What to do after a malicious redirect?

benj4912

I recently experienced a malicious redirect using Vanadium (all the Graphene privacy/security settings on, but Javascript was enabled) after trying to visit a Wordpress site. Nothing loaded except a popup from the phone asking permission for the site to send notifications, at which point I closed the browser.

I'm getting old and haven't been tech savvy since before smartphones, Pegasus etc. were a thing, so I'm wondering how concerning a redirect attack like this is when using this OS and whether it warrants reformatting the phone (or other steps). I'm not a criminal or a high value target or anything, but I am an immigrant and have good reason to think I would be a target for surveillance by my country of residence's state security services. Thanks in advance.

raccoondad

benj4912

"redirect attack", a redirect is a standard function, I can call it in php using header() or using Javascript client side.

You are fine, assuming you didn't download and install anything (you would know)

de0u

benj4912 You can check the integrity of your system partition by rebooting and verifying the GrapheneOS signature fingerprint against the installer page on the web site.

NetRunner88

A site asking to send you notifications through the browser is classical. Even if it may be annoying at some point. You can for example totally use browser notifications from your mail webclient.
With the amount of infos you provide, I perceive what you describe as a bogus site with a notification function for whatever it is supposed to tell you.
You have closed the browser because it was not showing what you expected. That's good. But you do not need to take further actions imho, you should not become overly paranoid at this point.

benj4912

Appreciate the responses. I've tried out the attestation app for the first time just to be on the safe side as well. Cheers.