Hi,
I got a tablet with some fullscreen popup malware that blocks the device. I have already paid 9001 local currency units but it is still blocked
(no, not really).
While in safe mode,
I found that app installation from untrusted sources was not activated in settings.
How come? Did the malware come in via a browser or via an official app store (Samsung device)? Or did the malware uncheck the option in settings after it installed itself? Does antivirus software sometimes install crazy malware?
This device was used by "mere mortals" who do not root or install custom stuff. It seems to run Android 4.4.2
Update: I found these relevant apps:
- "360 Security", I remember this has been installed on purpose long ago, shpuld be a legit antimalware app
- "48.0dip" name makes no sense to me, could be a random snippet from a web page style sheet?
- "System malware" is that a joke? Ok, it does make googling hard, like any generic expression used as brand name.
Update: yes, there is malware on google play, according to
http://blog.checkpoint.com/2015/09/21/braintest-a-new-level-of-sophistication-in-mobile-malware/
I got a tablet with some fullscreen popup malware that blocks the device. I have already paid 9001 local currency units but it is still blocked
(no, not really).While in safe mode,
I found that app installation from untrusted sources was not activated in settings.
How come? Did the malware come in via a browser or via an official app store (Samsung device)? Or did the malware uncheck the option in settings after it installed itself? Does antivirus software sometimes install crazy malware?
This device was used by "mere mortals" who do not root or install custom stuff. It seems to run Android 4.4.2
Update: I found these relevant apps:
- "360 Security", I remember this has been installed on purpose long ago, shpuld be a legit antimalware app
- "48.0dip" name makes no sense to me, could be a random snippet from a web page style sheet?
- "System malware" is that a joke? Ok, it does make googling hard, like any generic expression used as brand name.
Update: yes, there is malware on google play, according to
http://blog.checkpoint.com/2015/09/21/braintest-a-new-level-of-sophistication-in-mobile-malware/
Last edited: