Hacked Smule account

[[Member prit…]]

My account has been hacked by some one i knw, iv changed my password but it made no difference, he is still in my account invading my privacy.. reading all my private inbox msgs and unfollowing ppl iv been following..

Need a solution on wht to do asap!!! PLZ ADVISE

plz can anyone advise nd help!!

Thanks 

[[Member open…]]

Probably best to contact Smule support: https://smule.zendesk.com/

[[Member prit…]]

I contacted them and they just sent me a silly list of ways to block the person, iv done that alrdy but the main problem is that he is still logged into my account.

Appreciate ur help nd response 

[[Member _Ram…]]

1 hour ago, priti09uk said:

My account has been hacked by some one i know, iv changed my password but it made no difference, he is still in my account invading my privacy..

If some one has hacked into your Smule account how did you change your password as the hacker must have changed the password. When my Bank account got hacked I could not access my own bank account. I am a bit confused here. Are you able to go to settings in your Smule account now. Please check again

Ram

[[Member stev…]]

Doesn't changing the password log them out though??

[Guest]

I was hacked, too. I still think they’re is some type of malware on my device. Someone got into my account and even created another account with my e-mail. I changed everything, took my device to Apple, but they couldn’t find anything, but that absolutely does not mean there isn’t anything on your device. There are types of spyware/malware that cannot be discovered unless you take it to someone whose specialty is in that field. There are certified ethical hackers who may be able to help you or if you know someone with a strong computer science background. You can uninstall the apps and eliminate the problem, but that isn’t fair. 

[Guest]

12 hours ago, PeacefulJoin said:

I was hacked, too. I still think they’re is some type of malware on my device. 

there is*

[Guest]

On 8/12/2019 at 1:11 PM, stevejohnson13 said:

Doesn't changing the password log them out though??

Not if you’ve been truly hacked. If he knows your personal information, he can see your password change. Something very important I learned: The first thing the FBI does when they get a new computer is cover the camera. I used to laugh at my spouse when he would tell me to turn my devices in a position where the camera lenses were not on us at night. Now, I have all of the cameras covered, but it’s disturbing to think someone may have been watching me. Even if you log into Smule or any social media, they can watch where you go and who you view. I used to think it was far fetched. Unfortunately not. 

[[Member insp…]]

On 8/12/2019 at 10:41 PM, stevejohnson13 said:

Doesn't changing the password log them out though??

Did anyone ever try this for themselves: change your password and see what happens?

I remember that I have changed my password, multiple times in the past, in some instances from my computer, and in others from within the app as well.

But I continued to be able to use the app on both Android and iOS. I was NOT logged out, or required to re-enter the new password to continue using the app.

There's no log out button in the app, so you can't even do it yourself if you wanted to (no easy way at least). Once you're in, you're in... until you uninstall the app.

[[Member Craz…]]

log out of your account on every devise you have logged into and then reset your password with a random letters/numbers/special characters. only log in on one devise. Does the person have access to your devises? If so you might have to freeze that account and get a new one and see if they can transfer your vip over...if you have it.

[[Member insp…]]

1. I could not find any option in the app to "log out" out of my account. So I had to uninstall the app.
2. I logged into my account from a computer using the website, went to settings to set a new password.
3. I had to enter my old password once, and then a new password twice.
4. Password changed! Work done?
5. When I reinstalled the app on my mobile, it said "checking..." and then they asked
   "Is this you?"
   [Profile Pic]
   @[my username]
   "Yes or No."
   I was me!, so I tapped on Yes. It said "logging in..." & was welcomed inside. They did not ask me for my new password.
6. Inside the app, I could go to settings and directly set a new password. It did not require me to also enter the old password, like I'd done on computer.

What if I had used my account on multiple other devices in the past and then uninstalled it and forgot about it? Then those devices were given to other people with my consent (just shared temporarily, lent or sold - so need not be a person I know).

With this naive security process of "checking...", "is this you?", "welcome!" on each of those devices, even an innocent person not intending to "hack" my account, if they just installed the app and were naively asked "is this you?", could tap on 'yes' simply out of curiosity and be logged in without trouble.

Security and privacy are much more fundamental features than effects, filters, gifts (dubbed "most expressive way to show your appreciation" - really, so you can't simply enter a heartfelt comment to express appreciation?) and "stickers for Snapchat sharing" (why Snapchat?).

Shows their priorities.

[[Member hima…]]

Nice information all

[[Member SHAJ…]]

Was searching on this topic as i have been hacked two days ago.
Hacker sent nasty (vulgar) messages from my inbox.
I was wondering how this can happen.
I use app from the playstore, i change the password almost every 14 days
with the highest possible password complexity.
Hence guessing the password cannot be the reason they got access to my inbox.
How come this can happen ? what methods do they use.

Smule says delete all instances from all devices and then change the password and install.
But this is totally reactive and patching after the mishap. The question is how to protect myself.
The app is really a boon and works fantastic when talked about a singing tool.

Hope to find answers. Thanks very much :)

[[Member SHAJ…]]

Smule helpdesk is saying no one can access my account unless i have given the password to anyone ha ha.

Futher asking me to delete all devices and change the password. But this has already been done. I have only two devices. It seems Smule Zendesk people are totally unware of such hacking incidents, Not only inbox but also members are removed from groups and the groups are been deleted (i mean groups where men can type).

