Smartphone Hacked with Zero Day ExploitEven smart people often fall into victim
Not every hacks are that successful. Because of the device safety, regular updates applied by the software companies and overall good practice makes a huge difference. Staying alert can be a great tool against the hackers.
This is such an instance. Here the client was smart, informed and quite intuitive. Before the hacker started blackmailing him, he suspected something is wrong.
It happened to his smartphone. He didn’t notice when or how it happened, but somehow suspected something was wrong. There were some telltale signs of hack popping up in his phone.
When we got hold of the device, our investigative scans found out the real reasons and place of origin of the hack.
The incident started with an app on client’s smartphone. It injected some harmful script and opened a back door. And, using that back door, the hackers planted spyware into his device.
We found that the spyware was quite powerful and didn’t intend to spy on just his device. It was meant to spread to corporate environments. His office or any other big organizations were the real target. If he didn’t suspect when he did, that nefarious goal of the spyware might have been successful. And he would have been an accomplice of a larger crime committed unwittingly.
The spyware got access to all the built-in apps and functions. That started listening to his calls and recording them. It was also recording all his app usage history, whatsapp messages and copying his photos, videos and other stored documents. Sometimes the spyware opened the camera app to videotape his actions, movements and events of the client’s life. Needless to say, it gained access to all of his GPS tracking data as well. Meaning, the people on the other end of the spyware could see his locations, where he went, how long he stayed in certain places and what he did. With photos and videos if they wanted.
It was a great recipe for disaster and a potential online scam just waiting to happen.
Luckily, the client noticed that his phone is acting somewhat weird. It had been slowing down without any apparent cause. Turning on the mobile data services and using a lot of data when it shouldn’t have. And the phone was heating up for seemingly no reason at all. He tried cleaner apps to speed up his phone, clean the rams a little bit etc. But of course, it did not help. The phone had not been faster nor the data drain had stopped.
It got him thinking, but he didn’t want to jump to any hasty conclusions. Because, he kept his device relatively safe. He didn’t connect to public wi-fi found in the cafeteria, or malls. He also didn’t charge the phone with a data cable connecting it to a charging outlet or unknown PC. So, with everything he did out of caution should have given him a fair security. But it did not. And the expensive smartphone had been acting up. Now there was a reason for true concern and suspicion. That suspicion led to discovery of a potential hacking scenario.
When we got it, we found out that the spyware had been running it’s malicious operation unhindered. First we stopped the operation, then we removed it altogether. We scanned the device for other vulnerabilities and detected the dorman script that opened the back door. After taking care of every points of probable vulnerability, we proceeded to secure the phone against further attacks.