Question

Personal data be compromised after 3rd party backup attempt?

So I was going to reset my old s7 and wanted to backup the phone before I erased everything. I kept coming across wondershare Dr fone. I was tired and seemed fairly simple and since there were no obvious scam/Hack alerts to be found just Quickly browsing. I thought i'll give it a whirl. Should have not ran it apparently.

So I connected via usb to Windows and started the program - > Phone instantly gone to download mode and apparently the software is trying to root or set some firmware to gather data - > Software doesnt work and phone stuck in endless bootloop - > recovery mode gives no command but starts after hanging a few seconds 10 or so - > Do a factory reset from recovery and Log back into previous Google Account required so I Do it and do a normal reset - > Reset goes in normal but when setting up clean phone it gives me a Security alerts "unauthorized activity noticed" and deviCe Security guides me to restart phone to reset changes.

Really spooky not knowing what the software did! Can you guys please help me figure out? Didnt find anything on web that indicates Dr fone stealing data or hacking, just ripping Off payments.

- How do I know I'm on stock ROM and nothing suspicious was left on the phone?
- Should I flash stock ROM just in case?
- Can my personal data, passwords etc be compromised if I dont use the phone?
- Could the Windows app itself have gathered personal info somehow. Can I check it out from Logs? I have the Logs in AppData
- Anything else to be concidered except changing password?

I found out that after factory reset Im getting a Security alert even though firmware and everything else seems original. Could this be knox efuse that triggered when software tried to root? Can I check the firmware some how for possible flaws/changes?

Seems like there are plenty people in trouble with Dr fone gone bad, maybe we Could help others too. Thanks in advance!

Discussion is locked
Follow
Reply to: Personal data be compromised after 3rd party backup attempt?
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: Personal data be compromised after 3rd party backup attempt?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
Answer
Not a product I would use or even go near.

I just switched phones and used google's own sync feature but that would not be an option to folk that demand no cloud backups. Those folk are usually stuck.

- Collapse -
The risk of personal data theft?

Yeah I switched phones a while back and didnt want my old things to my new phone. Still I want the backed up just in case. Searched so long I got frustrated and just ran it.

Now I'm wondering if my data could have been compromised. I mean the only way it could have work edes is that my Windows app sent data forward but not a single malware, antivirus or firewall detect anything harmful. Event viewer only shows a single error from that time that could have in theory been some sort of memory exploit.

Do you think I'm safe or should I worry if there are no actual signs of theft?

- Collapse -
The problem of smart phones

Is that it's full of places it can leak so folk that worry would never have a smart phone. I don't use mine for finances because of this. So what if they get my contact list and watch me play Dwarf Fortress. Read https://www.explainxkcd.com/wiki/index.php/1223:_Dwarf_Fortress

There is no theory needed here. Smart phones are very leaky. CIQ was found hiding out a few years ago so this is baked into smart phones. https://www.google.com/search?q=ciq+mother+of+all+rootkits

If you get down to it, you would never put anything on a smart phone that you could not leak.

- Collapse -
So basically...

I shouldn't worry about data being compromised when there are no signs of it because it propably has already leaked at some point already?

Spooky.. Thank god I use 2-step auth

- Collapse -
About 2 step. Nice idea.

But a member here was hot as lava over being locked out after their phone died. Be sure you can undo this.

CNET Forums