>>51831159
Is she running an older vulnerable version of Android? Could be she picked up some malware.

>samsung devices don't get updates

enjoy your stagefright, looks like your phone got pwned

bin it, i wouldn't even bother plugging that shit in to my computer

>>51831185
>>51831186
Sure, alright.
Anyone know anything specifically about what's going on here?
With a signature like 'I'm watching you' I'd expect to be able to find something about it online, but I didn't see anything anywhere.
The battery is going to be removed for now, but I'd actually like to know what it is (aside from the fact that it may be malware)

>>51831159
I can't recall and im not saying this to scare you. But stage fright basically complete access to a phone and you can't uninstall whatever someone else installed onto the system.

Suggestion: Fuck it. Get her a Nexus phone. And install Firefox with adblock or unlock on it. I work in a phone store and countless of people get their shit fucked up from two places: porn and Facebook.

Get rid of that phone anon. And let her create a new Facebook and maybe a new number. I wouldn't fuck with this.

>>51831232
>But stage fright basically complete access to a phone and you can't uninstall whatever someone else installed onto the system.

Ah, I thought stage fright was used as an expression.
Will be looking into it, thank you.

Any extra info (something specifically related to this text) would be appreciated.

Android version is 5.0.1, by the way.

>>51831311
Stagefright was patched in 4.4.4 (or earlier?), so that wouldn't be the problem

>>51831426
Or am I thinking of heartbleed?

>>51831426

Alright, so that's not it I guess....
Though it may still be stage fright, since apparently the S4 was patched only a few days ago (the 7th of December)

I just find it really odd that I can't find anything about it online, even though it has such a catchy thing to it like the 'I'm watching you' text.

Every breath you take. Every move you make. Every bond you break. Every step you take. I'll be watching you

>>51831536

kek

Alright, so I just tested the phone for vulnerabilities with the Zimperium stagefright detector application and it says that it's vulnerable.

I still don't know if it's actually something though, since my only indication that something's up is the text on the startup screen.

>>51831499
Yeah disregard the post you're replying to, I was thinking of another exploit

>>51831564
It's gotta be a virus, or some sort of prank app installed in order to scare your mum. Or it could be shlomo goldstein revealing himself tracking you. Good luck son

>>51831564
Check in settings->about device or whatever to see if the system status is "official"

If it's set to "custom" instead of "official", you're already owned hard. Only reflashing the entire stock firmware with ODIN can save you.

If it's still "official" you still have a chance to clear out the malware. Maybe.

>>51831159
Backup data, factory reset, and update?

>>51831159
>dutchfag
in de instellingen is ergens een optie om informatie over de eigenaar te weergeven op het vergrendelscherm.
het is vrij in te vullen tekst veld.
het is waarschijnlijk een grap en het lijkt erop dat het werkt.

>>51831159
Ik zou me niet druk maken en gewoon gaan slapen senpai.

>>51831647
Klopt, maar
1 de telefoon is nieuw (dus dat sluit een grapje van de vorige eigenaar uit)
2 het is vrij zeker dat niemand er aan heeft gezeten (fysiek)

>>51831650
Er zit zo enorm veel info op zo'n kutmobieltje (gebruik zelf alleen dumphones) dat ik me toch wel een beetje zorgen maak.

>>51831712
>fabrieksmedewerker bij samsung voert test uit.
>telefoon haalt test.
>verveelt zich en zet deze tekst erin.
>verkopen die shit.
Ik zou dit doen als ik daar werk

>>51831759
Haha eigenlijk wel ja.
Ding is, mn ma heeft t niet van begin af aan gezien (ze kan het zich in ieder geval niet herinneren) dus helaas kan ik daar niet vanuit gaan.

To anyone still willing to help: my priority right now is finding out if something is actually going on or if it's just the startup message that has been changed.
I don't care about the phone itself. We could throw it away (or get it replaced) with ease.
What worries me is the possibility of personal information having been copied from the phone.

>>51831812
If the personal info was able to be stolen, it's already stolen.
See >>51831637 to check if your device got owned or not. I don't see any way to change the lock screen message w/o root so you probably got owned.

File: Screenshot_2015-12-13-02-28-56.png (137 KB, 1080x1920) Image search: [Google]

137 KB, 1080x1920

>>51831812
Kijk in de instelling bij vergrendelscherm en kijk of er tekst is ingevuld bij de eigenaar info

>>51831637
>>51831886

It says 'official'.

>If the personal info was able to be stolen, it's already stolen.

