[Q] Warning: Possible Chinese Trojan from coolapk.com - Android Q&A, Help & Troubleshooting

Hello,
I wanted to warn you of this website: coolapk.com. Certain apk files contain "additional" parts. In this case it was a part of VLC (Video Lan Client). After downloading an apk file and installing, all seems to be normal and the desired software is running. Under applications there are only the programs you know about. But after close look, you will find a hidden additional application under Settings/Apps/Show All at the bottom behind letter Z if showing within alphabetical order containing only chinese signs. It is already running, you can not deinstall it only force stop and deactivate is possible. The file size is shown as 4KB. After uninstalling the original app this still is keeped in your system. During the installation there was absolutely no sign of additional software attached. This device is not rooted and has OEM ROM. The machine I was using is Motorola (Enterprise Solutions) TC55 PN TC55BH-JC11ES, Android 4.1.2 Build 131013-SI-1800EN-01.45-15443J-4.1.2-user. I downloaded the apk files 24.02.2014 and the chinese software contains a following timestamp in the properties: 20131013.224458. This app has following rights granted: personal information (read all words attached to the dictionary, read contacts) and network communication (full network access). Attached is the screenshot of above mentioned hidden software (only app-info), perhaps a friendly user can help translate and tell what is it, because it's behaviour as far is not really trustworthy for me.
Contact me for additional questions (enterprise class units only).
regards + stay clean
Bogusz Schubert/pimpex.net

thanks for the advice :good:

I have that software on my TC55 as well. Oandbackup identifies it as com.android.inputmethod.pinyin, in other words the Chinese input from the AOSP, and the Chinese symbols in its name match the ones of the selectable alternative Chinese input under the "Language & input" settings. I have not installed anything from coolapk.com, only from F-Droid and Amazon. Are you sure this software came with VLC and was not there before? It might just be standard with the TC55.

Elanguescence said:
I have that software on my TC55 as well. Oandbackup identifies it as com.android.inputmethod.pinyin, in other words the Chinese input from the AOSP, and the Chinese symbols in its name match the ones of the selectable alternative Chinese input under the "Language & input" settings. I have not installed anything from coolapk.com, only from F-Droid and Amazon. Are you sure this software came with VLC and was not there before? It might just be standard with the TC55.
Click to expand...
Click to collapse
I have that app installed on a Cisco Cius (Froyo!) as well, and am unable to uninstall it. I'd be surprised if this was malware.

Seriously??
I'll Keep It In Mind And Try Not To Let Chinese Have All My Data

pimpex.net said:
Hello,
I wanted to warn you of this website: coolapk.com. Certain apk files contain "additional" parts. In this case it was a part of VLC (Video Lan Client). ......
Click to expand...
Click to collapse
The app name in chinese means "Google's method to input chinese character by spelling". It is bad for sure to install an additional app in secret. But this input method app sounds innocent. In addition, how can you be so sure that the app sneaked in with VLC from coolapk?
On my TF101, I have a number of apks from coolapk. As far as I am concerted, It is good so far with coolapk, I have not found anything wrong yet.

Related

[HINT] Accessing inaccessible APK files.

