How To Remove Spyware By Flashing The Firmware of Your Phone

Flashing firmware is the only practical way of getting rid of spyware if your phone is infected with it.

Published
Tech News
4 min read

Spyware has been making the headlines, mostly because of Pegasus, the spyware used to infect specific devices through Whatsapp and snoop into activities of those users. Now, most experts have suggested that the only way to get rid of spyware is to change devices. However, that’s not the only option available.

As pointed out by Sergey Nikitin, Deputy Head of Digital Forensics and Malware Analysis Lab at Group-IB, the affected users will find it hard, but it’s not impossible. “To clear the device of spyware, it is necessary to reinstall its firmware and fully renew the device’s system partition, which is not impossible to do by oneself at home, but would be hard for an ordinary user.”

So, in this video, courtesy an ethical hacker who wanted to remain anonymous, we demonstrate how users can flash their devices, especially if it has been infected with spyware. Follow all the steps and methods given here to flash the device.

(Note: We are using the example of a Xiaomi device. Other mobile vendors have the same process, but the tools are different. If your smartphone’s bootloader is locked, follow the steps given below to unlock it. Make sure you back up all the data on the device before doing this.)

Steps For Unlocking Bootloader in Android


Step 0: Create a backup of anything you want to restore as this will erase all your data

Step 1: Install Android SDK

To enable this you will need: The Android Debug Bridge, a command line tool for your computer that allows interface with your phone, and your phone’s USB drivers.

How to install both of the above:

1) Go to the https://developer.android.com/studio and scroll down to “SDK Tools Only”. Download the ZIP file for your computer and unzip it in the location that you want to store the ADB files.

2) Launch the SDK Manager and deselect everything besides “Android SDK Platform-tools”. In a Nexus phone, select “Google USB Driver” to download Google’s drivers.

3) Once it is installed, shut the SDK manager.

Pegasus spyware affects both Android and iOS devices.
Pegasus spyware affects both Android and iOS devices.
(Photo: The Quint)

4) Install the USB drivers for your phone. These can be found on the phone manufacturer’s website (e.g. Motorola or HTC). For Nexus, install the Google drivers downloaded in step 2 using these instructions.

5) If prompted, reboot the computer.

Switch on the phone and with the help of a USB cable plug it into the computer. Following this open the platform-tools folder in your Android SDK folder and press Shift+Right Click in an area that is empty. Choose “Open a Command Prompt Here”, and run the following command:

adb devices

In case a serial number is shown, the process can continue as the device has been recognised. Otherwise, make sure the above steps have been done correctly.

Step 2: Permit USB debugging

In the main settings go to “About phone”, click on “Build Number” item seven times, a message saying “you are now a developer” will appear.

Go back to the main settings, “developer options” will now appear. Once that is opened, enable “OEM Unlocking”. After that, enable “USB Debugging”. Once prompted, enter password or PIN, if applicable.

Steps 3: Get an Unlock Key

Go to the manufacturer’s bootloader unlocking page

(example, https://accounts.motorola.com/ssoauth/login?TARGET=https://motorola-global-portal.custhelp.com/cc/cas/sso/redirect/standalone/bootloader/unlock-your-device-b for Motorola phones or https://www.htcdev.com/bootloader for HTC phones), choose the device (when prompted), and log in or create an account.

The remaining steps vary for different phones. Manufacturing sites of the specific phones will usually give you a walk through.

It will be on the lines of: First, switch off the phone and boot into fastboot mode. This varies for every phone, but on a majority devices, holding down the “Power” and “Volume Down” buttons for 10 seconds does the job.

With the help of a USB cable, connect the phone to the PC. The phone should display a message that the device is connected. On the computer, open the platform-tools folder in the Android SDK folder and Shift+Right Click in an empty area. Click “Open a Command Prompt Here”, and use that Command Prompt window to retrieve the unlock key as described by the phone manufacturer.

The Command Prompt will give a token in the form of a very long thread of characters. Select, copy paste it in the applicable box on the manufacturer’s website–ensuring that there are no spaces– submit the form. If your device is unable to be locked, you would receive an email with a key or file that can be used in the next step.

Step 4: Unlock your Phone

In case your phone is still in fastboot mode, run the command below. If not, turn off your phone and hold the “Power” and “Volume Down” buttons for 10 seconds.

Release them, and you should be in fastboot mode

To choose “Open a Command Prompt Here” on your computer, open the platform-tools folder in your Android SDK folder and Shift+Right Click on an empty area.

The command used to unblock your device is given below and also this is used for many Nexus devices.

fastboot oem unlock

If you have a non-Nexus device, your manufacturer will tell you what command to run. Motorola devices, for example, need to run fastboot oem unlock UNIQUE_KEY, using the unique key from the email you receive.

HTC devices will run fastboot oem unlocktoken Unlock_code.bin using the Unlock_code.bin file you received from HTC.

The volume keys can be used to confirm the unlock which your phone may ask for.

The boot screen of your phone can be used to reboot your phone as you are finished with the process. A new message appears at boot-up if the process went well, showing that the bootloader is unlocked and after a few seconds it should boot into Android.

Disclaimer: This process should only be done by those who are technically inclined, else you could end up “bricking” your phone, rendering it useless.

Liked this story? We'll send you more. Subscribe to The Quint's newsletter and get selected stories delivered to your inbox every day. Click to get started.

The Quint is available on Telegram & WhatsApp too, click to join.

Stay Updated

Subscribe To Our Daily Newsletter And Get News Delivered Straight To Your Inbox.

Join over 120,000 subscribers!