FAKE samsung s6 firmware update??? HELP I'm being hacked

  • 1
  • Question
  • Updated 1 year ago
Okay so recently I discovered that my koodo prepaid samsung s6 edge was being spied on by people who obviously have nothing better to do.. so anyways after some googling I learned that they were doing it with a software named "stingray" so I immediately searched how to block it and found an article that said if you switch your network mode from 4G/LTE to WCDMA only that it makes it impossible for these hackers to continue invading my privacy.

Then not even 10 minutes later I get a message that popped up saying I needed to install a new firmware update which already seemed awefully fishy anyways here it is below I took a screen shot ...



So is this firmware update even legit and how can I permanently make it disappear since there's no option to decline at All??????
Photo of Jake Roberts

Jake Roberts

  • 100 Points 100 badge 2x thumb

Posted 1 year ago

  • 1
Photo of Jake Roberts

Jake Roberts

  • 100 Points 100 badge 2x thumb
I'm also pretty sure they're still spying on me thru the WiFi network that I use at home frequently somehow?
We don't pay for it... we just connect from the people upstairs and that's who I suspect is behind this whole thing or is helping the hackers with the stingray by allowing them to install secret spy malware related apps :-/

What else can i do to make my phone more secure??? There must be more tricks or maybe even install some sort of firewall app but built for mobiles?????
(Edited)
Photo of Mathieu

Mathieu, Mobile Master

  • 60,828 Points 50k badge 2x thumb
If you are using someone else's network, they have every right in the world to track what you do while connected on the network! 

The software update is indeed legit though.
Photo of Goran

Goran, Mobile Master

  • 90,564 Points 50k badge 2x thumb
What indicators have you seen that you are being hacked? What makes you think that a stingray is being used ?

Do you have an arrangement with your neighbor or are you just leeching free Internet because you can?
Photo of quasarito

quasarito

  • 9,738 Points 5k badge 2x thumb

I believe you may be misinformed about your situation. From what you’ve described, it does not sound likely that your phone has been hacked into.

“Stingray” is not a piece of software that is installed on a phone or otherwise. It is a piece of hardware that acts as a cellphone radio tower and is used to intercept phone communications within a certain area. It’s unlikely your neighbour has access to such equipment as it is illegal for ordinary citizens to operate such hardware. If an ordinary person were to use it, authorities can quickly determine when and where it is used because it would purposefully interfere with communications. In addition, as a “man-in-the-middle” communications interception tool, you would quickly know something is wrong because your calls and text would no longer work if they were intercepted by such a tool. To transparently intercept communications without the person’s knowledge, it would require collaboration with the mobile operators to intercept and forward the communications so as the person being monitored would not realize anything is going on. VERY unlikely your neighbour would get the cooperation of the mobile operator to spy specifically on you.

If you are illegitimately using your neighbours WiFi without their knowledge, it is possible that the neighbour can monitor and track your online activities. However, if you are connected to your neighbours WiFi without their knowledge, this indicates to me that your neighbours WiFi is open and not protected with a password. In that case, ANYONE in the area or within range of the WiFi can monitor and track your online activities. In fact, anyone connected to the neighbours open WiFi can be monitored and tracked. This is an incredible security oversight on your behalf to use an untrusted network that is not even password protected. As for your neighbour, they either do not care about their privacy, or has very poor security knowledge.

The firmware update is just coincidental and is legitimate. Get yourself informed and follow proper security practices to protect your privacy.

Photo of Jake Roberts

Jake Roberts

  • 100 Points 100 badge 2x thumb
Okay well the WiFi network is password protected but we we share it with the people like that I do not trust. Like I said this is all a long story.... i would like to know where this update version is listed on any official koodo updates schedule posted online.


Provide me with the link to where you guys have seen that this firmware update is indeed legitamate. The file sizes aren't even the same on anything that I've seen when I searched for the update. It's not listed on samsungs official website on the updates page for my device name and model.


And FYI I happen to know alot about string ray and it's used by law enforcement whom can use it freely and without will on anyone they want to investigate so yeah that's whats going on here.
(Edited)
Photo of quasarito