I know as much, so the only thing I can do, or rather what I'd like to know is whether or not it's actually something or if it somehow still is the welcome message having been changed only (somehow), as >>51831900 mentions.

>>51831900
Ja. Het staat er gewoon in plain text.
Heb t net veranderd naar 'kek' en t werkte gewoon.

I've been able to change the message to say 'kek'. Again, the only thing that remains is to ascertain whether or not it was just that text that had been changed or whether there was actually some kind of malware involved.
I would much appreciate it if anyone could inform me how I would go about checking and making sure no form of malware is involved.

>>51831967
just full format and reflash everything

>>51832002
I want to know if it was actually malware or not.
If I can be almost certain it wasn't, I'll just go on with my day.

>>51831967
You can run a few malware scanners (bitdefender, avast) and see if they pick anything up. If they find something, look it up and see if it steals info. Protip: It probably does.

>>51832018
why the fuck wouldnt you do it just to be sure

>>51831967
kijk in de system logs.
Een custom rom flashen wist ook alles, geef haar de betere custom roms

>>51832041
Because what's been done has been done.
I just want to know for myself if there was malware involved.

>>51832056
>kijk in de system logs.
Zal ik doen. Ben nu Avast aan t installeren om n scan te doen.

>>51831967
Je kan ook de telefoon laten verbinden met een netwerk gemaakt door je laptop dat je inde gaten houdt met wireshark en natuurlijk loggen van dingen op de telefoon zelf.
Gebruik hem een dagje aan de wireshark en zoek naar vage dingen.
Niks gevonden betekent schoon (genoeg)

Occam's razor:
why would a fraud expose himself in the first place by putting that text there for her to see?
if there was some malware on the phone that's eating your sensitive data, it would be smart for that malware to be as inconspicuous as possible...

ergo: it's a stupid prank

>>51832073
>avast
Alsjeblieft, nee, doe het niet.
Malwarebytes op de telefoon werkt veel beter.

>>51832073
It's become readily apparent you're far too stupid to own any piece of technology more complicated than a pocket calculator, so I suggest you sell or throw away anything computer related and go back to pencil and paper. You can't possibly fuck that up. I hope.

>>51832100
>better disguise myself as a prank

>>51832115
It's not his phone, you asshole.
Stfu and >>>/b/

>>51832073
Are you joking?

>>51832136
Fuck you. If he can't even figure out how/if malware is on a device he doesn't belong on /g/

>le /b/tard maymay xD

>>51832086
>praktische applicatie van wireshark

Had nooit verwacht dat t zo ver zou komen haha

>>51832101
Wist niet dat je malwarebytes ook hebt op de mobiel, anders had ik die wel gedaan.
Heb normaal ook alleen malwarebytes op mn PC. Nog nooit problemen gehad.

>>51832115
I'll repeat:
1) if it was malware, any sensitive info will already be out
2) thus, the only thing I can do besides changing passwords and changing phone (which I will do anyways) if finding out if it's actually malware.
3) Should I somehow be able to ascertain it isn't (which is unlikely, but it would be nice), I'll worry a bit less.

>>51832100
I was actually thinking about this while taking a piss yesterday, kek (didn't know about her phone situation at the time)

>>51832195
Als je t echt zeker wil weten is het of dit of andere rom

OP, I want to see screenshots of About, your entire app list and if you have root. I call bullshit. Nice maymay op

>>51831536
first time a tripfag made me kek by a joke

File: Screenshot_20151213-130130.png (367 KB, 1080x1920) Image search: [Google]

367 KB, 1080x1920

Editing lock screen messages is ridiculously easy. In other words, OP wanted to make a spoopy thread. Eat a dick OP.

Malwarebytes didn't find anything. Neither did Avast.

I'd like to add that I'm starting to doubt more and more that anything is actually going on other than that silly message.

I had expected that I wouldn't be able to uninstall applications, but that is actually simply the case (also checked with file manager).
I've always seen malware 'freezing' or 'locking' a computer in the state it's in (ie installed applications, remove user permissions to change/remove files)

Also, the fact that I can't find anyone else with the text 'I'm watching you...' leads me to believe that it's either a 0day/really recent thing or that it's simply something done by her co-workers.

>>51832353
Doesn't have root, don't care enough to prove myself to you.
I'm sorry, anon, but you'll have to take my word for it.
Should you not, so be it.

>>51832402
If you don't care enough to post a fucking screenshot then I rest my case you cheeky nigger.

>>51832440
ok

>>51832463
Well at least post the app list from on system and we can tell you what apps can and can't create messages like that.

This is super interesting bump.