I hope this proves useful to someone, but especially noobs like myself! I've searched high and low for a a way to access and install apps that are either restricted by country (I'm in Vancouver, BC) or by device type of and up to now was only able to find references here at XDA that involve using VPN. If the following tip is already common knowledge and I somehow overlooked it, I apologize in advance.
Yesterday I ran across this article handy applet that so far has worked flawlessly for me:
Clearly I can't post URLs yet but the applet "Real APK Leacher" can be downloaded at:
www[dot]mediafire[dot]com[slash]?5vibfddvxmh98y
No need to install anything, but just unzip the DL into any new folder and run it directly from there. It does require Java Runtime Environment 1.5.0 or later. First time the tool is launched it prompts you for a DeviceID and associated account and P/W for the device. I used the DeviceID for my Galaxy S2.
(To find the DeviceID on a phone, enter [*#*#8255#*#*] (not including the brackets), and find the lines that begin with "JID="and "DeviceID-".
When I first ran the tool, I ran a search and got no results.. Found that the trick is to enter the search term(s) and then select the "custom" radio button. I've used the tool to successfully DL and install 1) Google Currents, 2) Onlive Desktop, 3) USAA Mobile Banking, 4) HBO GO, 5) Canada Post App, 6) UPS app, 7) Fedex 8) Hulu+ 9) all Amazon apps, 10) Realtor.ca, and many others. Till now I haven't run across any app I wanted that I haven't been able to install using the tool. Hope you have as much luck as I have with it.
After downloading the APKs to your computer desktop, simply transfer to the Prime via you're method of choice and install.
VancouverIngo said:
(To find the DeviceID on a phone, enter [*#*#8255#*#*] (not including the brackets), and find the lines that begin with "JID="and "DeviceID-".
Click to expand...
Click to collapse
And how do you propose we do that on our tablets?
leppie said:
And how do you propose we do that on our tablets?
Click to expand...
Click to collapse
or use the device ID app
https://play.google.com/store/apps/details?id=com.redphx.deviceid&reviewId=03899096149324352534
leppie said:
And how do you propose we do that on our tablets?
Click to expand...
Click to collapse
I tried to be as detailed as possible in my post (it was late, I was tired, perhaps I wasn't) which is why I went to the trouble of pointing out how I used my smartphone (the GS2) to carry out the procedure myself. I certainly don't claim to know exactly how the tool works behind the scenes, but I think it most likely needs to "fool" the source it accesses to DL the requested APKs into thinking the DL request is coming from a phone rather than a tablet.
In any case, there are probably many ways in which to retrieve a DeviceID. The method I went to the trouble of describing just happens to be the only way that I know how to do so. If you know of another... GREAT... use it. If not, then well, I think anyone frequenting these forums is probably clever enough to figure out/search for other ways.
In this day and age, I don't think that there are many tablet owners out there that don't also own or have access to a phone as well. In light of this fact, I assumed (perhaps unwisely) that readers of this thread don't require the same level of handholding/specificity that less tech-savvy members of the population might.
For those who've found other work-arounds to achieve the same end and are happy with their method, well, this post isn't meant for you. For others, like me, who've been seeking a simpler way, I truly hope you find the tool as useful as I have.
Running an unknown executable from a poster with no track record...can I just give you my CC# and SSN now and simplify things?
e.mote said:
Running an unknown executable from a poster with no track record...can I just give you my CC# and SSN now and simplify things?
Click to expand...
Click to collapse
Just googled the tool and seems it's getting quite a bit of attention; certainly not unknown. Favourable reviews/mentions from well known and respected sites. I In fact, I seems like someone here at XDA beat me to the punch in extolling its virtues ... found link to an active thread in the General Section.
While there are ways to check out executables of questionable provenance (particularly a Java applet on a PC) without endangering/in a secure environment, particularly when link to said executable comes from a noob poster such as myself, you are wise indeed to be cautious! For the adventurous among you, check it out at your own risk.
Searching on "real apk leecher" (note the correct spelling), it looks like this tool came out a week ago. It wants your email acct, password, and device ID. At least to start out.
From the screenshot, the apparent dev, Nhat Cuong Mobile, is a Vietnamese outfit with website here: http://nhatcuong.vn/. However, it's a mobile phone sales & repair site, and I can't find any info on software development (I can speak Viet).
If you do try this out, be extremely wary.
If you're rooted try Market Enabler (in the market), change to code to whatever network in whatever country, force close the market app (drag it to App info, and force close from there), then open it again, and voila Access to all the apps you couldn't access before.
adancau said:
If you're rooted try Market Enabler (in the market), change to code to whatever network in whatever country, force close the market app (drag it to App info, and force close from there), then open it again, and voila Access to all the apps you couldn't access before.
Click to expand...
Click to collapse
Will the Market Enabler app also open apps that are device specific? I. E., phone-only apps for tablets?

Spelling/Suggestions

I just got the OTA upgrade to ICS on my Springboard..
i noticed that when typing a message or an email it will underline all the words in red. the system thinks that all the words that I have spelled is incorrect. Especially when I know they are spelled correctly.. Even simple two letter words are underlined.
any ideas???
I think it is the ability to choose that word for editing, picking a different version of word, suggestions, adding to dictionary, and or deleting said word
Sent from my SpringBoard using XDA Premium App
The update changed me from Android keyboard to swipe keyboard I just changed it back to the regular android keyboard, and then I bought SwiftKey I'm pretty sure it's still on sale at the play store
I am using swiftkeyand the lines are still there I still think it's an editing feature
Sent from my SpringBoard using XDA Premium App
It has got to be a bug in the system because whenever I turn off the spell checkr the underlines goes away.
As Huawei is Chinese company they simply deleting lots of things not related to China, including spell-checking. There no dictionaries.
You can try this but it won't work with most languages. Just few, including English.
http://forum.xda-developers.com/showthread.php?t=1595760
Dodging Chinese spell checker mess
The Chinese are messing the Android spell checker instead of making an additional one of their own.
Dangerously, the other users are proposed a rooted, risky repair.
Why not
1) Build another version of the AOP spell checker to simply install/setect beside the messed one?
2) As a bonus, make the AOP spell checker multi-language, or, rather, multi-dictionary?
Hunspell does multi-dictionary. One just stores the needed dictionaries in a folder by the piece. They could be both in system or in user file space for easy copy of free Hunspell dictionaries from the Internet. One can use specialized dictionaries like medical, engineer, ...
I personally installed Kii keyboard providing spell checking in one language and Touchpal key providing word completion in several languages simultaneously.

