Virtual Machine - Phone

dasaint100

Hi,

Have had some problems with my phone being hacked.

I have checked the Auditor app and ok there. Would it still be possible that my phone could be used as a virtual machine and be viewed remotely? For certain my Whatsapp is hacked. How can this be proven?

Can software be injected to the phone over WiFi with no trace? Charger plugs are also a possibility.

Thanks

DeletedUser87

dasaint100 how exactly did you determine that you've been hacked in the first place?

yore

dasaint100 Would it still be possible that my phone could be used as a virtual machine

Not that I'm aware of. However, you could isolate your activities with user profiles or Private Spaces.

dasaint100 Can software be injected to the phone over WiFi with no trace?

Simply connecting to a network? It's highly unlikely. Only a dedicated adversary targeting you would attempt that.

dasaint100 Charger plugs are also a possibility.

You can disallow data transfer by setting your phone's USB-C port/pogo pins control to Charging-only. Alternatively, you can power off your device before plugging it in.
See: https://grapheneos.org/features#usb-c-port-and-pogo-pins-control

dasaint100

DeletedUser87

Have arranged to be at certain places/times and there have been people waiting on me without advising anyone else.

dasaint100

yore thanks. Aware of those options.

Regarding the WiFi, if a router has been hacked and the vpn on the router is still active, would it be possible for all packets of data to be transferred elsewhere or recorded apart from the VPN tunnel?

DeletedUser87

dasaint100 that's not even close to an indicator that your phone was hacked. It rather sounds like bad OpSec. Or the person on the other side snitched on you.

r134a

dasaint100 note that i'm not a security researcher, but i think theoretically if your router got compromised, a mitm attack would be possible.

missing-root

The post is extremely vague and confuses a lot of stuff.

You dont mean a "virtual machine", as your phone is very real. You mean remote access.

And no the auditor app should detect if you phone was hacked.

Without telling us exactly what you have installed, how you communicate, what other apps you have from the same vendor etc, what people you met, what other devices are in your room, what other people have access to your phone or can listen to conversations, how you know that "the people are waiting for you" is actually real and not just paranoia, ... we cant help you

dasaint100

missing-root

Yes, impossible to help with exact advice unless you could see it for yourself.

I'm looking for knowledge and advice about what is possible for third parties to have access to full devices remotely (pixel with GOS) or just the WhatsApp app.

Iv read that WhatsApp was hacked years ago by Isreali services and continuously has issues over the last few years.

Possible threats would be physical access to the router I use at home and a portable router I use. Pins/passwords viewed over shoulder. Slight chance of physical access to phone but USB shut off.

Would a sim in the phone and never use WIFI maybe improve this? Always use WiFi currently.

What steps can I use to check phone, apps and network after Auditor is OK?

Wireshark work well? Easy to use?

TrustExecutor

There are a multitude of reasons the scenario you describe could develop without your phone being hacked. With "phone" do you mean your communication app? The hardware? What security measures do you take when using your phone and do you practice good opsec?

dasaint100

TrustExecutor Could be Whatsapp, The OS or the hardware.

Use a VPN router for connection, Tor as VPN, separate profiles, airplane mode, keep updated GOS.

freezet

dasaint100 Could also be a GPS tracker or other oldschool things like stalking etc, whatsapp would be one of the last things to look for since its one of the most expensive means

r134a

My advice would be to consult a security researcher/security consult if you are really worried.

They will likely then follow up with targeted questions regarding your environment & observations.

If they decide after that, that your story is plausible, they might perform audits on parts of your environment to exclude/confirm things.

This will likely cost some money.

The data provided here is to vague and to little, and frankly indicates,with all due respect, a poor understanding of cybersecurity.

To be clear, i'm not suggesting you are right or wrong. There's just no way of knowing for us is what i'm trying to communicate respectfully, and provided u with a option which will either confirm/disprove your suspicions.