Re: Re: Brand new s21 ultra was hacked - Page 3

riow · ‎16-03-2021

My brand new s21 ultra was remotely controlled to restart it, shut it down, enable both WiFi and Bluetooth, and generate weird sounds all automatically. I neither insert any SIM card nor install/ configure anything. It told me that this device is so unsecured! I don't know how should I do with this outstanding device!

Is it because of UWB? How can I disable it?

riow · ‎18-03-2021

I'm preparing to send it to Samsung. But it's been definitely hacked together with my primary phone simultaneously.

riow · ‎18-03-2021

Typo: attacked rather attached

WelshPaul · ‎18-03-2021

Are you sure that your Google and/or Samsung accounts haven't been breached?

My advice comes from being a UK ~~Samsung~~ iPhone user.

Current Devices:

iPhone 14 Pro 256GB Deep Purple
Samsung Galaxy Buds+ > Model: SM-R175.

Archer_Legend · ‎18-03-2021

you can use adb tool on mac too.

At this point you could do the easy wipe all kill everything fixed approved method.

Change the passwords of your samsung and google account, be sure they have not been breached and then take off the data you want from your device and perform a full flash of the correct software (NB if you break the device you will loose warranty), if you do not fix by doing that your last option is to nuke your phone

Jokes aside, you can either try to flash the software yourself or send it to samsung, if you do not feel comfortable or do not have time for the first option just do the second

Archer

riow · ‎22-03-2021

I've made it today myself. The warranty code is found 0x0 from Download Mode. I neither use Google debug package nor adb from Mac. I power off s21 ultra, connect it to win machine, press still both volume up and down buttons, then it went to Download mode.

I've attached two photos from the following links. Don't know what DID numbers are which I hid it then from the photos. I thought 0x0 means Knox warranty is not broken. So the device sold from the seller had not been cracked previously. I could do a factory reset from the Recover Mode. Does it mean I don't need to bring back to Samsung who will do the same thing anyway?

https://www.dropbox.com/sh/2rkr7szs10w76bz/AACBKBopo9zQStDBxK2gUr2ka?dl=0

riow · ‎22-03-2021

I've changed Google pin and other important accounts pins. I don't know if my accounts were breached, but the most important accounts looked normal thankfully.

I've new perspective to s21 ultra since things happened to the device and to me.

riow · ‎23-03-2021

BTW thanks for all the detailed inputs.

riow · ‎29-03-2021

Could anyone please let me know what is 2904 from the attached screenshot? Before I factory reset the device, I've just installed an app called Network Speed which showed an weird app called 2904. Is it a system app? I've also just installed another app called traced which doesn't show any app called 2904.

WelshPaul · ‎29-03-2021

No idea what that is...

Any reason why you refuse to return the device?

Try installing malwarebytes and run a scan. See if that finds anything!

My advice comes from being a UK ~~Samsung~~ iPhone user.

Current Devices:

iPhone 14 Pro 256GB Deep Purple
Samsung Galaxy Buds+ > Model: SM-R175.

Archer_Legend · ‎29-03-2021

Apart from installing trash apps like the one you did (I advise you not do that), apps like 2904 can be easily found in the app list in the settings by turning on show system apps. There are many packages which have a number as a name and they are troubleshooting packages which can be run in debug or via the phone dialer by inserting some specific codes to run phone diagnositics.

Archer