Malware (?) on second hand pixel with GrapheneOS

Rik1106

Hello, I bought a 'new' 2nd hand Google pixel 8 pro today, the phone already had GrapheneOS on it (which I didn't know beforehand and don't need yet). So I had GrapheneOS overridden by Android at home using the normal method but now I'm wondering if there could still be malware on the phone that this didn't remove? At first glance, the phone seems to work normally and no malicious apps have been detected. Thanks in advance

TheGodfather

Rik1106

Follow these steps, if GrapheneOS is already installed, then you should be fine:

Do a factory reset
Compare the hash shown during boot and compare it to the hashes on the GrapheneOS website
(Optionally) use Auditor

If the stock OS is installed, replace the first step by installing GrapheneOS.

other8026

Rik1106 So I had GrapheneOS overridden by Android at home using the normal method

Are you saying you flashed the stock OS back on the phone by following these instructions https://grapheneos.org/install/web#replacing-grapheneos-with-the-stock-os and locked the bootloader afterwards? If so, you're fine.

Rik1106

other8026 Thanks for your replies. I did it using the video from “Side of Burritos”, I did find out now that I hadn't erased the non-stock key yet. I did erase it now afterwards by unlocking the bootloader again and locking it on the GrapheneOS site. So now I've done all these steps normally.
My main concern was whether malware could now remain after these steps due to a previously installed bad version of GrapheneOS? (I didn't compare the key hash before overwriting it, so I don't know if it was a good or bad one)

raccoondad

Rik1106 My main concern was whether malware could now remain after these steps due to a previously installed bad version of GrapheneOS?

If you downloaded it from GOSes website, it's not.

Regardless you are fine

Rik1106

raccoondad I bought the phone with GOS already on it, so I don't know if it was the official one.

raccoondad

Rik1106 ah, then reflashing will solve any concerns.