quasarito

  • 9,738 Points 5k badge 2x thumb

I will agree with you that Stingrays are used by law enforcement agencies (especially in the United States). However, as this article points out (http://www.theglobeandmail.com/technology/tracking-our-phones-how-stingray-devices-are-being-used-by...), Stingrays are not authorized for use by law enforcement in Canada -- and obviously ordinary citizens are not allowed to use it either (unless the rules have changed since that article has been written). In addition, at a cost of $16,000USD for such a device (https://en.wikipedia.org/wiki/Stingray_phone_tracker#Usage_by_law_enforcement), your neighbour would need some serious money and reasons to acquire such an expensive piece of equipment (that is illegal) to target you. Maybe your neighbour works for law enforcement who has unauthorized access to such a device. And if so, then they are using it without authority for non-law-enforcement purposes. Unless there is something to your background that I don't care to know which makes you a person of interest to law enforcement. If you are of interest to law enforcement, then you shouldn’t be surprised that they are monitoring you, which raises the question why you would ask and advertise your situation in a public forum. Do you see how increasingly absurd and improbable the explanation must become to justify “Stingray” as the answer? With just some due diligence, I think you would be able to convince yourself that a Stingray is not being used in your situation.

If you are using a shared WiFi with your neighbour that is password protected, then certainly your neighbour has the ability to see the communications traffic on the shared network. And if your neighbour shares his WiFi with other neighbours, then they are also able to see your traffic. My original statement still applies: do not use an untrusted network. Since you mentioned you do not trust your neighbour, I think this applies aptly. What can you do to make it more secure? Get off your neighbour’s WiFi!

Photo of Jay Why

Jay Why

  • 1,994 Points 1k badge 2x thumb

The B.C. Civil Liberties Association says it has confirmed that Vancouver police have used a controversial cellphone surveillance device — a StingRay — at least once.

Police confirmed the device was used nine years ago.

The device was employed with "legitimate, appropriate and proper" authorization and based on "exigent circumstance," police said.

In an email to CBC, Vancouver police Const. Brian Montague said the device was used "in 2007 as an investigative tool to support a VPD suspected abduction case that is now an investigation into a possible homicide."

The device was used to try to locate a specific cellphone — owned by the person who may have been abducted.The police did not get access to any of the data that was collected, Montague said, adding that he could not clarify any further details as that investigation was continuing.
http://www.cbc.ca/news/canada/british-columbia/vancouver-police-stingray-use-cellphone-tracking-civi...

this article by CBC claims otherwise
Photo of Jake Roberts

Jake Roberts

  • 100 Points 100 badge 2x thumb
I don't expect you to believe me about me the stingray thing but that's not what Im even asking about here.

it's about where there's proof that this update is legatiment and confirmed by a credible source other then by two random people on a koodo message forum, sorry.
Photo of quasarito

quasarito

  • 9,738 Points 5k badge 2x thumb

If you’re going to ask a question on a public forum, and simply refute the answers that you get, then why bother asking? Go and find out for yourself if you’re not going to believe anyone else. You asked a question, and an answer was provided. If you don’t like an answer, then that is your prerogative, but you can’t just simply go around demanding people go find proof for you. The people in this forum are not slaves to you.

I would like to mention that manufacturers lock the bootloaders of their phones such that it is difficult to update a phone unless the firmware is cryptographically signed by the manufacturer. If it’s not properly signed, the firmware update would be rejected. If the firmware update notification you received is not legitimate, it would mean your phone has likely been tampered with, in which case, you would not want the firmware update, but also you should not trust the firmware currently on your phone as well. Unless of course, your neighbour has managed to obtain the cryptographic key to create a firmware update forgery so that the phone would see it as legit.

Still don’t trust the OTA update? Then go download the official Samsung Kies tool and update the phone yourself. Unless of course, your neighbour has secured the collaboration of Samsung and they’ve allowed this update to be pushed to your phone OTA and the Kies tool. If you believe that absurdity, then you should destroy your phone and get a new one from a different manufacturer.

Photo of Goran

Goran, Mobile Master

  • 90,564 Points 50k badge 2x thumb
Then you should know that stingray doesn't magically hack your phone without a phishing attack to also get your passwords. Google/Koodo/Telus getting hacked as well to push a fake update on you would require resources well beyond what is worth using on a random individual. If you cannot find the update number via Google anywhere then contact Samsung directly if you're going to ask here but trust no one's answers.

Again what has happened to make you think that a person or organization is using a stingray to target you?
Photo of Paul Deschamps

Paul Deschamps, Mobile Master

  • 199,448 Points 100k badge 2x thumb
Koodo doesnt release any version numbers when they announce an update so the best you'll get is that there is an update available for your device. That said I'm the 3rd person that will tell you it's an official update.

You never did answer why you think that you've been hacked, if you let us know then maybe we can do xplain logical reasons for the things you think are signs of being hacked.

Here's where Koodo's future updates are posted but since it's passed when the update was issued the update isn't listed.https://community.koodomobile.com/koo...
(Edited)
Photo of David

David, Mobile Master

  • 89,024 Points 50k badge 2x thumb