Save big + get 3 months free! Sign up for ExpressVPN today

  1. vwite's Avatar
    So I was looking for an app to make the top radius match the bottom radius on the corners while using the option of hiding the notch. Someone suggested a very shady link to download an apk but since I'm desperate and dumb I just downloaded and installed it. However, after installation there was only a "done" button but "open" button was greyed out, there was no new app on app drawer and there was no new app in application list in settings. I started getting worried that I had just installed some bitcoin mining software or another kind of malware.

    I got even more worried because if I tapped on the apk again it was asking me if I wanted to UPDATE the app instead of if I wanted to install it so it was already installed and it had permissions to access gps, phone history, and read, modify and delete USB storage.

    After a while during the day, my phone started doing random noises from the speakers like audio from ads but without opening any app, then later it started opening random chit on google chrome and that is not even my default browser (my default is samsung browser), it opened those very intrusive ads that tell you you have a virus and you cannot go back you have to close the whole tab or app it also opened some ads with sexual content a few times.

    I always thought all free anti-virus app on the play store were completely useless and just bloating apps but I started installing a bunch, most didn't detect absolutely anything after the option "scan all apps" I tried kaspersky, avast, AVG, Norton, etc. then I installed this (it's called "hi security" so not known brand and I thought it was going to be the worse but after opening it was powered by "McAfee" so at least McAfee is known):

    https://play.google.com/store/apps/d...s.applock.wifi

    And it actually detected some malware after scanning all apps, there was an app with completely blank name on device administrators that I never gave permission to become device administrator as far as I remember, so I unchecked that app from admin and then the antivirus app was able to uninstall it.

    After the virus cleaner uninstalled the app I haven't had any more issues with audios or ads opening on chrome. Do you think I'm safe now or could I still have some spyware?

    I posted some screenshots showing everything.

    I doubt that anyone wants the apk but if a developer wants it for reverse engineering or whatever reason I can post it the the name "MALWARE_do_NOT_install.apk" or something like that
    Attached Thumbnails How I got malware on my OP6 and how I got rid of it (at least I think so)-screenshot_20180608-131225.jpg   How I got malware on my OP6 and how I got rid of it (at least I think so)-screenshot_20180608-131248__01.jpg   How I got malware on my OP6 and how I got rid of it (at least I think so)-screenshot_20180608-131321__01.jpg   How I got malware on my OP6 and how I got rid of it (at least I think so)-screenshot_20180608-131235__01.jpg   How I got malware on my OP6 and how I got rid of it (at least I think so)-screenshot_20180609-044300__01__01.jpg  

    How I got malware on my OP6 and how I got rid of it (at least I think so)-screenshot_20180609-044513.jpg   How I got malware on my OP6 and how I got rid of it (at least I think so)-screenshot_20180609-044551__01.jpg   How I got malware on my OP6 and how I got rid of it (at least I think so)-screenshot_20180609-045757__01.jpg  
    06-09-2018 05:24 PM
  2. bbqwings2's Avatar
    For the future, NEVER install an apk that doesn't have a name on top of the permissions screen. That's a sign that there's something fishy going on with that apk and it's definitely not what you expected.
    vwite likes this.
    06-09-2018 06:36 PM
  3. vwite's Avatar
    For the future, NEVER install an apk that doesn't have a name on top of the permissions screen. That's a sign that there's something fishy going on with that apk and it's definitely not what you expected.
    lol didn't actually realized that during installation, I'll be very careful from now on when installing APKs. Someone in another forum suggested Malwarebytes, I tried it on the S9+ and this was my response I posted over there:

    damn on the S9+ it was even weirder, when I tried to install it it just freezes, I tried several times and freezes everytime on "installing" so no buttons of "done" and "open". But after the first time if it tells me again if I want to "update" app so it was already installed. I went to device administrator and there it was at the bottom of the list just an app with no name and on applications list I was able to find two, one called "settings panel" wtih a generic gear icon and no permissions, I uninstalled that one, and at the very bottom of the list there was another one with no icon and no name and the permissions of calls, gps and storaged activated. I went to "Hi Security" app and it detected there was malware code and asked me to uninstalled but I didn't and switched to Malwarebytes app, the malwarebytes took a while doing the deep scan but it did find "two infections". The installed infection and it was also encouraging me to delete the APK. I was using the 30 days free trial so I'm not sure if the free version would have found them without the "deep scan".

    I ran malwarebytes on the OP6 (without installing the infected app again) and it didn't find any infection. It seems that malware was from "adware.mobidash.NC"

    EDIT: Added S9+ screenshots

    I think I'll run malwarebytes premium for the 30 days with the "real-itime protection" and see if it finds aything else

    EDIT 2: I tried to install the infected app again when malwarebytes was already installed and malwarebytes interrupted the installation saying "adware detected, 1 infected file, com.veniosg.dir.android"

    Btw, I like how the full scan is so much faster on OP6 than on lagsumng lol
    06-09-2018 06:42 PM
  4. fuzzylumpkin's Avatar
    since I'm desperate and dumb
    Hmmm... Can I buy you a drink?

    Lol, joking aside, if you're paranoid you can always do a factory reset. That should kill anything that might still be hiding.
    06-09-2018 06:49 PM
  5. vwite's Avatar
    Hmmm... Can I buy you a drink?

    Lol, joking aside, if you're paranoid you can always do a factory reset. That should kill anything that might still be hiding.
    some info by malwarebytes, it seems I am fine now:

    "Infected devices will display ads until uninstalled. Unless users fall victim to downloading and installing other apps by clicking on the ads, there is no further harm done other than the annoyance of ads being displayed."

    https://blog.malwarebytes.com/detect...ware-mobidash/
    06-10-2018 12:33 PM

Similar Threads

  1. Why when I screenshot it says system ui has stopped?
    By Android Central Question in forum Ask a Question
    Replies: 4
    Last Post: 07-13-2019, 03:00 AM
  2. Replies: 3
    Last Post: 06-13-2018, 10:24 AM
  3. Why is my Samsung Galaxy Tab s2 discharging while being charged?
    By Android Central Question in forum Ask a Question
    Replies: 2
    Last Post: 06-10-2018, 03:36 PM
  4. How to bypass tethering restriction with wifi access?
    By Android Central Question in forum Ask a Question
    Replies: 1
    Last Post: 06-09-2018, 06:08 PM
  5. Replies: 0
    Last Post: 06-09-2018, 04:47 PM
LINK TO POST COPIED TO CLIPBOARD