Hey all.,
Recently I bought a rm7 pro and debloated many packages.
After a while I installed virusTotal and checked for system apps.
I found screen recorder and system UI to be infested by a malware, as stated by the Sangfor AV engine.
Moreover even some google packages were flagged as malware.
But when I checked the same package on miui,it wasn't shown as a malware.
Is realme even injecting on google packages??!!
Related
Dear Developers:
I've found someone publish cracked android apps on Google Play easily.
They didn't design or code anything, just crack some famous apps of the famous companies, then remove the Ads, change the package to the others, also could add their own Ads ID.
Please See:
https://play.google.com/store/apps/developer?id=milner#?t=W251bGwsbnVsbCxudWxsLDEsImNvbS5taW5pY2xpcC5hbmdlcm9mc3RpY2syLnp6Il0."]https://play.google.com/store/apps/developer?id=milner#?t=W251bGwsbnVsbCxudWxsLDEsImNvbS5taW5pY2xpcC5hbmdlcm9mc3RpY2syLnp6Il0.
Almost all his published apps are the same as other famous apps.
Google allow this? Actually it's easy to add a shell and re-package apk.
APK, Not security!!! Someone tell me .so files also can be cracked.
Google design a non-security apk format
Google design a non-security apk format!!!
qidaozhilong said:
Dear Developers:
I've found someone publish cracked android apps on Google Play easily.
They didn't design or code anything, just crack some famous apps of the famous companies, then remove the Ads, change the package to the others, also could add their own Ads ID.
Please See:
https://play.google.com/store/apps/developer?id=milner#?t=W251bGwsbnVsbCxudWxsLDEsImNvbS5taW5pY2xpcC5hbmdlcm9mc3RpY2syLnp6Il0."]https://play.google.com/store/apps/developer?id=milner#?t=W251bGwsbnVsbCxudWxsLDEsImNvbS5taW5pY2xpcC5hbmdlcm9mc3RpY2syLnp6Il0.
Almost all his published apps are the same as other famous apps.
Google allow this? Actually it's easy to add a shell and re-package apk.
APK, Not security!!! Someone tell me .so files also can be cracked.
Click to expand...
Click to collapse
qidaozhilong said:
Dear Developers:
I've found someone publish cracked android apps on Google Play easily.
They didn't design or code anything, just crack some famous apps of the famous companies, then remove the Ads, change the package to the others, also could add their own Ads ID.
Please See:
https://play.google.com/store/apps/developer?id=milner#?t=W251bGwsbnVsbCxudWxsLDEsImNvbS5taW5pY2xpcC5hbmdlcm9mc3RpY2syLnp6Il0."]https://play.google.com/store/apps/developer?id=milner#?t=W251bGwsbnVsbCxudWxsLDEsImNvbS5taW5pY2xpcC5hbmdlcm9mc3RpY2syLnp6Il0.
Almost all his published apps are the same as other famous apps.
Google allow this? Actually it's easy to add a shell and re-package apk.
APK, Not security!!! Someone tell me .so files also can be cracked.
Click to expand...
Click to collapse
An APK is an Android PacKage, an installer package. Even windows installer packages can be edited. An *.so file, is a library file, a file containing api method and properties for use by other applications or even as modules for the kernel. Nothing is uncrackable really, implementing application security is the developers responsibility, not google's. For that purpose many licencing options are available
There will always be those who crack applications. The problem here is the screening process for android market, as a user and member of the greater android community you should report this kind of thing to google via play store.
my question is as above in the title
btw i saw about replucant on gnu's website
thoughts about it?
how would it protect my privacy
and i have been told that even if i start using repulcant google service will be another privacy threat
i want to know also how google services can be privacy threat do they have malicious code made by like other trackers (like windows trackers ...websites... etc..)
The most basic thing you should do:
do not grant various apps on your phone the permission to access your album, contact, sms or email, location and so on, unless you really need to use their functions that require such permission.
finalvagas said:
The most basic thing you should do:
do not grant various apps on your phone the permission to access your album, contact, sms or email, location and so on, unless you really need to use their functions that require such permission.
Click to expand...
Click to collapse
ik ! but i want to protect myself from the tracking or spying of google
Root your device, preferably a 'clean' way (without questionable root software that can do more harm than good). Make a TWRP backup or similar, just in case you stuff your device.
Allow installation of apps from unknown sources in "Security > Unknown Sources". Then install AdAway (ad-blocker) from f-droid.org. https://f-droid.org/packages/org.adaway/. F-droid is officially linked from the AdAway website https://adaway.org/ since it was banned on the Google Play Store, which is testament to how much of a threat it is to Google.
The key (to me) is to kill Google's main revenue first: ads. Along with the revenue of all the other adware/tracking/spyware creators who wish to do business on the Spyware Store. The second way to kill them is to use ad-free apps as much as possible (f-droid.org can probably cater to most needs).
