Related
Last week I noticed a device under my Google Play account (My Devices) that is not mine, a phone on a Romanian cell phone company network. I also noticed that someone from Russia had accessed my Gmail account. I changed my Gmail password (the old one was alpha-numerica,random, with symbols) and turned on two step authentication.
The Gmail account seems to be ok. The contacts all there and no messages removed or messages sent by people other than me.
The only sign of the intrusion is about a dozen "free" apps ordered by that device. It included sketchy gambling apps, a child's game that from comments I read has adult advertisements, and ringtones. After I changed the password there are new "free" media on the account - books and various video. These appear to be from a different user - all in English as opposed to Russian and nothing sketchy.
My guess on how this started - I downloaded an app with about 100 reviews. The next day the "free" apps started to appear, and the unauthorized device also was added the next day.
My SGS 3 isn't rooted. For Jellybean it seems that I have to wait for a stable root, should be another few days.
I contacted the Play Store support and they were of no help. They referred me to Gmail support but Gmail doesn't offer phone support. I think only support on a Google Group forum.
Any idea how this could have happened and how to get this device off of my account? My PC's are secure and my primary PC is Linux.
starfcker69 said:
Last week I noticed a device under my Google Play account (My Devices) that is not mine, a phone on a Romanian cell phone company network. I also noticed that someone from Russia had accessed my Gmail account. I changed my Gmail password (the old one was alpha-numerica,random, with symbols) and turned on two step authentication.
The Gmail account seems to be ok. The contacts all there and no messages removed or messages sent by people other than me.
The only sign of the intrusion is about a dozen "free" apps ordered by that device. It included sketchy gambling apps, a child's game that from comments I read has adult advertisements, and ringtones. After I changed the password there are new "free" media on the account - books and various video. These appear to be from a different user - all in English as opposed to Russian and nothing sketchy.
My guess on how this started - I downloaded an app with about 100 reviews. The next day the "free" apps started to appear, and the unauthorized device also was added the next day.
My SGS 3 isn't rooted. For Jellybean it seems that I have to wait for a stable root, should be another few days.
I contacted the Play Store support and they were of no help. They referred me to Gmail support but Gmail doesn't offer phone support. I think only support on a Google Group forum.
Any idea how this could have happened and how to get this device off of my account? My PC's are secure and my primary PC is Linux.
Click to expand...
Click to collapse
I have the IMEI # of the phone added to my account, also the model number (registered in Russian Federation). Could the IMEI be useful? I can PM if interested.
Imeis are quite useful to many people...Just don't pursue this on xda.
Sent from my Galaxy Nexus using xda premium
My account too was almost hacked.
I signed into youtube and a notice was shown that someone from ip in china tried to log into my google account and it denied them and i changed my password. No weird apps nothing.
The thing is probably the app you downloaded.
Just because it has 100 downloads doesn't mean its malware but you need to check permissions always.
Even big games like "Paper Toss" has been know to sell peoples info to companies.
When you read permissions. There should be a list of all the options the app requests.
Be Smart. If you download a calculator, It shouldn't have access to your personal identy, messages and the big key is internet access.
If you download a calender it may need access to contacts but it it also needs internet access, its probably is storing your contacts and sending them out to a site that then sells to a company and lastly, your grandparents receive phone calls asking if they want to buy a service and use your name as who referred them.
Also. rooting is a good option. With an app on here called pdroid or droidwall you can download those apps but it will alert yyou when the app wants to use a permission (like internet) and gives you the option to allow or deny.
good luck
I have one update. I think that after I changed my password and went to two step verification, the purchases of "free" apps and media stopped. It's been four days and nothing new added. So far so good. Thanks for the replies. BTW, Google of no help.
I'd still like to know how the Gmail account was compromised - I may never know.
similar thing just happened to me (Galaxy Note) appeared on my account from no where. When I contacted google if they can help or if they are interested in tracking him down, all they said was we cant help you. And change the pw. Obviously I know that I need to change the pw. I know Apple would have tracked it down somehow if it was an iphone. My pw has 22 characters number letter symbols yet it was hacked.
Since google is not helping me I installed Android Lost app on this NOTE and waiting to get a location update via email. I know it wont do anything much and I cant do anything against him or her since no paid apps were downloaded. Still I would like to do something to crooks like this. He only had 6 apps installed (facebook,viber candy rush) and terminal emulator (which worried me).
