Question
-
Topic
-
Can a link hack a phone without downloading anything
LockedThere have been a link roaming African/Asian countries social medias (starting with India) in the name of “amazon 30th anniversary” when it reached my country on June 9th I still haven’t heard about it yet but strangely I got a link from an old friend who I have talked to in a month or so but since I was using Facebook lite (with many bugs) the description of the link which could have saved me and prevented me from opening the link didn’t show up so I had to open the link myself to see it
It was a fake and poorly designed copy of the Amazon page but with a survey consisting of 4 steps and a timer1- answer 4 basic questions. What is your age? What is your gender? What is your phone’ OS? What is your opinion about the service?
2- choose 3 boxes out of 9 to win the prize (and of course I won)
3- share to 20 friends/5 groups
4- download an app (and sometimes it would be instead a premium subscription through your phone number which would consume all the phone’s balance)I did all 3 steps but when there was the 4th step I suspected malware so I left
It was all good thinking to myself I am a 2000IQ because I didn’t fall for the malicious apk part bla bla
And I scroll Facebook to see anything new and suddenly my whole country (and I literally mean it including news media) is talking about the link
At first I was like “yeah they must be warning that the link might trick you into downloading malware so don’t download it” so I considered myself safe as I didn’t download itBut what they were talking about was “opening the link might lead to malware on your device and your device falling under the hacker’s control”
Here my heart dropped so I downloaded 3 AVs even though I know would be useless and no threat came out then checked on VirusTotal and it came malicious/malware by 5 AVs
3 phishing and 3 suspicious/spamI did all the necessary steps of recovering like changing password clearing browser data and backing up stuff etc but I didn’t factory reset because I can’t for now as I am busy and restoring would take long
Could the link really have hacked me instantly as people claim? or are they just spreading fear because I didn’t see any suspicious activity until now+ the link didn’t attempt doing any drive-by download or try to download/install anything in the background (knowing that because I checked my file explorer and it showed the most recent file to be a day ago and recent installation/update from settings was a new game and a fb update)