If someone were to shoulder surf my pin and temporarily gain access to my phone what is the worst case scenario. I'm imagining someone rooted it and installed some sort of surveillance app or something reset it and restored it via seed vault. Not sure if that exactly would be a valid attack method but something along those lines. Anything disastrous and anything that could survive a factory reset? My apologies if this is a dumb question.
Whats the worst case scenario (Unattended root?)
The easy route to getting a lot of oversight is installing some advanced stalkerware that is granted the ability to act as an accessibility service. This gives it very elevated privileges and makes it possible for it to hide itself.
Can check for Accessibility Services using Auditor.
It wouldnt resist a factory reset.
[deleted]
Carlos-Anso would this be detectable in the list of running processes (or cached)?
- Edited
Worst case I'd say would be the attacker downloading CP onto your phone and alerting the authorities or the local vigilantes. EDIT: Or blackmailing you with that. Or framing you for some other crime with the phone.
[deleted]
Apps granted the ability to act as an accessibility service can see what you are doing and alter what you see.
Thats why Auditor detects if any apps have this granted.
[deleted]
Carlos-Anso thank you, you have, albeit indirectly answered my question.