I really hope that Android close their unlimited backdoors in the OS.
Hey everyone, how do I sign into Themer? On my Galaxy S4 it gives me the option so sign in with Google or Facebook. I have neither. IF I DID HAVE TO CHOOSE BETWEEN THE TWO HOWEVER I would get a Google account just for Themer... but I don't know if that is possible. When I select to sign into Themer with Google, it tells me to choose a Google account when there is none on the device. What do? (derp) Thanks in advance.
Abethene said:
Hey everyone, how do I sign into Themer? On my Galaxy S4 it gives me the option so sign in with Google or Facebook. I have neither. IF I DID HAVE TO CHOOSE BETWEEN THE TWO HOWEVER I would get a Google account just for Themer... but I don't know if that is possible. When I select to sign into Themer with Google, it tells me to choose a Google account when there is none on the device. What do? (derp) Thanks in advance.
Click to expand...
Click to collapse
Hi there, we'd advise creating a simple Google account. We use this feature generally for security purposes as well as to display unread email count notifications (as the general population now use Gmail as their preferred email account).
Not everyone wants to participate in social media. I find it disappointing that Themer would require I do so, and is a deal-breaker for me.
Without a google account an android device has only half of its functions. I uderstand google+ but a normal google account?
Gesendet von meinem GT-I9505 mit Tapatalk
Abethene said:
Hey everyone, how do I sign into Themer? On my Galaxy S4 it gives me the option so sign in with Google or Facebook. I have neither. IF I DID HAVE TO CHOOSE BETWEEN THE TWO HOWEVER I would get a Google account just for Themer... but I don't know if that is possible. When I select to sign into Themer with Google, it tells me to choose a Google account when there is none on the device. What do? (derp) Thanks in advance.
Click to expand...
Click to collapse
Just create a easy google acct.
Lurkerdownbelow said:
Not everyone wants to participate in social media. I find it disappointing that Themer would require I do so, and is a deal-breaker for me.
Click to expand...
Click to collapse
We understand that it's not for everyone, but it's the best way for us help find new users as well as to keep Themer free. We will soon add options to remove this service.
Lurkerdownbelow said:
Not everyone wants to participate in social media. I find it disappointing that Themer would require I do so, and is a deal-breaker for me.
Click to expand...
Click to collapse
If you don't have a Google account you may as well not be using android. "Google account" does not equal "social media". Without a Google account you can't even use the Play Store.
Sent from my SAMSUNG-SGH-I747 using XDA Premium 4 mobile app
BakaNeko59 said:
If you don't have a Google account you may as well not be using android. "Google account" does not equal "social media". Without a Google account you can't even use the Play Store.
Sent from my SAMSUNG-SGH-I747 using XDA Premium 4 mobile app
Click to expand...
Click to collapse
You're correct. I realized that I had been confusing google+ with my normal google account. My bad here. I had assumed that since it was requesting me to sign in with my google account or facebook that it was social media related. I, in fact, do have a google account and can access the play store - which is how downloaded Themer to try in the first place.
I'd now like to know why it needs me to sign in with either account. How does that help Themer find new users and keep it free? I'm not being an ass here, just trying to learn new things.
Lurkerdownbelow said:
You're correct. I realized that I had been confusing google+ with my normal google account. My bad here. I had assumed that since it was requesting me to sign in with my google account or facebook that it was social media related. I, in fact, do have a google account and can access the play store - which is how downloaded Themer to try in the first place.
I'd now like to know why it needs me to sign in with either account. How does that help Themer find new users and keep it free? I'm not being an ass here, just trying to learn new things.
Click to expand...
Click to collapse
To be honest it's mainly for security reasons on our side. If someone breaches our servers, we can link it to a verified account and take action where necessary. In terms of social, when you log in you might have selected the box to receive emails from Themer about new updates and very important events. In this way, people who have uninstalled Themer because of some reason, might find that it now includes something that they've always wanted. Therefore it helps introduce 'new' users and in turn the more users we have the greater chance we have to generate resources (through the sponsored apps in the Smart Categories, which can also be turned off if the user desires).
