Android text app uses tons of battery, anyone else notice?

[Red Squirrel]

I have a DTEK50, just started doing this maybe in past few weeks or so, was there some kind of update? Any time I receive a text, my phone gets extremely hot. If I read the text and leave the app open, same thing, but as soon as I close the app (like just discarding the window) then it cools off. In battery settings it shows that it's using 2% of battery which may not seem like a lot, but it's in very short spurts. If I let it go long enough I'm sure that number would go higher if the battery survives.

Anyone know what could be causing this?

 

[VirtualLarry]

Your phone is hacked. IMHO.

 

[Red Squirrel]

Crap, really? How would I even begin to check that?

 

[Red Squirrel]

Yeah I think something is up... I have pfsense logging traffic for my phone's IP and when I open the text app I see tons of traffic to Facebook. I don't even use Facebook on my phone or even have the app installed... It's HTTPS so no real way to know exactly what it's requesting or doing.

 

[Red Squirrel]

So how would this happen anyway? I hardly even use my phone for anything and it's always connected to wifi so it rarely faces the internet directly, but it does any time it's on data... so not sure how secure Android is and if there's any weird ports it might be listening on that are exploitable?

I am definitly hacked. I'm seeing lot of weird traffic every time I open the messenger app. HTTPS requests to Ireland, as well as one to an OVH server that I can't seem to find much info on, they never setup a reverse DNS.

Thing is it's not really a LOT of traffic, not enough for it to use so much battery, so no idea what the hell it's doing, bitcoin mining maybe?

Guess I need to figure out how to reload the OS. I can't seem to find much info, and all of it is for Windows. But I'm more worried about HOW it even happened, because I clearly have a hole open somewhere, but where? I'm worried the rest of my network might be at risk too now.

 

[UsandThem]

Do they even provide any security updates for that phone? If not, that could be the reason you picked up something nasty.

It said it shipped with Android 6.0, which is horribly out of date at this point.

 

[Red Squirrel]

I still get updates, one of the selling points of that phone is that they would continue to provide updates for a long time. It's not really that old either only been a few years maybe since I got it. Think I got it in like 2016 or something. But even without updates, it's still worrying that such an attack vector even exists given I tend to keep it on wifi... Even once I do figure out how to reload it if the attack vector still exists I'll just get hacked again.

 

[UsandThem]

I still get updates, one of the selling points of that phone is that they would continue to provide updates for a long time. It's not really that old either only been a few years maybe since I got it. Think I got it in like 2016 or something. But even without updates, it's still worrying that such an attack vector even exists given I tend to keep it on wifi... Even once I do figure out how to reload it if the attack vector still exists I'll just get hacked again.

A lot of people worry about security issues in Windows, but phone/tablet OSs that the manufacturer no longer supports are the worst security threats IMO. Not to mention Google has received (deservedly) a fair amount of negative press concerning the way they manage the Google Play store, allowing apps with malware. Their app vetting process has been pretty lackluster in many regards.

For example, I have a Samsung tablet that had it's last system/security update in July 2018. Samsung provided updates for about 18 months, and after that they moved it to EOL I really only use it to browse Anandtech when I'm too sore to sit, and need to stretch out. Outside of that, I wouldn't trust with any kind of sensitive data.

 

[Red Squirrel]

Yeah but if I don't actually install bad apps, just wondering how it even happened? Like I guess while it's on data it's facing the internet directly without a router in between, is that when it tends to get hacked? Is there a way to disable data, but still be able to send/receive images in texts? That's literally the only reason I use data for, as the caps are too small to use it for anything else and that does not count for the cap.

I was able to uninstall updates and reinstall them. it won't let me uninstall the whole app - I hate that so much about Android, lot of apps are basically locked in and you can't uninstall them. But it seems that MAYBE that got rid of the virus, but it's still early to tell. It still feels the phone is getting hot when the messages app is open, but I don't seem to be seeing weird traffic anymore.

If it does turn out it's EOL is there a way to still get the security updates? Like trick the update server into thinking it's a newer phone or something?

 

[UsandThem]

If it does turn out it's EOL is there a way to still get the security updates? Like trick the update server into thinking it's a newer phone or something?

Not unless you are able to "root" it, and install user created OSs and such. You can do this on some phones, while others it's pretty much impossible.

I've never messed around rooting phones. I usually end up getting a new phone once it has been in EOL status long enough. Google will continue to update apps on it, but the phone manufacturer is the one who provides the bulk of the major OS updates. Even when a person buys one of the new Google phones, Google only guarantees to provide 3 years of updates for it.

