• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Root superuser and droidwall stop malware?

androy

androy

Android Enthusiast
Just out of curiosity, would the new malware be detected by droidwall and superuser?

Would superuser prompt me if the malware tried to gain root?

Or because its a rootkit type malware, would it just go around superuser and droidwall like its not even there?
 
I just checked my desktop pc with Avast AV and then Microsoft Security Essentials. Avast did not find anything, but this is what Microsoft Security Essentials showed:

containerfile D:\ANDROID STUFF\TITANIUM BACKUP\JANUARY 26, 2011\com.z4mod.z4root-46965bd41dac0e4988515aa2f9f95b19.apk.gz
containerfile D:\ANDROID STUFF\z4root.1.3.0.apk
containerfile:N:\ANDROID STUFF\TITANIUM BACKUP\JANUARY 26, 2011\com.z4mod.z4root-46965bd41dac0e4988515aa2f9f95b19.apk.gz
containerfile:N:\ANDROID STUFF\z4root.1.3.0.apk
file:C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Recent\z4root.1.3.0.apk.lnk
file D:\ANDROID STUFF\TITANIUM BACKUP\JANUARY 26, 2011\com.z4mod.z4root-46965bd41dac0e4988515aa2f9f95b19.apk.gz->(GZip)->res/raw/rageagainstthecage
file D:\ANDROID STUFF\z4root.1.3.0.apk->res/raw/rageagainstthecage
file:N:\ANDROID STUFF\TITANIUM BACKUP\JANUARY 26, 2011\com.z4mod.z4root-46965bd41dac0e4988515aa2f9f95b19.apk.gz->(GZip)->res/raw/rageagainstthecage
file:N:\ANDROID STUFF\z4root.1.3.0.apk->res/raw/rageagainstthecage

Not saying z4root is malware or anything, just showing what the programs did detect. MSSE listed it as Exploit Unix/LoToor, Severe. I figure MSSE detected it because it opens up root access on the phone.

This was from a scan on my desktop computer of course.
 
I'm waiting for Eset to roll out their new beta for Android. When it hits, that's what I will be using.

For now, I have Lookout which I know is not great, but its better than nothing. I'm not too worried about this at the moment though.
 
mruno said:
some of the viruses use SMS to send data and droidwall does not block this.
Click to expand...

Well, I think the way its working is, it roots and silently downloads another app that sends SMS. Unless you let the first program have internet access, it can't download the second truly harmful app.

Second, why do the blogs keep saying in the range of 50-200k infections, but all 3 viruses linked to the symantec pages say infections 0-49. Anything more official than blogs? Every link I've found traces back to lookout or android police...
 
I have been getting texts from my friends little bro on my old phone all the time that are all wierd with different characters in it, Ill up a screenshot in a few minutes, gonna check out Lookout in the meantime.

EDIT: Here is the screenshot... not sure if he has a virus or what, when I long press, it says reply to 9999999999 as the phone number, pretty weird.

20110305190616771.jpg
 
Wow I just checked out Lookout's website after installing it on my phone. When you login it gives you the option to locate your phone from a computer, which was extremely accurate. Also you can set an alarm on your phone if it is lost, and that set off the second I clicked it on my computer. Also, premium members get the option to lock the phone out or wipe data from you PC.

A guy I work with was at the doctors for his son, went out back for 1 minute and came back and couldn't find his phone, but there was a guy sitting right where he left it, so he asked him, the guy obviously said no so he decided to try to call it from the doctor's office and no go. At least with this app, or another that is similar, he would be able to locate it pretty easily and not have had to fork over a ton of money for losing his phone/getting it stolen.
 
You must log in or register to reply here.
Back
Top Bottom