[Offtop] account was hijacked

[Bakunetsuuuuu]

When I tried to Bootloader Unlock my Huawei tablet using this software, a Vietnamese person suddenly accessed my Google account. I was saved because I had a passkey prepared, but it seems like the software was accessed the moment I pressed the button, which makes me suspicious. I can't say that this software is bad in general, but I am concerned about the moment I use it. Just to be sure, I would like the developer to check whether there are any vulnerabilities in this software.

[werasik2aa]

This software c# project which open source. It didn't hijack accounts. The only one place where you can download it's github. Ready to compile from source.

Its flashing only .img files to device. Nothing more. I don't know how he get access, but in unlock frp button only one function flash .img images via emccdl.exe

Devinfo.img and cleaned frp.img with edl9008 mode. After hard reset and this frp unlock, you can setup it as new. Maybe you have viruses.

And

[Bakunetsuuuuu]

Considering this possibility, I initialized all the devices I used just to be safe. The only mystery is that it happens as soon as you use this software.

[werasik2aa]

Do you watch news? Google has vulnerability where hacker can access you pc if you download tools from unofficial url download links.

Maybe you downloaded this tool not from github?

[Bakunetsuuuuu]

No, I think it's unlikely because I check to see if the URL is official before downloading. I don't think this software is bad. It's possible that I was accidentally attacked by a zero-day attack...

[werasik2aa]

Hm maybe. Because only github contains this tool. I'm never publish it on another direct links or sites. I too thinking it's zero-day attack. So i'm closing this issue as it completed. You can simply decompile your tool using dnspy ​​or ilspy and check the source code if it's not downloaded from github.