It sucks because my Samsung tablet is still good, but usually the software support ends for it long before the hardware does.

 

[Red Squirrel]

Wow that kind of sucks then. I wonder if the updates I keep getting are actually just the app ones and not the security ones. When I search DTEK50 on Blackberry's site it's like if it does not even exist, I can't find anything on it.

Are there brands that have updates for longer? I don't really want to have to buy a phone every couple years just because of updates. If flip phones had querty keyboards I would seriously consider going that route, I actually hate the current ecosystem of phones, they are too closed, and only designed to spy on you. I could get away with just texting and making phone calls tbh. I would MAYBE miss the GPS function for when I go check out bush properties, but I could probably get a dedicated GPS for that or something.

Still bothers me that I got hacked though without knowing what the entry point is. Only thing I can think of is I opened a text a while back that was just blank. I wonder if that's how I got hacked. I did not realize it was not someone I know until it was too late since I just opened it right away without checking who it came from as I was going to check that in the text itself. I do recall hearing that it was possible to get hacked with specially formatted texts.

 

[UsandThem]

Wow that kind of sucks then. I wonder if the updates I keep getting are actually just the app ones and not the security ones. When I search DTEK50 on Blackberry's site it's like if it does not even exist, I can't find anything on it.

You should be able to see that info in your settings. From my Galaxy S10+ settings:

Still bothers me that I got hacked though without knowing what the entry point is. Only thing I can think of is I opened a text a while back that was just blank. I wonder if that's how I got hacked. I did not realize it was not someone I know until it was too late since I just opened it right away without checking who it came from as I was going to check that in the text itself. I do recall hearing that it was possible to get hacked with specially formatted texts.

The people who create the malware are usually pretty smart / sneaky, so it's tough to say how you got it for sure.

Maybe what you received was a script, and without having any of the most recent security updates, it was able to execute on your phone.

 

[Red Squirrel]

For me it says it's up to date, but I also found somewhere else that says security patch level is 2018... Well that sucks then.

Also it's still doing it, if messages app is open, the phone gets super hot. I wonder if it's texting random people from my phone to spread the virus... and it's probably doing other stuff in the background too. Not finding much info on how to reload the OS. I really don't want to spend money on a new phone right now but I might not have a choice. I'm seriously considering a flip phone I really don't want to have to keep dealing with this crap. At least with computer OSes they are more open and don't have to worry about updates stopping so soon on a given distro.

 

[UsandThem]

Probably best to do a factory reset (in the settings) on the phone at this point. Who knows what you ended up with.

 

[Red Squirrel]

I'm trying to figure out how to reload the OS but not finding much info. I don't imagine factory reset will do much with a virus on it as if it's a well written virus it will probably be persistent. I turned it off and put it in the microwave for now in case it can still do stuff while off, as phones technically are never off.

Starting to wonder if this was sending texts with the virus to random numbers. That's probably why the texting app was using so much battery.

I also realized I have no way of waking up tomorrow without my phone... my alarm clock broke a while back and I have yet to replace it so I've been using the phone. I'm a bit in a pickle right now lol.

Not sure if I'd trust airplane mode to work as intended when it has a virus. Maybe I can wrap it in foil? lmao.

Sucks though, really don't want to be spending money on a new phone right now but looks like I'll have to either way.

 

[VirtualLarry]

Welcome to the "security hell" (or lack thereof) that is the existance within the Android operating system and phone/carrier agreement (thus, no updates for your phone, unless they come through your carrier).

 

[Red Squirrel]

Welcome to the "security hell" (or lack thereof) that is the existance within the Android operating system and phone/carrier agreement (thus, no updates for your phone, unless they come through your carrier).

Wait seriously, is that how it works? That's freaking retarded. Is there a way around that at all? Like a way to spoof to the update server that it's a carrier phone?

 

[MrSquished]

Android lags behind Apple with both security and software updates. The best supported phones are the Pixel models. They get at least 3 years of security AND software OS updates. Which should hopefully increase. Samsung just announced they will start supporting at least some models I heard with 3 years of updates as well. Motorola had something where phones ran a pretty much pure Android OS and they got 3 years of security updates and 2 years of software updates, not sure if that's still going on.

