How did this hacker do this to my phone? Redmi Note 8 Pro

johnman9000

Member
My phone was a Xaomi Redmi Note 8 Pro. And my carrier was Mint Mobile.

6-8-21 while I was at work. I received 3 texts from Mint Mobile giving me temporary passwords that I never requested. I thought it was odd so I logged into my Mint account from a desktop pc and changed my password.

6-9-21 at 11pm I received 3 simultaneous texts from Metro by T-Mobile. first a welcome message, followed by two more text messages showing a balance on a account of $381.44 and $571.44.

The hacker had ported my phone number over to Metro by T-mobile. As soon as I realized what was happening I called Metro. The rep there refused to help me due to my name not being on the account. And Mint Mobile support is not 24/7 I had to wait until 7AM to contact them.

I quickly tried to change all my email addresses on important websites. and remove my phone number from my email address. But Hotmail still allowed my number to be used for recovery even though I managed to remove it before the hacker gained access to my email account and changed my password and locked me out.

At 7AM I was finally able to contact mint mobile and they said I needed to contact Metro..
Metro gave me the run around and hung up on me..
Finally on the third attempt at receiving help, Metro had found odd activity on my account and decided to help me.
The Metro Rep made a temporary account for me and took my phone number back from the hacker.

At 9AM I was able to go to Metro store and buy a cheap phone and pay for a month of service to gain control of my phone number.

I was unable to retrieve my email address until the next day due to too many password reset requests.
Once I had my email address back I did not find any activity. The hacker must of deleted any emails related to password resets.

I thought all was well and this ordeal was behind me until 6-22-21 when I got a email from "Freewallet", It is a crypto currency website.
I made a account with them back in 2017 and never used them for anything. I had actually forgotten about them entirely.

The email said there was a login attempt from a device "Redmi Note 8" Which was at home without mobile service but connected to my wifi network.
This leads me to believe that this device itself is what allowed the hacker to do what they did.

I do not have any odd apps on my phone. It is just normal basic stuff from the google app store. amazon, ebay, paypal, credit karma, pokemonGo, ect.

There must be some kind of exploit or spyware on my phone that allowed them to retrieve the temporary passwords from mint mobile. which would explain how they were able to find out my account number and pin code. which then allowed them to port my phone number to the Metro network.

Then they must of targeted my email address in hopes of finding some crypto currency to steal. I have used several other crypto websites in the past but currently do not have any.

I think this suggests that perhaps a data leak somewhere may of exposed my email address and phone number along side crypto websites i have used before.

What amazes me the most is if that is true. How they also managed to find the exploit or spyware in my Redmi Note 8 which allowed them to pull this off.

Or is it possible for somebody to spoof a mobile network and receive my text messages on a different device?
That situation might explain why there were three requests for temporary passwords from mint mobile. Perhaps they got it on the 4th try?
But it also does not explain why the attempt at freewallet login came from a "Redmi Note 8" Unless they are able to spoof that also and make it appear as if a potentially "trusted device" was signing in?

I will obviously not use this phone anymore. But is this a common occurrence. and Is it safe to go back to Mint Mobile?
 

depot

Well-known Member
I can’t help you with a lot, but a friend had her bank account emptied by a hacker who had gotten enough information from mainly her Facebook page to go to her phone provider (virgin mobile) a UK operator and get a replacement sim sent to another address, so my advice would be to leave mint mobile and go to a provider that has 24 hour support.
 

finbaar

Active Member
They don't need to spoof anything or do any hacking. They harvest the information that many of us freely provide on social media and then simply go through the mobile networks themselves. This happened to Matt Miller
:


It is highly unlikely that it was your phone being hacked.
 

THX1138UK

Well-known Member
My phone was a Xaomi Redmi Note 8 Pro. And my carrier was Mint Mobile.

6-8-21 while I was at work. I received 3 texts from Mint Mobile giving me temporary passwords that I never requested. I thought it was odd so I logged into my Mint account from a desktop pc and changed my password.

6-9-21 at 11pm I received 3 simultaneous texts from Metro by T-Mobile. first a welcome message, followed by two more text messages showing a balance on a account of $381.44 and $571.44.

The hacker had ported my phone number over to Metro by T-mobile. As soon as I realized what was happening I called Metro. The rep there refused to help me due to my name not being on the account. And Mint Mobile support is not 24/7 I had to wait until 7AM to contact them.

I quickly tried to change all my email addresses on important websites. and remove my phone number from my email address. But Hotmail still allowed my number to be used for recovery even though I managed to remove it before the hacker gained access to my email account and changed my password and locked me out.

At 7AM I was finally able to contact mint mobile and they said I needed to contact Metro..
Metro gave me the run around and hung up on me..
Finally on the third attempt at receiving help, Metro had found odd activity on my account and decided to help me.
The Metro Rep made a temporary account for me and took my phone number back from the hacker.

At 9AM I was able to go to Metro store and buy a cheap phone and pay for a month of service to gain control of my phone number.

I was unable to retrieve my email address until the next day due to too many password reset requests.
Once I had my email address back I did not find any activity. The hacker must of deleted any emails related to password resets.

I thought all was well and this ordeal was behind me until 6-22-21 when I got a email from "Freewallet", It is a crypto currency website.
I made a account with them back in 2017 and never used them for anything. I had actually forgotten about them entirely.

The email said there was a login attempt from a device "Redmi Note 8" Which was at home without mobile service but connected to my wifi network.
This leads me to believe that this device itself is what allowed the hacker to do what they did.

I do not have any odd apps on my phone. It is just normal basic stuff from the google app store. amazon, ebay, paypal, credit karma, pokemonGo, ect.

There must be some kind of exploit or spyware on my phone that allowed them to retrieve the temporary passwords from mint mobile. which would explain how they were able to find out my account number and pin code. which then allowed them to port my phone number to the Metro network.

Then they must of targeted my email address in hopes of finding some crypto currency to steal. I have used several other crypto websites in the past but currently do not have any.

I think this suggests that perhaps a data leak somewhere may of exposed my email address and phone number along side crypto websites i have used before.

What amazes me the most is if that is true. How they also managed to find the exploit or spyware in my Redmi Note 8 which allowed them to pull this off.

Or is it possible for somebody to spoof a mobile network and receive my text messages on a different device?
That situation might explain why there were three requests for temporary passwords from mint mobile. Perhaps they got it on the 4th try?
But it also does not explain why the attempt at freewallet login came from a "Redmi Note 8" Unless they are able to spoof that also and make it appear as if a potentially "trusted device" was signing in?

I will obviously not use this phone anymore. But is this a common occurrence. and Is it safe to go back to Mint Mobile?

One of the ways this can happen is through social engineering. The bad guys learn about their victim through social media posts, and build up enough info to answer basic 'security' questions.

The bad guys then call your 'phone service provider and pretend to be you. They sound distraught and put on a convincing act, and manipulate the call centre operator into believing they are helping a desperate customer get access to their own 'phone. Most people are decent and want to help people in distress, and that's how the bad can do it - by praying on people's humanity.

Regards,
James.
 

Bl4ckGryph0n

Distinguished Member
And don't keep your crypto Wallet online. That is just plain irresponsible. You should always control your own wallet and keep it offline.
 

The latest video from AVForums

Movies Podcast: Star Trek in 4K. Is the new boxset worth it?
Subscribe to our YouTube channel
Support AVForums with Patreon

Top Bottom