How do you know that your phone is HACKED?

by ImdadullahApril 21, 2020



From email to banking, our smartphones are the main hub of our online lives. No wonder that smartphones are starting to stack up to computers as common targets for online hackers.

According to EFF Staff Technology Cooper Quentin, of note is that the malware did not involve a sophisticated software exploit, but instead only required “application permissions that users themselves granted when they downloaded the apps, not realizing that they contained malware.”

Malware is often downloaded from non-official sources, including phishing links sent via email or message, as well as malicious websites such as the Secure Android site mentioned above. (While security experts recommend always downloading from official app stores – like the Apple App Store or Google Play – some countries are unable to access certain apps from these sources, for example, secure messaging apps that would allow people to communicate secretly.)

Across the board, mobile malware has been on the riseup – in part due to an increase in political spies trying to break into the devices of persons of interest. Once this malware is online, other criminals are able to exploit compromised devices too. Malware can include spyware that monitors a device’s content, programs that harness a device’s internet bandwidth for use in a botnet to send spam, or phishing screens that steal a user’s logins when entered into a compromised, legitimate app.

Then there are the commercial spy apps that require physical access to download to a phone – often done by those well-known to the victim such as a partner or parent – and which can monitor everything that occurs on the device.
Not sure if you may have been hacked? We spoke to Josh Galindo, director of training at uBreakiFix, about how to tell a smartphone might have been compromised. And, we explore the seven ways your phone can be hacked and the steps you can take to protect yourself.

5 Signs your phone may have been hacked

1. Noticeable decrease in battery life

While a phone’s battery life inevitably decreases over time, a smartphone that has been compromised by malware may start to display a significantly decreased lifespan. This is because the malware – or spy app – may be using up phone resources to scan the device and transmit the information back to a criminal server.
(That said, simple everyday use can equally deplete a phone’s lifespan. Check if that’s the case by running through these steps for improving your Android or iPhone battery life.)

2. Sluggish performance

Do you find your phone frequently freezing, or certain applications crashing? This could be down to malware that is overloading the phone’s resources or clashing with other applications.
You may also experience continued running of applications despite efforts to close them, or even have the phone itself crash and/or restart repeatedly.
(As with reduced battery life, many factors could contribute to a slower phone – essentially, its everyday use, so first try deep cleaning your Android or iPhone.)

3. High data usage

Another sign of a compromised phone is an unusually high data bill at the end of the month, which can come from malware or spy apps running in the background, sending information back to its server.

4. Outgoing calls or texts you didn’t send

If you’re seeing lists of calls or texts to numbers you don’t know, be wary – these could be premium-rate numbers that malware is forcing your phone to contact; the proceeds of which land in the cyber-crim’s wallet. In this case, check your phone bill for any costs you don’t recognise.

5. Mystery pop-ups

While not all pop-ups mean your phone has been hacked, constant pop-up alerts could indicate that your phone has been infected with adware, a form of malware that forces devices to view certain pages that drive revenue through clicks. Even if a pop-up isn’t the result of a compromised phone, many may be phishing links that attempt to get users to type in sensitive info – or download more malware. The vast majority of such pop-ups can be neutralised simply by shutting the window – though be sure you’re clicking the right X, as many are designed to shunt users towards clicking an area that instead opens up the target, sometimes malicious, site.

5 ways your phone can be hacked

From targeted breaches and vendetta-fueled snooping to opportunistic land grabs for the data of the unsuspecting, here are seven ways someone could be spying on your cell phone – and what you can do about it.

1. Spy apps

There is a glut of phone monitoring apps designed to covertly track someone’s location and snoop on their communications. Many are advertised to suspicious partners or distrustful employers, but still more are marketed as a legitimate tool for safety-concerned parents to keep tabs on their kids. Such apps can be used to remotely view text messages, emails, internet history, and photos; log phone calls and GPS locations; some may even hijack the phone’s mic to record conversations made in person. Basically, almost anything a hacker could possible want to do with your phone, these apps would allow.
And this isn’t just empty rhetoric. When we studied cell phone spying apps back in 2013, we found they could do everything they promised. Worse, they were easy for anyone to install, and the person who was being spied on would be none the wiser that there every move was being tracked.
“There aren’t too many indicators of a hidden spy app – you might see more internet traffic on your bill, or your battery life may be shorter than usual because the app is reporting back to a third-party,” says Chester Wisniewski, principal research scientist at security firm Sophos.
Likelihood
Spy apps are available on Google Play, as well as non-official stores for iOS and Android apps, making it pretty easy for anyone with access to your phone (and a motive) to download one.
How to protect yourself
  • Since installing spy apps require physical access to your device, putting a passcode on your phone greatly reduces the chances of someone being able to access your phone in the first place. And since spy apps are often installed by someone close to you (think spouse or significant other), pick a code that won’t be guessed by anyone else.
  • Go through your apps list for ones you don’t recognize.
  • Don’t jailbreak your iPhone. “If a device isn’t jailbroken, all apps show up,” says Wisniewski. “If it is jailbroken, spy apps are able to hide deep in the device, and whether security software can find it depends on the sophistication of the spy app [because security software scans for known malware].”
  • For iPhones, ensuring you phone isn’t jailbroken also prevents anyone from downloading a spy app to your phone, since such software – which tampers with system-level functions - doesn’t make it onto the App Store.
  • Download a mobile security app. For Android, we like Avast and for iOS, we recommend Lookout for iOS.