ThemerSupport said:
To be honest it's mainly for security reasons on our side. If someone breaches our servers, we can link it to a verified account and take action where necessary. In terms of social, when you log in you might have selected the box to receive emails from Themer about new updates and very important events. In this way, people who have uninstalled Themer because of some reason, might find that it now includes something that they've always wanted. Therefore it helps introduce 'new' users and in turn the more users we have the greater chance we have to generate resources (through the sponsored apps in the Smart Categories, which can also be turned off if the user desires).
Click to expand...
Click to collapse
Hey thanks so much for taking the time to answer this in more detail! It's much appreciated. I'll give it a thorough try now.
ThemerSupport said:
To be honest it's mainly for security reasons on our side. If someone breaches our servers, we can link it to a verified account and take action where necessary. In terms of social, when you log in you might have selected the box to receive emails from Themer about new updates and very important events. In this way, people who have uninstalled Themer because of some reason, might find that it now includes something that they've always wanted. Therefore it helps introduce 'new' users and in turn the more users we have the greater chance we have to generate resources (through the sponsored apps in the Smart Categories, which can also be turned off if the user desires).
Click to expand...
Click to collapse
Thanks.
ThemerSupport said:
Hi there, we'd advise creating a simple Google account. We use this feature generally for security purposes as well as to display unread email count notifications (as the general population now use Gmail as their preferred email account).
Click to expand...
Click to collapse
Thanks a lot for your help. I was also facing the same problem.
Google account is a deal breaker
Hi,
For me this is a deal breaker.
I can follow your reasoning. But how can you give the same app the rights to read (display) all your text-messages, contacts & location together with a personalized login (be it google or facebook).
I know that American mentality is different in this case than German mentality: but I think it is insane to give access to all of these information at once...
I'm not the only paranoid here (if you think I am) but I know a lot of others (Germans) who think the same.
Sorry of I'm too frank: if you want to reach more Germans with your app, then you need to rethink this log-in dialogue.
btw: yes, you can use Android (CyanogenMod) without any kind of account. Works great
Yours, toggle
toggler said:
Hi,
For me this is a deal breaker.
I can follow your reasoning. But how can you give the same app the rights to read (display) all your text-messages, contacts & location together with a personalized login (be it google or facebook).
I know that American mentality is different in this case than German mentality: but I think it is insane to give access to all of these information at once...
I'm not the only paranoid here (if you think I am) but I know a lot of others (Germans) who think the same.
Sorry of I'm too frank: if you want to reach more Germans with your app, then you need to rethink this log-in dialogue.
btw: yes, you can use Android (CyanogenMod) without any kind of account. Works great
Yours, toggle
Click to expand...
Click to collapse
Hi Toggler,
We understand your concern, as we are simply a launcher. However, that isn't really the case. As all of our widgets are built in, we require these permissions to allow the user to view his/her unread SMS/Email/Missed Call counts on the homescreen. We don't store any of the information, we simply display it. We've now actually had to remove the Dialer Widget to reduce the number of permissions required, but we still need a few to improve the user's experience. Once Facebook introduces anonymous login, we'll implement that straight away, however right now we need it for security reasons on our end (in then breaching theme servers).
Hope this helps!
- Marco
So I finally upgrade my LG simple 1G phone to a VZW Galaxy S4, allowed it to update to MK2, setup my gmail account (not G+ though), take care of organizing it like I want, etc. Next thing I notice, that in my gmail I start getting dangerous looking spam ("update your Amazon credit card info", "update your ###### info", and the image had a link which would've sent me to a Yemen domain. Nothing happens without a reason, and the only thing that changed was I gave the phone my gmail logon. I did not directly give account info to any of the other vendors advertised on the bloatware on this phone. I should add that prior to this I was familiar with the spam I'd get in gmail (and gmail would flag it into spam folder) and it was consistent and never made it into my inbox.
This being my first android I'd appreciate comments on your experiences with this, and anything you can share on how to better safeguard my info. I hate google, or anybody for that matter, having so much access to my credentials which I normally and successfully hold fairly close. (Yes this is my first smartphone).
I am a Malwarebytes registered user on my desktop and laptop so I downloaded their app onto my phone, but something tells me what caused this spammer to source me was over-sharing of data on google's (android's?) part.