 

[Red Squirrel]

Hmm only 3 years though? That's still quite short. I don't really want to have to upgrade that often not to mention the waste that generates in the landfill. But if I go apple I'm probably going to be forced to anyway too right? What a shit show the smartphone ecosystem is. Wish it was more like PC where the hardware is standard and you can just put any OS (ex: like putting Linux on a PC) you want and for updates to just continue for virtually ever as long as you use a new enough OS.

Still trying to reload it but if I'm not getting any security updates I'll probably just get hacked again as I don't know how they got in so I won't know if that security hole is still open... I just hope the rest of my network is not hacked too, I don't know if they got in through my network first or through the short time my phone is on data and directly connected to the internet. Or maybe it was in fact that text I opened.

Really don't want to spend that kind of money but I might start looking at phones... I was doing brief research last night and found an interesting looking Motorola one for like $300, so hopefully I can get something in that range.

 

[MrSquished]

Hmm only 3 years though? That's still quite short. I don't really want to have to upgrade that often not to mention the waste that generates in the landfill. But if I go apple I'm probably going to be forced to anyway too right? What a shit show the smartphone ecosystem is. Wish it was more like PC where the hardware is standard and you can just put any OS (ex: like putting Linux on a PC) you want and for updates to just continue for virtually ever as long as you use a new enough OS.

Still trying to reload it but if I'm not getting any security updates I'll probably just get hacked again as I don't know how they got in so I won't know if that security hole is still open... I just hope the rest of my network is not hacked too, I don't know if they got in through my network first or through the short time my phone is on data and directly connected to the internet. Or maybe it was in fact that text I opened.

Really don't want to spend that kind of money but I might start looking at phones... I was doing brief research last night and found an interesting looking Motorola one for like $300, so hopefully I can get something in that range.

If you are going to spend around $300 on an Android phone consider spending the $49 extra for the Pixel 4A, get the at least 3 years of updates, potentially more, and it's a good phone all around. Nice camera at that price point, if that's a feature you use.

 

[Red Squirrel]

I'm not finding it for that price, they seem to be going for the $600-$800 range. This is the one I was looking at, not dead set on it yet just came across in my search: https://www.amazon.ca/Motorola-Moto-Power-Unlocked-International/dp/B087C9RVRG?th=1

I would just need to make sure it works with Lucky Mobile (part of Bell) but if it works with Rogers and Telus chances are good it will.

Is there a way to find out how long a given phone gets security updates for? Also still find it odd that security updates are separate from normal updates, since I get normal updates. I just always assumed those updates fixed security issues too.

 

[WelshBloke]

Is there a way to find out how long a given phone gets security updates for? Also still find it odd that security updates are separate from normal updates, since I get normal updates. I just always assumed those updates fixed security issues too.

There are app updates that you should get pretty much forever regardless of phone (unless you are running something so old that modern apps won't run on it), there are security updates, and there are OS updates.

Have you tried resetting your messaging app them downloading the Google one on the playstore?

 

[Red Squirrel]

It does not let me delete the message app, and since it's hacked I don't really want that lingering around anyway. The phone is wiped now, just trying to find the image file for it. I thought it was part of the package I downloaded but looks like it wasn't as now it's just going into the boot menu.

 

[Red Squirrel]

Found this one too...

Nokia 7.2 (TA-1178) | 128GB+4GB RAM | 48 MP Triple Camera with ZEISS Optics | Google Assistant | Android 10 & Android 11 Ready | LTE 4G Factory Unlocked Smartphone | 2-Day Battery | Single SIM | 6.3-Inch Full HD Screen | Charcoal : Amazon.ca: Electronics

Nokia 7.2 (TA-1178) | 128GB+4GB RAM | 48 MP Triple Camera with ZEISS Optics | Google Assistant | Android 10 & Android 11 Ready | LTE 4G Factory Unlocked Smartphone | 2-Day Battery | Single SIM | 6.3-Inch Full HD Screen | Charcoal : Amazon.ca: Electronics

www.amazon.ca

A little more than what I want to pay but specs look pretty good for the price range.

Nokia 7.2 - Full phone specifications

www.gsmarena.com

Just don't know how long I get security updates for... don't want to pay $400 and find out I'm back to square one in 3 years from now.

 

[VirtualLarry]

Just don't know how long I get security updates for... don't want to pay $400 and find out I'm back to square one in 3 years from now.

That's the Android ecosystem, like it or not. It's NOT a PC. Microsoft is actually really good to their customers (and even non-customers, if you know what I mean).