How to find out if your phone is hacked

I have had this question come up quite a lot from people asking “hey, how would I know if my phone is hacked, it has been doing some weird things”.

So here is a list of items you should check to assess if your mobile phone might be compromised.

What might show my phone got hacked ?

Check Your Data Usage

Most mobile devices will let you check how much data each app has used up. For apps related to social media it would make sense for them to use up a lot of data. But if you have an app, you barely use, and you can see there is quite a lot of data usage on it. That might indicate that it has been running and sending/receiving data. Compromised apps, may tend to use more data since the attacker may be trying to send data over your phone to their own systems. A good way to measure this is to check your app data usage every month. So, you get to know what the average data usage if for each app you use.

Pop ups or Ads

This one is an obvious one, if you see random ads popping up out of no where. Or random windows pop up on your screen. There is a good chance your phone has malware, and/or an app was installed and could have full access to your mobile device. You should go through ALL your apps to see what you have running on your mobile device. If there is anything that you see which should not be running or installed. Remove the app and check to be sure it was removed with the app no longer showing up as running/installed.

Your Phone gets hot all the time

A phone gets very hot to touch when it’s running an app that takes up a lot of processing power. And, that makes your phone start to heat up. If this is happening to a point where your phone is always super hot to touch. Then chances are a malicious app is running all the time causing your phone to heat up. This is a good chance to view all apps running and see which one has been running the most. It could be an indicator that it is a malicious app and should be removed.

How did I get hacked ?

Rust A Programming Language

Packt has published a new book called “Rust – Web Programming” authored by Maxwell Flitton.

Now, I am totally new to this programming language. But I have to say after spending some time learning it. Rust is a language that has the potential to become very widely used for ecommerce and general websites with web applications. I have decided to create a write up for those that may have some interest in learning about Rust.

Why use Rust ?

Rust solves many pain points which are present in many other current programming languages.

Better memory usage due to better garbage collection. Most common languages such as Python, PHP and Java have a garbage collection process. However, these languages have a process that uses up extra resources and CPU time on the machine to manage and run the garbage collection process.

Speed performance is also seen to faster than most other programming languages. And Rust ever so little trails behind C++ in terms of speed.

It is much easier to learn and understand Rust. Syntax for code is easier to write, read and understand for someone that is new to programming.

Community support is huge for Rust, and you can easily find other devs using it for many user cases.

Earning the Microsoft 365 Threat Protection CCP Badge

I am super honored to say that I am now officially part of the Microsoft 365 Threat Protection Customer Connection Program as a Community Member!

You can view the official badge & details here -> https://www.credly.com/badges/b6a58efe-386f-43c6-a056-2e1defbf45a6/public_url

I have been extremely fortunate to be able to help drive many of Microsoft’s security tools and roadmaps. For those members that are part of the M365 Threat Protection CCP group. They get a chance to contribute heavily to provide feedback on Microsoft Security products. In the end, it helps enhance the security roadmap that Microsoft plans out. Some of the technologies we get to help drive forward and further enhance are listed below.

For example:

Passing the GCFA exam

Recently, I challenged the GIAC/SANS GCFA exam. And I am excited to say I passed and have obtained the GCFA certificate!

This was one of the more detailed courses I had taken in awhile. The IR and Threat hunting sections were not as new to me. However, the memory and forensics section were very deep and detailed. Normally, most organizations will contract out major forensic type of work to 3^rd party external partners. So, the forensics section was something I do not work on as often. But I found learning and getting the knowledge of various ways malware can hide in memory, or how to detect Time stomping attacks from malware was extremely fun and exciting to learn. Feeling incredibly grateful to learn about all these new attack techniques and detection mechanisms.

Prepping for the exam

I highly advise everyone take the SANS FOR 508 course. You can read my review of it here -> https://www.stealthbay.com/review-of-sans-for-508/

The course will prepare you for the exam and cover topics and tools that you will be tested on. There is a lot of material to learn in the course. So, dedicate a good amount of time towards learning the course material and all the concepts. The class itself was amazing especially when you get into Memory Analysis, File system analysis and the Anti-forensics sections.

Passing The Microsoft AZ-900 Exam

Getting Microsoft Certified for Azure Fundamentals

I decided to challenge the AZ-900 Exam, as I got a Microsoft voucher for a free exam attempt. So, I decided to give the exam a crack. Basing it off other peer’s experience, who had already taken this exam. The consensus I had heard is that it should be a simple exam if you have used Azure before and worked on different services (e.g., IaaS, PaaS, SaaS.) I probably spent about less than 8 hours prepping, as I felt the topics seemed general and things I have already been exposed too.

Prepping to take the exam

My personal experience with Azure is that I have worked with it for 3+ years. If you have spent a lot of time in the Azure environment building things, configuring things and managing different items. You will have no problem challenging this exam. Most of the concepts are related to everyday tasks that you would be working on. Or tasks you would have been exposed to at some point while engineering designs in Azure.

Here is a score list of what you need to know –> https://docs.microsoft.com/en-us/learn/certifications/exams/az-900

• Cloud concepts (20-25%)
• Core Azure services (15-20%)
• Core solutions and management tools on Azure (10-15%)
• General security and network security features (10-15%)
• Identity, governance, privacy, and compliance features (20-25%)
• Azure cost management and Service Level Agreements (10-15%)