About three weeks ago, I accidentally ran a trojan on my Windows 10 PC while my Samsung A14 was connected via USB. I thought reinstalling the OS would resolve the issue, but two weeks later, I started noticing suspicious activity on my phone, like a reset password email being clicked without my request. I did a full factory reset on my phone, opting not to recover any apps or files. However, shortly after that, I found strange APKs showing up in my files, which I deleted immediately. I checked all permissions, and no apps had permission to download anything. The situation escalated when I saw unfamiliar games in my Roblox account, which is only logged in on my phone. I don't know what else to do since I've scanned my phone with multiple antivirus programs like Bitdefender, Malwarebytes, Norton, and Avast, and nothing seems to be fitting the profile of traditional malware. I'm also doubtful it's a remote access trojan since I noticed these issues while actively using my phone.
2 Answers
It sounds like your phone might be infected with spyware or a remote access tool (RAT). These types of malware can sometimes evade detection by antivirus software, especially if they're designed to remain stealthy. Since you've already done a factory reset but are still having issues, it might be worth looking into the specific apps you have installed and their origins before the reset. Also, ensure your Google account is secure; change your password and enable two-factor authentication just to be safe!
Definitely could be a spyware infection, especially with how it's interacting with your Roblox account. Even if the antivirus didn't catch anything with your internet off, it’s still possible for certain types of malware to hide. You might consider flashing the firmware on your phone completely as a last resort, which could help remove any hidden threats.
I was hoping it wouldn't come to that! But if it's the only way to be sure it's clean, I might have to look into flashing the firmware.
But how could it have persisted after the factory reset? Shouldn't that clear everything? That sounds really alarming.