• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

font server

I can confirm this is in fact malicious. It is also sometimes disguised as "root PA". It uses a firmware infection taking advantage of elevation of privileges in the package installer. It possibly originates from towelroot and an app in the playstore called uds/mmi fix. It should be noted that the actual malicious app is not font server, but rather is masked "by" font server as a form of obfuscation. I have proof of concept that it is in fact not only extremely malicious in nature, but that it can, if not careful, infect the firmware of other devices cross-platform. Ironically, as you now probably have a custom rom installed without your permission, ADB and correctly rooting your device may be your only hope. I am attempting to program a simpler fix but it's taking some time. I strongly advise blocking the hidden real malicious "app" using no root firewall and looking up port blocking guides to block using the app as well, as while this will not remove it, it will remove the bad actors access to your device.
Good luck, be safe.
 
Last edited:
There's two options you have here. Contact the manufacturer, and pay them to reflash the firmware rom, or use software like Odin, find the exact firmware for your model and the country, and hard flash it yourself with a pc. There's no other solutions.
 
Back
Top Bottom