an entry for your device, and it will generate a special password for that specific google application that doesnt happen to support 2-part authentication. Enter your super-secret password.
Suddenly the world is golden.
Probably not what the OPs problem was, but I wanted to put it SOMEWHERE.
grrrr....
update to this...
I pushed the app "Android Lost", and "Android Lost Jumpstarter".
I was able to
1) have the phone call me with this app,
2) get the phone number,
3) request a password reset on the t-mobile account
4) pull the texted password from the phone,
5) login to the tmo account
6) acquire owners name, address, lines
7) pulled GPS location, went to her work location.
8) Gave her a chance to return my phone. After refusing, had a police office retrieve my phone.
Wonderful app. Will be donating.
Plan B fell short. Way short.
I lost a phone recently, and someone found it. Unfortunately, the one who found it was not honest, and it has not been returned.
I found the app "Plan B", which is wonderful, except i never got the emails giving me any location info. The person who now has the phone has swapped sim's, so i cant text "Locate" to it. Also, since google play wont allow you to uninstall, Im pretty much stuck now. What i really need is a app like Plan B, but one that listens to email, or reports back to a server, and can be deployed via google play without any intervention on the phone. I just need a current in use phone number emailed to me... or a location...
Anyone have any ideas?
Thanks!
Click to expand...
Click to collapse
If you had Google maps installed, and you joined Latitude on the device. You can check it's location through Google Maps on your PC at home.
TEAM MiK
MikROMs Since 3/13/11
doink.
Could anyone out there tell me if the S Note that you got with the ICS update - NOT downloaded from S Choice, or from the file that I saw floating around the forum, just the ones that came with ICS automatically - matches the following permissions?
- Your personal information
add or modify calendar events and send email to guests without owner's knowledge, read Browser's history and bookmarks, read calendar events plus confidential information, read contact data, read user defined dictionary, write Browser’s history and bookmarks, write contact data
- Services that cost you money
directly call phone numbers, send SMS messages
- Your location
coarse (network-based) location, fine (GPS) location
- Your messages
edit SMS or MMS, read SMS or MMS, receive SMS or MMS
- Network communication
control NFC, create Bluetooth connections, full internet access
- Your accounts
acts an account authenticator, manage the accounts list, use the authentication credentials of an account
- Storage
modify/delete USE storage contents
- Hardware controls
change your audio settings, record audio, take pictures and videos
- System Tools
allow Wi-Fi Multicast reception, bluetooth administration, change network connectivity, change WIF state, change WIMAX state, change your UI settings, delete all application cache data, disable keylock, format external storage, modify global system settings, mount and unmount filesystems, prevent phone from sleeping, retrieve running applications, write sync settings.
Why I want to know, if you're interested:
I didn't get S Note with my ICS update (SGH-i717R - Canadian, Rogers), and after a song and dance with support, was told by one agent/one email support to download it from the S Choice app store ... and by one call agent that I should stay away from it because it's not from Samsung and possibly malware.. Since S Note was supposed to come with the update, and only My Story needed additional downloading, I was a little wary.
My misgivings started with the bad grammar in the description, the different developer from the My Story app, and finally, the giant pile of permissions it wants. I've tried a slew of things to get S Note/Premium Suite to initialize, and am now at either reflashing the update, which I'd like to avoid since the phone works fine and I don't know what the hell I'm doing, or mailing it in “to the lab,” which I'd like to avoid because apparently not all of Samsung knows what it's doing either, judging by some of the answers I got. So I'd like to just do a comparison to see if the original S Note that comes with ICS also has these permissions. If it does, then I'm just going with the S Choice one and stop trying other things.
Thank you for any help!
Anyone? I know it's a bit of an oddball question, but..? (Unless nobody got it with ICS, which wouldn't surprise me, either.)
Matches what i have... I dont think its anything bad. Samsung proabably wants snote to have full functionality. Insert contacts and be able to call them from the app, geo tag your location etc... Look at the permissions of facebook... They are not that different.
Sent from my Samsung-I717
IMM76D.UCLF6+FJMOD-BUILD2
Stampaufaz said:
Matches what i have... I dont think its anything bad. Samsung proabably wants snote to have full functionality. Insert contacts and be able to call them from the app, geo tag your location etc... Look at the permissions of facebook... They are not that different.
Sent from my Samsung-I717
IMM76D.UCLF6+FJMOD-BUILD2
Click to expand...
Click to collapse
Fantastic - thanks! I was mostly put off by the description of the app "this application is S note can make own note." doesn't exactly scream "I am legit software put out by Samsung, download me!" But if it's pretty much what the original has, then I'm fine.