Thanks
MessyPotamia ("because in the land between the Tigris and Euphrates, things are a MESS")
Huntsville, Alabama
I think its pretty safe to say its coincidence. My family owns about 5 Android devices and I myself have three Android devices currently in active use , two gmail account, one for my personal devices and the other for family use and so far, we have yet to get any 'weird' spam issues except for the occasional spam that promises me that I'll get bigger manhood and such. Try playing with the app settings or try another email app. I mean, if you have a gmail account all this while and google wants to sell off your personal information, they would have sold it a long time ago and not wait only now because you have a new smartphone right? Lol
Sent from my GT-N7105 using xda app-developers app
mha93 said:
I think its pretty safe to say its coincidence. <SNIP> I mean, if you have a gmail account all this while and google wants to sell off your personal information, they would have sold it a long time ago and not wait only now because you have a new smartphone right? Lol
Sent from my GT-N7105 using xda app-developers app
Click to expand...
Click to collapse
Didn't mean that I think G directly sold it off, but something enabled a spammer to target me. Have been getting this same spam about 1x / day since I shared my 10 yr old gmail acct w/ VZW/I545/MK2. Something triggered it, I don't believe in coincidences (my prior CI work, sorry!), and the only thing that changed was my new setup.
Maybe its something that you've installed? Like have you pirated any apps or downloaded any sketchy apps? Besides that, I can't think of other ways besides logging in to your gmail account, and actively mark the emails from that address as spam.
Sent from my GT-N7105 using xda app-developers app
mha93 said:
Maybe its something that you've installed? Like have you pirated any apps or downloaded any sketchy apps? Besides that, I can't think of other ways besides logging in to your gmail account, and actively mark the emails from that address as spam.
Sent from my GT-N7105 using xda app-developers app
Click to expand...
Click to collapse
Two days later from my orig post. First, I have not downloaded any suspicious apps (only 2 banking apps, and they're pretty secure), one or two others from app store (but uninstalled them when I wasn't impressed). I set up my wife's yahoo email account as another account under email; one gmail account I use often as another email account; and my regular gmail account is the main phone account. My regular gmail account gets very little spam.
Now I notice my wife is getting evidence her contacts have been harvested, as folks in her contacts (some very old contacts) are replying "Did you send this? " or rejection messages from their .gov or .mil enterprise mail server. She has had registered malwarebytes on her laptop, as do I on mine. Tomorrow I will run CCleaner and HijackThis on both hers and mine. I must say the neither of us visit suspicious places or have any poor practices regarding opening emails or attachments, and our Secunia PSI scores are usually around 98.
This has to have something to do with my new Galaxy S4 and the fact that I gave it my gmail credentials, and her yahoo credentials.
This is not a coincidence.
After googling around, I came upon several forums stating that their users are getting spam mails after logging into their gmail accounts from their 'new' smartphones. So I guess your case is not unique. In all the cases, they managed to solve the problem by changing their gmail password. So what I'm thinking is that your phone is a 'manufacturer refurbished phone' or at least one that was returned to your carrier and repackaged again and that the previous owner left a malicious code or script in the phone. So short of returning to your carrier or to Samsung, I suggest that you change your password, factory reset your phone, update the firmware before logging in to your gmail account and see if it changes anything. The best bet is to return it to Samsung or your carrier on grounds that its a 'defective device' or at least claim that something is wrong with it. Chances are, they will reflash a fresh new firmware onto your phone and would in theory solve and delete any malicious code in your phone. Or they'll replace yours with a new phone. Yeah sounds troublesome but if you want to skip Samsung and reflash a new firmware yourself, head over to the S4 forums and see the method of flashing a new stock firmware. Sorry that your new smartphone causes so much problems. Google is quite helpful when its working right.
Sent from my GT-N7105 using xda app-developers app
(Problem solved)
mha93 said:
After googling around, I came upon several forums stating that their users are getting spam mails after logging into their gmail accounts from their 'new' smartphones.<<SNIPPED for brevity>> Google is quite helpful when its working right.
Sent from my GT-N7105 using xda app-developers app
Click to expand...