[APP] BrowserShortcut - Use the browser key to open any browser

Hi everyone!
For those of you who want to give some extra behaviour to the browser key on the dock, here's one solution.
Although mod Aroma "kind of" does this, it should be noted that this solution is easier to recover from.
The browser key launchs any apk with ˋcom.android.browser.BrowserActivity´ as main activity, so I made a small app that mimics that.
It gathers a list of installed browsers and prompts a choice to the user; With the help of intents.
You can build it directly within the prime using AIDE, as it was coded in it.
GitHub repository: github.com/bit2shift/BrowserShortcut
In order to install it, you first need to remove the stock browser. Use Titanium Backup or ES File Explorer.
Install the replacement app as usually.
A screenshot of its choice prompt is attached.
EDIT: The google homepage is the URL used to query the installed browsers and start the chosen one. You can change it to something else.
TIP: For some browsers, about:blank does not get recognized properly.
Moderators: If this thread fits better on the development board, feel free to move it there.

How to disable Samsung Text-to-Speech and delete language files

Hi,
I use Google's TTS engine, so I thought I could disable Samsung's and get rid of the language files it has downloaded.
Sadly, I can't seem to find the application on the list of installed applications under Application Manager. In fact, I don't know what it's called.
Also, I don't know the location of the language files.
Any help would be appreciated.
Thank you.
Samsung TTS is called "Samsung text-to-speech engine" under the "All" category for me. I would also like to know how to delete unused language files.
goobyjr9 said:
Samsung TTS is called "Samsung text-to-speech engine" under the "All" category for me. I would also like to know how to delete unused language files.
Click to expand...
Click to collapse
Yeah, it's supposed to be called that way, but I haven't got it under All.
I'm running 5.1.1 (G925IDVU2COGA).
Found it. The name is different because my system language is Spanish. Anyway, it can't be disabled. Maybe if you were rooted you could.
You can "erase data", but in my case the data is 40KB, so I don't think that will get rid of the language files, which are 100MB in size.
Also, even if we knew where the language files are located, we probably couldn't erase them, unless we are rooted. Anyway, if anyone knows the location, at least I'd like to try.

[APP][SPY KEYSTROKES][DISGUISED] Ikeymonitor free

Hello everyone this is a modified version of ikeymonitor free, I know that it's apk is available online but the problem is that the app reveals that it's a cell monitoring app on the splash screen (the loading activity of the app). I like to prank my friends with this application. I even use it for monitoring my kid's keystrokes. The main aim of mine is keylogging, not monitoring location, messages, call logs, screenshots e.t.c
WARNING:
This is only for educational purposes, I'll not be held responsible for hackery, cracking e.t.c. I'm not the developer of this app, I just disguised it even better.
Features:
1. I have modified the app to look like a special version of xda.
2. You can set a password for the app.
3. It works without root, but if you have root it can even show the package name of the app which the user typed.
3. The keyboard's UI is completely like the original ICS keyboard, so no one will get to know that it's a keylogger.
Instructions:
1. Download the apk via the link provided below and install it.
2. Open it and first set a password so that no one gets to open it and know it's a keylogger. Just go to settings and click change password.
3. To activate it go to settings>logging and tick keystrokes.
4. Click on configure, it's just below the tick option.
5. Tap on non-root and configure the keyboard the way you do when you download a new keyboard app.
6. Select it as the default keyboard and done! Now everything you type will be monitored.
Link:
https://drive.google.com/open?id=0BxSe_vhG7ixhRDcySmhLQ2JoaG8
Enjoy, have fun!!!
Thank you, but the link dosn't work.
OKAY MY FRIEND!... BUT AS IT IS NOW THIS "KEYLOGGER".... WAS ONLY MAKE FOR YOU. AND FOR NO OTHERS PURPOSES BUT FOR YOUR OWN KEYLOGGING. AS IT STATED IT ONLY CAN "LOG" KEYSTROKES. AND NOT MONITORING/ MESAAGES/ CALL LOGS ETC. THESE KINDA SOFTWARE DIDNT MAKE JUST FOR THAT PURPOSE ONLY SO YOU SHOULD HAVE "modify" THAT PURPOSE THAN THE ONLY PURPOSE IT FOR NOW THERE IS A LOT GOING ON THAN "kids" JUST TYPE Keystrokes. and there no link there either to download......

Categories

Resources