Hope someone has better tips than Smule helpdesk.

[[Member open…]]

Well, if your Smule password is secure, then the attack is likely happening outside of Smule, e.g. your phone itself is compromized, but that’s not something Smule or Sing.Salon can help with. 
Another attack vector are social media connections, for example having your account linked to Facebook. 

[[Member SHAJ…]]

First of all thanks a ton for your reply. These are good tips!

I have exceptionally few apps (good ones) on my mobile as i use it for my work. That cannot be compromized.

My ios device has much apps ( can wipe out and start afresh) which is an possiblity.

Any tips how to unlink smule from Facebook ?

Still, as many others have same issues i would not directly think it's about an inside out attack likewise Groups are been deleted. 

[[Member open…]]

1 minute ago, SHAJU_AESIS said:

likewise Groups are been deleted. 

Well, sure. If someone can send messages through your account, they can also delete anything you could delete. That’s expected for a hacked account. 

[[Member SHAJ…]]

Okay, will presume for now that my ios device is compromised and may be the link with facebook is the door they came in. Will wipe my ios device and unlink the facebook and wait. Thanks for the tips.

[[Member Craz…]]

23 hours ago, SHAJU_AESIS said:

Okay, will presume for now that my ios device is compromised and may be the link with facebook is the door they came in. Will wipe my ios device and unlink the facebook and wait. Thanks for the tips.

It sounds like someone hacked your Google account which auto logs in to FB, Smile, IG, etc. unless you read the fine print and don't allow Google to manage your logins. You can probably look back in your activity and find out how/when and what exactly took place because the person doesn't seem the bright. Chances are if it was just Smule and FB there is probably something a little more personal to this...most random hackers don't soley target that. Which is why I suggest looking at activity history...And switch to a really random password especially on SSO accounts. 

[[Member SHAJ…]]

@Crazyjster appreciate your help/tips, yesterday wiped my ios and restored it as clean device without restoring any settings. Then deleted smule on my android,resetted the smule password then installed back on ios and android (an just to be sure action). 

Your statement sounds logical as my smule password was pretty strong, it has to be via some loophole of permissions to manage apps. Then it's the case with many others who are struggling as me. Would check on with regards activity history, as far as i know i dont allow to manage my logins (will recheck it). I have enabled 2FA every where it's possible.

Will get back to you.Thanks!

 

[[Member Craz…]]

8 minutes ago, SHAJU_AESIS said:

@Crazyjster appreciate your help/tips, yesterday wiped my ios and restored it as clean device without restoring any settings. Then deleted smule on my android,resetted the smule password then installed back on ios and android (an just to be sure action). 

Your statement sounds logical as my smule password was pretty strong, it has to be via some loophole of permissions to manage apps. Then it's the case with many others who are struggling as me. Would check on with regards activity history, as far as i know i dont allow to manage my logins (will recheck it). I have enabled 2FA every where it's possible.

Will get back to you.Thanks!

 

If you had an Android go into your Google history and you should find everything you need...my guess is somewhere there can help you figure out where this started...or at least can help you fix it. 2FA everything! I have been hacked 3 times lol...the first was a pain a few years ago, .. the second was last year, when my work email was hacked and thankfully it wasn't "my devices' but internal sending out some really nasty stuff lol and a couple of weeks ago and attempt except this time  I had a Google alert let me know someone was trying to access my data and gave me this IP address I blocked it and tracked the person/place down..turned out it was a medical facility trying to access an archive my Google data data at 4am...hmmmm. Thank God for 2FA! You end up getting smarter each time lol.

 

[[Member SHAJ…]]

@Crazyjster Very true, 2FA/MFA is a must,a boon for our protection.
Indeed my google activity shows lots of details,sadly i could not find what my eyes desired to see.
My Gmail,FB en linkedin are 2FA, hence assume someone could not have used it easily with any alert to me. No apps were enabled in FB.

The problem is that hackers are threating to join a group, other wise you are prone to get hacked. It's like a smule group war to become which group is mighter. No respect for singing.

True: You end up getting smarter each time lol

[[Member Hobo…]]

Hi, I have faced hacking by a group on Smule since 2017 and couldn't find the source for a while. Later found that my router DNS was hijacked for a Man in the Middle type of attack, so all my data including new accounts, emails and everything else was being viewed by them. Suggest you check your router DNS using reputable websites. Think the group that did it for me is also involved in Android hacking. Anyways, all the best! Stay safe!

[[Member SHAJ…]]

Thanks @Hobolobo2 for sharing your experience. In my case i would look into my router, though it does not apply to few of my friends account (also got hacked) who uses internet bundle from mobile provider. Man in the middle type is good possiblity. My Andrioid mobile came up clean with F-Secure and Malwarebytes, of course beeped about few apps which had more persmisson than needed.

[[Member Craz…]]

4 hours ago, Hobolobo2_ said:

Hi, I have faced hacking by a group on Smule since 2017 and couldn't find the source for a while. L

Seriously? Out of all of the insane things i have seen that may be the most outrageous thing i have ever heard! I guess tbat is one more teason to get a smulephone, i mean iphone, since they are much harder to hack.