Installing a keyboard that doesn't spy on you is fairly important to me. You might consider AnySoftKeyboard or others from f-droid.org. After switching to the new keyboard, uninstall your default Google keyboard using your preferred root uninstaller. You can use Play Store apps like Titanium Backup to uninstall & backup if you wish. You can download Play Store apps without using Play Store by just getting their APK files on sites like https://apps.evozi.com/apk-downloader/ though some apps and games will require Google Play Store and related spyware to run. To me, those that do require Google Play Store and related spyware components aren't even worth considering.
Uninstall every single Google app on your device. Including Voice components. Plus the Play Store and related Services Framework and heaps of other Google Spyware. I have finally started to compile a list of those I have found to be safe to remove, so if you need more details, I might be able to help a bit.
There are usually better apps for Mail, Contacts, Maps, Gallery, Calculator, SMS, messaging, Calendar, Camera, etc. They are freely available without tracking/analytics, adware & spyware. An extremely good place to start inorder to get the basics are the Simple Mobile Tools apps from Tibor Kaputa https://simplemobiletools.github.io/
If you want to spend your money, consider giving it to guys like this.
Some root uninstallers I have tried have been extremely unreliable, leaving your device essentially bricked after they fail to start after removing a component, or by giving you dumb error messages after removing a safe component that other root uninstallers have no trouble with. Regrettably, I have yet to find a decent open source root uninstaller. At the moment I am using Titanium Backup to uninstall unwanted apps and components from Google, unwanted spyware from the chipset manufacturer & unwanted spyware from the device manufacturer. Personally I don't use any of the stock apps, including the stock launcher. All of these companies have a long history of customer privacy violations. All profit from profiling you and selling you out to their partners.
There are useful (adware/tracking-infested) Play Store apps like MyAndroidTools that allow you to disable certain components from certain apps which might also be useful to you. This was available on Google's Play Store but now does not appear. I use it for apps like Firefox, to disable the Crap Components I do not want running.
You might also consider XPrivacy or XPrivacyLua which gives you more control over what apps can do. You might also consider changing your DNS settings from Google's to another with apps like DNS man.
Google is the Spyware King at the moment with literally billions of devices in use, eclipsing Microsoft and Apple soyware in terms of numbers of devices in use.
You have many different ways to protect your Android phone. You should use a strong password and backup your phone. Here is good article about it: imei.info/news/android-privacy-protect
You can just check it.
Years ago I bought a cheap and powerful rugged phone to use it as a navigation tool on my motorcycle.
A view months ago it began that the phone sporadicly opens up add websites in the chrome browser. This happens about once a day.
I read that the manufacturer is not trustworthy and DooGee delivered some firmware updates with trojan sw. So I guess in the best case DooGee tries to do some extra money by showing me adds. They may installed a backdoor that now opens these websites.
I don't make security critical things on this device but still I want to get rid of these adds. It's annoying to drive with the bike and navigate and then the navigation software is hidden because of these useless adds.
I do have root on this device using an older version of magisk.
I have Titanium Backup and theoretically I would be able to disable all processes / apps if I would know the name of the app.
But I don't know how I can find out which process is the originator of these adds.
I disabled the chrome browser but I guess there is an other process that just shows the website in chrome. So it may not be chrome browser's fault?!
And the list of all apps is long because I have to suspect the system apps also.
I tried some virus scanners from play store but they all found nothing. Useless apps...
Hope someone here can help.
Any idea for a good strategy how to find the bad app or process?
Any tool recommendation that may can find it?
Thanks.
Try Malwarebytes for your mobile device.
fpdragon said:
Any idea for a good strategy how to find the bad app or process?
Any tool recommendation that may can find it?
Click to expand...
Click to collapse
Boot device into Safe Mode: You'll see "Safe mode" at the bottom of your screen
One by one, remove recently downloaded apps.
Tip: To remember the apps that you remove so that you can add them back, make a list.
After each removal, restart your device normally. See whether removing that app solved the problem.
jwoegerbauer said:
Boot device into Safe Mode: You'll see "Safe mode" at the bottom of your screen
One by one, remove recently downloaded apps.
Tip: To remember the apps that you remove so that you can add them back, make a list.
After each removal, restart your device normally. See whether removing that app solved the problem.
Click to expand...
Click to collapse
I am pretty sure that I don't downloaded any app that throws the adds. It must be something that comes from DooGee.
Bernal79 said:
mcafee will help to get rid of the malware
Click to expand...
Click to collapse
mcafee has not found anything
James_Watson said:
Try Malwarebytes for your mobile device.
Click to expand...
Click to collapse
malwarebytes has not found anything
However, thanks for the recommendation.
fpdragon said:
mcafee has not found anything
malwarebytes has not found anything
Click to expand...
Click to collapse
Not surprising me.
Malicious software comes in several flavors, distinguished primarily by their method of propagation. The two most pervasive forms are viruses and worms. A virus attaches itself to an existing program such that, when that program is executed, bad things happen. Like a biological virus, it cannot live without a host. In contrast, a worm is an independent program that reproduces itself without requiring a host program. Depending on the form, a worm may be able to propagate without any action on the victim's part. Most malicious software today consists of worms rather than viruses.
