• General

  • Voice message recorded and sent without consent?

I'm going to begin by admitting I think this one is bizarre, but I have to find out what the hell happened. I'm not an Android or GrapheneOS expert, but have been using GrapheneOS for about 18 months so I know what is normal behavior and what is not. I can't find anything about it searching online. Here goes - It's a 7A. I had a bluetooth headset attached.

I was in a user profile and sent a text message to my partner using the stock message app. I got a reply and then pressed the top right button to blank the screen and put it in my pocket. About 20 seconds later and over the headset I started to hear prompts that said something like the following (I'm not totally sure);

  1. "recording message" or "message recorded"
  2. Press (a number to do something) - I'm not sure what it was. I was in shock about the first part of the message and was scrambling for the phone.
  3. Press 5 to delete
  4. press ? to send

Parts 3 and 4 repeated two more times as I scrambled to get to whatever was happening. I pressed the button and put my passphrase, looked at what was open in recent and saw nothing applicable so went to home screen and launched the phone app trying to see the dialer and delete whatever was happening. I couldn't see anything in progress and then I heard "message sent". Shocked and confused is an understatement. WTF! I hadn't pressed anything.
Attempting to find out what just went down I checked my message app and phone app and recents, but nothing relevant. My partner didn't get any other messages or voice message, so whatever happened didn't go to them despite being the last person I interacted with, and that being hours apart from any other call or text.

Does anyone know what happened?
Can anyone tell me how to find out what happened?
Has this happened to anyone else?

    cyberdunce It's hard to say what happened. It sounds like maybe you accidentally pocket dialed voicemail? I don't think that would show up in recent calls.

    Check Settings > Security & privacy > Device unlock > *the cog next to screen unlock. Is "power button instantly locks" enabled? If not and tap to check phone or lift to check phone are on, then after locking the phone with the power button, it might be possible for the phone to unlock in your pocket.

    This is the only thing I can think of that would cause what you're talking about. Maybe someone else has other ideas?

      Thanks, but that is enabled/toggled on, and why I scrambled for the passphrase to get in and see. I blank the screen intentionally as soon as I am done with whatever I'm doing, locking the phone. Good suggestion though.

      The only thing different that day - Earlier in the morning I installed Auxio player APK via Obtanium. :shrug:

      cyberdunce Is your cellular carrier able to give you a call history?

      Do you have any non-carrier apps that allow calling out to the telephone network?

          de0u
          Thanks, I'll see if the carrier can do that for me. There's no records in the phone app or device that I can see.
          By non-carrier apps do you mean things like Signal or Telegram, or just dialers? I don't have any of that. I only have the stock Graphene phone/contacts/messager and Element, which I guess can call, but it shouldn't be on the SIM right?

          • de0u replied to this.

              de0u I'll ask my partner to check Matrix, but I didn't use the app and the screen was locked. It's all very strange, and why I'm asking here.

                  I'm definitely going to talk to my carrier after reading about SIMJacking. This is a new-ish SIM which I've transitioned to over a short time. Almost from the get-go I have had spam SMS from Didi, the ride share company. I've had four in total over some weeks and I got one that morning early. I never open it and the number should be blocked from the first instance. I've just now read about a massive scam involving Didi impersonators. I don't have Did app, NEVER used Didi ever, and don't ride share full-stop. Now I'm paranoid. The first time it happened was hours after initializing the SIM. I was thinking "brand new SIM and number on a new phone and new carrier, haven't even called anyone yet, and the spammers fucking found me!"

                  Fucking technology! I have been using an old 3G dumb phone for calls and text and had NO issue, No spam, No advertising, No hacks for decades. Being forced off the 3G network I try to get the most secure "smart" thing I can find to use, leave it stock-ish, harden it a little and still dumb shit happens almost immediately. Is it possible someone at the carrier is feeding scammers/spammers new numbers to attack?

                  Phone numbers are always being "recycled" so it's basically expected at this point that if you get a new number, you'll receive some degree of spam/wrong numbers calling and texting. It's annoying but is just the limitation of the current "phone number" technology we have.

                    GrouchyGrape I realize because my partner has a number that gets calls and texts from debt collectors chasing someone else. Because of this I rang the carrier to initialize the SIM and specified a new number. I confirmed before hanging up it was new and not a recycled number. :shrug:

                        I've just run auditor with a second Graphene/Pixel I've had about 12 months, and all looks OK. The second Pixel has never had a SIM, and has never misbehaved. I think I can assume this is an unexplained anomaly or some kind of compromise that didn't get too far. There's no evidence or trail or log, which is weird because these devices watch everything. I'm going to contact the carrier and ask for my call and text records for that day.