Gmail Hacked - Problem Isolated to Droid Phone

[tvan15]

My wife's gmail account sent out spam to all her contacts the other day. We thought her account was hacked, so we changed her password using her computer and hoped we were ok. Later, she plugged her phone into the USB port on her laptop. As soon as she did, the antivirus on her computer alerted her and quarantined a virus (unfortunately she didn't catch the name of the virus that came up.) A little while later she updated her password on her Droid, and as soon as she did her gmail sent out another round of spam.

I've seen a lot of other posts with regards to gmail accounts being hacked, but it seems that in most cases it isn't the phone and changing the password fixes it. This problem seems different. Has anyone else experienced this problem lately?

 

[mwhartman]

I've not heard of this before. My senses is the viris or malware is associated with the Gmail and not phone related. Does your wife access her Gmail on her computer? It would be interesting to see how the virus software reacts.

 

[garrett]

to be quite honest i still doubt the phone is the culprit. when you plug the phone into the computer there is no data transfer that would or could have any affect on the gmail account.

Chances are the virus or multiple virus' are still on the computer that its probably a trojan type with some sort of keylogger.

what antivirus program or programs are you using?

 

[nmos]

I'd still be suspicious of the computer although this might not be a bad time to look over what apps are installed. On my droid at least my laptop does NOT automatically mount the droids file system when plugged in. Google has a feature where you can see the IP address and (sometimes) location of your recent logins which you might find useful.

Sent from my Droid using DroidForums App

 

[donzz]

A friend of mine has a Yahoo account and it sends out spam all the time. He keeps changing his password but that doesn't stop the spam.

 

[harrellj]

Also, most antivirus programs let you view the quarantined file(s) and which malware triggered the quarantine.

 

[kodiak799]

Unless you're downloading illegal apps from Chinese sites I can't imagine you have a virus on the Droid.

 

[brentnotbret]

I just had the same problem. I purchased a Droid X from craigslist (like I have my last 10 phones without problem) on 2/22 and it seemed to be reset to factory, although it had z4root and droidx bootstrap installed. Last night my phone alerted me that the password I had been using for my main gmail account was incorrect. My password had been changed for the account, and once it was resolved with google, it informed me there was unusual account activity the day and hour the phone was activated. The offending IP address was 69.10.189.42, which whois said was from Motorola. My access from my phone was listed with the Verizon IP addresses multiple times. What could this be?

 

[mwhartman]

I just had the same problem. I purchased a Droid X from craigslist (like I have my last 10 phones without problem) on 2/22 and it seemed to be reset to factory, although it had z4root and droidx bootstrap installed. Last night my phone alerted me that the password I had been using for my main gmail account was incorrect. My password had been changed for the account, and once it was resolved with google, it informed me there was unusual account activity the day and hour the phone was activated. The offending IP address was 69.10.189.42, which whois said was from Motorola. My access from my phone was listed with the Verizon IP addresses multiple times. What could this be?

I may be wrong but with Z4 and bootstrap still on the phone it appears that phone was rooted, at one time. The question is how would this impact the issues -- incorrect password and multiple ip listings.

I'm not sure it does but since retiring I've not kept current with the security environment.

I would contact VZW and inquire on the "unusual activity" and multiple ip listings.

 

[Hawaiian Princess]

ok i posted similar problem before. yes I got alerts that my FB info was incorrect, mind u I rarely ever go on there. then I got alerts about yahoo username pswd incorrect, and somehow was sharing info with a motoblur phone but never did download yahoo onto my phone. lastly my business email, with absolutely no baring to FB or gmail, received another alert of pswd incorrect. yes I was able to get the IP location and of course I took action. all emails, all pswds, etc immediately was deleted. file a complaint and had my attorney contact the perpetrator with a law suit.
I had no issues with my pc or laptop and virus apps are updated yearly. hard to say if its 100% that my phone was the culprit, even thou im very cautious and I do know my way around my phone but, there's a kink somewhere. I since then made my carrier switch out my phone.

I just had the same problem. I purchased a Droid X from craigslist (like I have my last 10 phones without problem) on 2/22 and it seemed to be reset to factory, although it had z4root and droidx bootstrap installed. Last night my phone alerted me that the password I had been using for my main gmail account was incorrect. My password had been changed for the account, and once it was resolved with google, it informed me there was unusual account activity the day and hour the phone was activated. The offending IP address was 69.10.189.42, which whois said was from Motorola. My access from my phone was listed with the Verizon IP addresses multiple times. What could this be?

Swype with an Aloha from Hawaii

 

[brentnotbret]

If it is a phone problem, can restoring to factory resolve this? I've already went to the visible programs list and uninstalled everything suspicious sounding. I can't really talk to big red about it, they refuse to help with anything since I don't get phones from them.

 

[Hawaiian Princess]

in all honesty, im not sure. it may be an option but I wasn't about to reset when I just wanted a new phone. made my point with big red, that if the alert came from them then they should be checking on that issue. there's apps out there than can pin point an exact IP location just like gps are used for emergencies. I don't know, but im taking ever precaution to ensure security gaps are not breached on my phone. again I don't wanna believe its a phone issue, could be freak incident but...u never know

Swype with an Aloha from Hawaii

 

[knighthonor]

in all honesty, im not sure. it may be an option but I wasn't about to reset when I just wanted a new phone. made my point with big red, that if the alert came from them then they should be checking on that issue. there's apps out there than can pin point an exact IP location just like gps are used for emergencies. I don't know, but im taking ever precaution to ensure security gaps are not breached on my phone. again I don't wanna believe its a phone issue, could be freak incident but...u never know

Swype with an Aloha from Hawaii

wow what app is that btw?

 

[brentnotbret]

The exact same thing just happened to my wife's Droid 2. This wasn't caught until the next day, and she had a sent email to everyone in her contact list with a link to a website (which was spam) and suspicious activity from the IP 114.157.124.69. No assistance from Verizon on this issue. Rooting, wiping, and liberating her phone right now as we speak. Her phone was purchased from Verizon, never rooted, and only market apps installed.

 

[Natey2]

My wife's gmail account sent out spam to all her contacts the other day.

Did the spam really originate from a gmail mailserver, or did the spam just contain your wife's email in the "FROM" address portion? Looking at the mail headers (contains routing info) on one of the spam messages will tell you.
The latter is quite common (I've seen my email address in the FROM portion of bounced spam I did not send), and if it only targeted her Gmail contacts and did not originate from a Gmail mailhost, one should not rule out the possibility that the spammer obtained her contact list through other means.

Sent from my DROIDX using DroidForums App