Is it okay to log in my social media accounts (Facebook, Instagram, etc.) from my old phone that I believe is infected with viruses to my new phone? Can virus transfer because of that?
-
One thing worth noting, 'viruses' and malware on phones are decently often just applications you installed yourself that push but don't break the rules of what they are allowed to do OR services where someone/something guessed/deduced/found your password. 'True' viruses are rare. If you redownload the same apps on your new/factory reset phone it would behave the same.– David MulderCommented May 9 at 6:51
-
1Barring an incredible vulnerability on the part of the social network's mobile apps, there's no way for a malware infection to somehow "spread" or "transfer" to a social media account, in such a way that logging into the account on a new device would cause the new device to become infected. However, it is sometimes possible for the existing infection on the old device to steal your log-in details and then do other undesirable things with your social media account, depending on exactly which "viruses" your old phone has (namely, whether they have escalated privileges).– DevCommented May 9 at 14:34
Add a comment
|
2 Answers
The only way that could happen is if any files (documents) you uploaded to social media were infected, then you downloaded and opened those files on the other machine.
But even if you did that, the chances that you would get infected are small.
Just "logging in" to social media can't infect social media or other devices.
-
Logging in might download some files automatically in the background, no?– BergiCommented May 8 at 19:20
-
5Logging in means transmitting your credentials from a system infected with malware. I wouldn't. Commented May 8 at 19:39
-
Yes- that’s why I don’t like having background app refresh on, if I can help it. Commented May 8 at 22:35
-
1@Bergi background downloads don't automatically infect a machine. They would have to be opened.– schroeder ♦Commented May 9 at 6:39
So there are different things to consider.
The software on your old phone:
If you installed malware at your old phone the old phone and all installed software should be viewed as compromised.
Transfering files:
If you install just the operating system at your new phone the new system is ok. If you transfer data between the old and the new system chances get higher that you infect your new system again. This could be for example the case if you sync both phones and transfer malicious apps to the new system or like sschroeder said transfer files using the cloud and reinstall or open them in your new system.
Credentials exfiltrated:
Another thing is that if your credentials to the social media accounts got exfiltrated in the old phone by the malware installed. Then those credentials stay exfiltrated and the access to those accounts will still be possible for the attackers regardless what device you use. If you think this is the case look for emails pointing to strange devices accessing your accounts if the social media site deliver those emails, monitor your social media accounts for strange behavior, change the passwords to strong ones from a device you know should be clean or enable Yubikey/Hardware token access as a second factor if its possible (e.g. Yubikey support: https://developers.yubico.com/Mobile/, https://www.yubico.com/works-with-yubikey/catalog/) . The last would be really difficult to circumvent but is also more expensive, more difficult because you need the hardware at hand and dangerous if you loose the device.