Worms and viruses require slightly different protection mechanisms because of their different propagation methods. A virus scanner operates by searching for the signatures of known viruses. A signature is a characteristic pattern that occurs in every copy of a virus. It might be a string of characters, such as a message that the virus will display on the screen when activated, or it might be binary computer code or even a particular bit of data that is embedded in the virus. These patterns are identified by technicians at organizations specializing in computer security and are then made available on security Web sites. Virus scanners can then download the patterns to bring their internal pattern lists up to date.
An Antivirus software is checking your Android devices's apps and comparing them to known types of malware ( viruses & worms). It will also scan your Android device for behaviors that may signal the presence of a new, unknown malware. Typically, Antivirus software uses all of these 3 detection processes:
Specific Detection – This works by looking for known malware by a specific set of characteristics.
Generic Detection – This process looks for malware that are variants of known “families,” or malware related by a common codebase.
Heuristic Detection – This process scans for previously unknown viruses by looking for known suspicious behavior or file structures.
Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate. Trojans must spread through user interaction such as opening an email attachment or downloading and running a file from the Internet.
IMHO Android itself is a pretty secure operating system.
jwoegerbauer said:
Not surprising me.
Malicious software comes in several flavors, distinguished primarily by their method of propagation. The two most pervasive forms are viruses and worms. A virus attaches itself to an existing program such that, when that program is executed, bad things happen. Like a biological virus, it cannot live without a host. In contrast, a worm is an independent program that reproduces itself without requiring a host program. Depending on the form, a worm may be able to propagate without any action on the victim's part. Most malicious software today consists of worms rather than viruses.
Worms and viruses require slightly different protection mechanisms because of their different propagation methods. A virus scanner operates by searching for the signatures of known viruses. A signature is a characteristic pattern that occurs in every copy of a virus. It might be a string of characters, such as a message that the virus will display on the screen when activated, or it might be binary computer code or even a particular bit of data that is embedded in the virus. These patterns are identified by technicians at organizations specializing in computer security and are then made available on security Web sites. Virus scanners can then download the patterns to bring their internal pattern lists up to date.
An Antivirus software is checking your Android devices's apps and comparing them to known types of malware ( viruses & worms). It will also scan your Android device for behaviors that may signal the presence of a new, unknown malware. Typically, Antivirus software uses all of these 3 detection processes:
Specific Detection – This works by looking for known malware by a specific set of characteristics.
Generic Detection – This process looks for malware that are variants of known “families,” or malware related by a common codebase.
Heuristic Detection – This process scans for previously unknown viruses by looking for known suspicious behavior or file structures.
Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate. Trojans must spread through user interaction such as opening an email attachment or downloading and running a file from the Internet.
IMHO Android itself is a pretty secure operating system.
Click to expand...
Click to collapse
Thank you for the good explanation. But how can I track down the originator of the popup adds?
I would expect that the originator of the adds runs as a system app. If I could find out which system app does this and It's functions is not neccessary (eg system update or something) then I could kill and remove it.
BTW, after disabling the chrome browser it seems that there are no popup adds any more. For two days no more adds. I guess this is because I removed the last browser from the system and now the adds can't be opend? But still it would be cool to track down the application that opens the adds if I need a browser one time.
fpdragon said:
Thank you for the good explanation. But how can I track down the originator of the popup adds?
I would expect that the originator of the adds runs as a system app. If I could find out which system app does this and It's functions is not neccessary (eg system update or something) then I could kill and remove it.
BTW, after disabling the chrome browser it seems that there are no popup adds any more. For two days no more adds. I guess this is because I removed the last browser from the system and now the adds can't be opend? But still it would be cool to track down the application that opens the adds if I need a browser one time.
Click to expand...
Click to collapse
It seems that you have turned on notification from a website in chrome. Clear chrome browsing data. Re-enable chrome. And check whether you receive any adds or not.
Just wondering if anyone has a privacy/security guide for a non-rooted Nord N10 on Android 11. I was initially going to ROM it and install GrapheneOS but it looks like it has a lot of issues for some people trying to install it and I'm not tech savvy enough at fixing them or have the time to go through it if it bricks.
So far I've used a debloat script I found and also added some Google/TMobile packages to remove from it (I don't log into a Google account on my phone and Google Maps is the only Google app I use). I've removed or disabled a lot of the other stock apps which I don't use and have tried to go with as many open-source apps as possible along with a few other basic Android security tips.
I've also installed AdAway non-rooted version (the one where it sets up a VPN, initially tried InviziblePro but it shut down on restarts).
Hello everyone,
I just saw this scary article https://www.malwarebytes.com/blog/news/2023/01/preinstalled-malware-infested-t95-tv-box-from-amazon and https://github.com/DesktopECHO/T95-H616-Malware, and I wonder if you know whether some other boxes have the same malware ?
Have you tested on your box ?
Cheers!
There is not a single device with stock firmware that does not have some unwanted component.
There's a gap between unwanted and proved malware
Does this difference make you feel better when there is an unwanted element and worse when there is malware?
Even when the action is identical, but you don't even know it?