So my mother recently divorced and her (ex)husband had set up some type of virus/malware/keylogger on both her latop aswell as her phone before she left. He was reading her emails / whatsapps / messages, kept deleting important emails, logged into her email and wrote emails unsing her email adress, pretty nasty stuff over all. She changed her password multiple times after leaving but it kept happening.
At first she didn’t want to believe me but now we are 100% sure it’s him:
-her laptop which she was using at his house while the divorce was going on had no password
-he knew the password to her phone
.while she was logged in her email she recieved an import email about the divorce which got deleted seconds later without her even touching the keybord/mouse
-he said things on the phone which he could only know by reading her recent emails
-he’s pretty good at IT stuff
-he knows how to use tor browser and how to access/use the markets really well
-some weeks ago he sent me a really mean whatsapp which contained information he could only get by reading the latest whatsapp conversation between my Mom and me
-Lots of free time and anger since the divorce
-stuff like this; much mure evidence after all but not really important right now I guess
Today we went to an IT expert to get evidence and I talked a bit with the IT guy about tor etc. and viruses in general and he said something along the lines:
“Nowadays it’s so easy to get efficent maleware from clear/darkweb – you can easily get a 10-20kb toolkit to install malware on any type of device – I recently underwent technical training where they showed us how it is possible to install malware using a gif or video. You suspect nothing, open the gif or video and while you are watching a giraffe moving its head up and down the virus is being installed in the background without you even recognizing or getting a notification from your device.”
This wasn’t something new to me in particular, I can’t explain it well but since a gif/video is made of code it’s possible to hide an executable in the code and trick your media player into executing it while reading the code or something like that, correct me if im wrong please.
On our way home we were talking about how crazy this stuff is and that’s when I realized:
On easter sunday our family was writing things like “Happy easter everbody!” and was sending like funny pictures of rabbits in our whatsapp family group (which he is still a part of for whatever reason) and he (her ex) sent a 12 seconds video in the group aswell.
This is VERY untypical! He had NEVER sent a video or gif to any of us before, let alone to the group… Also, this was the first time he wrote to the group or contacted any other family member besides my mother and me since the divorce. He had no reason because of how the divorce went – let’s just say there is no chance they will get together again…
Is it possible that this mp4 file was “infected” with malware? Pretty sure every member of the group openend the video because even without knowing the stuff I wrote we found it pretty strange…
And if so what is the best way/ antivirus to find out? (We are all using android)
If this is not the right subreddit to ask can you tell me what subreddit I should post this to? (IT guy says it takes him 2 days minimum to go through my moms devices and I got really paranoid right now so I just want to get as many opinions on this as possbile)
Thank you very much in advance!!