Again, thanks!
Last week I noticed a device under my Google Play account (My Devices) that is not mine, a phone on a Romanian cell phone company network. I also noticed that someone from Russia had accessed my Gmail account. I changed my Gmail password (the old one was alpha-numerica,random, with symbols) and turned on two step authentication.
The Gmail account seems to be ok. The contacts all there and no messages removed or messages sent by people other than me.
The only sign of the intrusion is about a dozen "free" apps ordered by that device. It included sketchy gambling apps, a child's game that from comments I read has adult advertisements, and ringtones. After I changed the password there are new "free" media on the account - books and various video. These appear to be from a different user - all in English as opposed to Russian and nothing sketchy.
My guess on how this started - I downloaded an app with about 100 reviews. The next day the "free" apps started to appear, and the unauthorized device also was added the next day.
My SGS 3 isn't rooted. For Jellybean it seems that I have to wait for a stable root, should be another few days.
I contacted the Play Store support and they were of no help. They referred me to Gmail support but Gmail doesn't offer phone support. I think only support on a Google Group forum.
Any idea how this could have happened and how to get this device off of my account? My PC's are secure and my primary PC is Linux.
starfcker69 said:
Last week I noticed a device under my Google Play account (My Devices) that is not mine, a phone on a Romanian cell phone company network. I also noticed that someone from Russia had accessed my Gmail account. I changed my Gmail password (the old one was alpha-numerica,random, with symbols) and turned on two step authentication.
The Gmail account seems to be ok. The contacts all there and no messages removed or messages sent by people other than me.
The only sign of the intrusion is about a dozen "free" apps ordered by that device. It included sketchy gambling apps, a child's game that from comments I read has adult advertisements, and ringtones. After I changed the password there are new "free" media on the account - books and various video. These appear to be from a different user - all in English as opposed to Russian and nothing sketchy.
My guess on how this started - I downloaded an app with about 100 reviews. The next day the "free" apps started to appear, and the unauthorized device also was added the next day.
My SGS 3 isn't rooted. For Jellybean it seems that I have to wait for a stable root, should be another few days.
I contacted the Play Store support and they were of no help. They referred me to Gmail support but Gmail doesn't offer phone support. I think only support on a Google Group forum.
Any idea how this could have happened and how to get this device off of my account? My PC's are secure and my primary PC is Linux.
Click to expand...
Click to collapse
I have the IMEI # of the phone added to my account, also the model number (registered in Russian Federation). Could the IMEI be useful? I can PM if interested.
Imeis are quite useful to many people...Just don't pursue this on xda.
Sent from my Galaxy Nexus using xda premium
My account too was almost hacked.
I signed into youtube and a notice was shown that someone from ip in china tried to log into my google account and it denied them and i changed my password. No weird apps nothing.
The thing is probably the app you downloaded.
Just because it has 100 downloads doesn't mean its malware but you need to check permissions always.
Even big games like "Paper Toss" has been know to sell peoples info to companies.
When you read permissions. There should be a list of all the options the app requests.
Be Smart. If you download a calculator, It shouldn't have access to your personal identy, messages and the big key is internet access.
If you download a calender it may need access to contacts but it it also needs internet access, its probably is storing your contacts and sending them out to a site that then sells to a company and lastly, your grandparents receive phone calls asking if they want to buy a service and use your name as who referred them.
Also. rooting is a good option. With an app on here called pdroid or droidwall you can download those apps but it will alert yyou when the app wants to use a permission (like internet) and gives you the option to allow or deny.
good luck
I have one update. I think that after I changed my password and went to two step verification, the purchases of "free" apps and media stopped. It's been four days and nothing new added. So far so good. Thanks for the replies. BTW, Google of no help.
I'd still like to know how the Gmail account was compromised - I may never know.
similar thing just happened to me (Galaxy Note) appeared on my account from no where. When I contacted google if they can help or if they are interested in tracking him down, all they said was we cant help you. And change the pw. Obviously I know that I need to change the pw. I know Apple would have tracked it down somehow if it was an iphone. My pw has 22 characters number letter symbols yet it was hacked.
Since google is not helping me I installed Android Lost app on this NOTE and waiting to get a location update via email. I know it wont do anything much and I cant do anything against him or her since no paid apps were downloaded. Still I would like to do something to crooks like this. He only had 6 apps installed (facebook,viber candy rush) and terminal emulator (which worried me).
I really hope that Android close their unlimited backdoors in the OS.