2. Phishing by message

Whether it’s a text claiming to be from your financial institution, or a friend exhorting you to check out this photo of you last night, SMSes containing deceptive links that aim to scrape sensitive information (otherwise known as phishing or “smishing”) continue to make the rounds.
Android phones may also fall prey to messages with links to download malicious apps. (The same scam isn’t prevalent for iPhones, which are commonly non-jailbroken and therefore can’t download apps from anywhere except the App Store.)
Such malicious apps may expose a user’s phone data, or contain a phishing overlay designed to steal login information from targeted apps – for example, a user’s bank or email app.
Likelihood
Quite likely. Though people have learned to be skeptical of emails asking them to “click to see this funny video!”, security lab Kaspersky notes that they tend to be less wary on their phones.
How to protect yourself
  • Keep in mind how you usually verify your identity with various accounts – for example, your bank will never ask you to input your full password or PIN.
  • Avoid clicking links from numbers you don’t know, or in curiously vague messages from friends, especially if you can’t see the full URL.
  • If you do click on the link and end up downloading an app, your Android phone should notify you. Delete the app and/or run a mobile security scan.

3. SS7 global phone network vulnerability

A communication protocol for mobile networks across the world, Signalling System No 7 (SS7), has a vulnerability that lets hackers spy on text messages, phone calls and locations, armed only with someone’s mobile phone number. An added concern is that text message is a common means to receive two-factor authentication codes from, say, email services or financial institutions – if these are intercepted, an enterprising hacker could access protected accounts, wrecking financial and personal havoc.
According to security researcher Karsten Nohl, law enforcement and intelligence agencies use the exploit to intercept cell phone data, and hence don’t necessarily have great incentive to seeing that it gets patched.
Likelihood
Extremely unlikely, unless you’re a political leader, CEO or other person whose communications could hold high worth for criminals. Journalists or dissidents travelling in politically restless countries may be at an elevated risk for phone tapping.
How to protect yourself
  • Use an end-to-end encrypted message service that works over the internet (thus bypassing the SS7 protocol), says Wisniewski. WhatsApp (free, iOS/Android), Signal (free, iOS/Android) and Wickr Me (free, iOS/Android) all encrypt messages and calls, preventing anyone from intercepting or interfering with your communications.
  • Be aware that if you are in a potentially targeted group your phone conversations could be monitored and act accordingly.

4. Snooping via open Wi-Fi networks

Thought that password-free Wi-Fi network with full signal bars was too good to be true? It might just be. Eavesdroppers on an unsecured Wi-Fi network can view all its unencrypted traffic. And nefarious public hotspots can redirect you to lookalike banking or email sites designed to capture your username and password. And it’s not necessarily a shifty manager of the establishment you’re frequenting. For example, someone physically across the road from a popular coffee chain could set up a login-free Wi-Fi network named after the café, in hopes of catching useful login details for sale or identity theft.
Likelihood
Any tech-savvy person could potentially download the necessary software to intercept and analyze Wi-Fi traffic – including your neighbor having a laugh at your expense (you weren’t browsing NSFW websites again, were you?).
How to protect yourself
  • Only use secured networks where all traffic is encrypted by default during transmission to prevent others from snooping on your Wi-Fi signal. 
  • If you must connect to a public network and don’t have a VPN app, avoid entering in login details for banking sites or email. If you can’t avoid it, ensure the URL in your browser address bar is the correct one. And never enter private information unless you have a secure connection to the other site (look for “https” in the URL and a green lock icon in the address bar).

5. Unauthorized access to iCloud or Google account

Hacked iCloud and Google accounts offer access to an astounding amount of information backed up from your smartphone – photos, phonebooks, current location, messages, call logs and in the case of the iCloud Keychain, saved passwords to email accounts, browsers and other apps. And there are spyware sellers out there who specifically market their products against these vulnerabilities.
Online criminals may not find much value in the photos of regular folk – unlike nude pictures of celebrities that are quickly leaked– but they know the owners of the photos do, says Wisniewski, which can lead to accounts and their content being held digitally hostage unless victims pay a ransom.
Additionally, a cracked Google account means a cracked Gmail, the primary email for many users.
Having access to a primary email can lead to domino-effect hacking of all the accounts that email is linked to – from your Facebook account to your mobile carrier account, paving the way for a depth of identity theft that would seriously compromise your credit.
Likelihood
“This is a big risk. All an attacker needs is an email address; not access to the phone, nor the phone number,” Wisniewski says. If you happen to use your name in your email address, your primary email address to sign up for iCloud/Google, and a weak password that incorporates personally identifiable information, it wouldn’t be difficult for a hacker who can easily glean such information from social networks or search engines.
How to protect yourself
  • Create a strong password for these key accounts (and as always, your email).
  • Enable login notifications so you’re aware of sign-ins from new computers or locations.
  • Enable two-factor authentication so that even if someone discovers your password they can’t access your account without access to your phone.
  • To prevent someone resetting your password, lie when setting up password security questions. You would be amazed how many security questions rely on information that is easily available on the Internet or is widely known by your family and friends.