Click to collapse
The source of the spam is most assuredly the YAHOO MAIL ANDROID APP (downloaded 3 days ago from App store and put on her android, not mine). After running (reg'd) malwarebytes, plus CCleaner and HijackThis (all showed nominal) I began to suspect it was on Yahoo's side, and sure enough there are plenty of recent articles about their vulnerability. Removed the app from her Moto Droid.
I particularly enjoyed reading this:
[I can't post outside links, google the search terms "even-yahoo-employees-dont-use-yahoo-mail"]
Meanwhile, everyone here I thank for participating in this thread.
Dear friends,
I have Asus Memo Pad HD7 Android 4.2.2, with Viber on it. I have a problem of not being able to update contacts on it
I noticed the following:
1- Viber usually allows to pull and release contacts to update, but i can't on this device.
2- I have a Galaxy note 10.1 (N8000) which in the "Accounts" section of android settings has (a Viber Account), but can't find it on Memo Pad.
I hope there's a way to figure out what to do, is it an android problem that need a new ROM? or a Viber Problem? Does rooting help?
Hi,
For assistance with your contact list sync issues, you can read this article: http://bit.ly/1jLF5M0
noooneh said:
Dear friends,
I have Asus Memo Pad HD7 Android 4.2.2, with Viber on it. I have a problem of not being able to update contacts on it
I noticed the following:
1- Viber usually allows to pull and release contacts to update, but i can't on this device.
2- I have a Galaxy note 10.1 (N8000) which in the "Accounts" section of android settings has (a Viber Account), but can't find it on Memo Pad.
I hope there's a way to figure out what to do, is it an android problem that need a new ROM? or a Viber Problem? Does rooting help?
Click to expand...
Click to collapse
Viber Team said:
Hi,
For assistance with your contact list sync issues, you can read this article:
Click to expand...
Click to collapse
Dear sir,
no wonder the article wasn't helpful. I'm talking about a whole mechanism absent in this device (but surely exists for samsung at least). Which is viber syncing.
Again: on this device, the ability of pull and release is totally absent. In addition, I can add a google account, Facebook account, even a dropbox account, but I can't add a viber account... so syncing is totally absent ON MEMO PAD HD7
Your article explains how to use this feature right, but the problem is that you don't support it on this device
All devices running Android have the same features. There aren't certain features that are present on Samsung devices that won't be present on you Acer Memo Pad.
Please make sure that you have the latest version of Viber (version 4.3.3) on your tablet. The pull and release feature is available on that version.
Should you continue experiencing issues, please contact our support team here: http://bit.ly/1aOwGy2
noooneh said:
Dear sir,
no wonder the article wasn't helpful. I'm talking about a whole mechanism absent in this device (but surely exists for samsung at least). Which is viber syncing.
Again: on this device, the ability of pull and release is totally absent. In addition, I can add a google account, Facebook account, even a dropbox account, but I can't add a viber account... so syncing is totally absent ON MEMO PAD HD7
Your article explains how to use this feature right, but the problem is that you don't support it on this device
Click to expand...
Click to collapse
HI all, I have been a follower of this amazing forum for quite some time now. A big thank you to the forum owners, mods and all concerned parties for the effort, information and forum.
I need help this time around. I have a XIAOMI MI 10T. WITH GLOBAL MIUI 12 ROM, running Miui 12.0.5.0., android 10.
Can some one please help me, to install either xiaomi's MI apps or a working third party or google alternative apps to Google contacts, Google Dialer, and Google Messages(SMS) Apps? WITH OUT ROOTING MY DEVICE?
It would be really awesome to have them back.
Problems I face with factory installed google apps are,
1.my contacts are not allowed to get saved on my device.
2.google dialer's call recorder self defeats the purpose it exists for. No video calling Built in.
3.google's message (sms) app is way too slow in searching through the contacts when I need to send a message and IT JUST DOESNT have an option to share a Contact in TEXT format, only mms is allowed for some reason.
4. Post DEC 2020 security update, non of the alternative apps from the google's play store work without bugs, or without solving the above problems.
HELP.
I even tried contacting google apps developer team, as per their developer contact email Id left in the play store (Which is, [email protected]). the automated reply said
Hello,
Thank you for contacting Google.
You have emailed to an address that is no longer being monitored.
To get help, Please visit http://support.google.com/
I do not know who else to contact for help regarding this issue, any pointers or help would be great. thank you.