Google's apps keeps being reinfected with different Malware, any hope of stopping this?

  • Thread starter Android Central Question
  • Start date
A

Android Central Question

Hi.

I have now been dealing with a hack attack on my household (All the IoT connected to my wifi) the last 5 months, where I had to get help from a guy who is considered among the top 6 ethical hacker / Malware remowal humans in the world.

He connected to my laptop and cleaned my household and locked everything down for the general hacker abilities.

But my phone, a samsung s20 5g Ultra, keeps getting reinfected with different malware, but mainly trojan.dropper and trojan.banker.

I managed to get it clean, but the google partner setup app keeps getting reinfected. Now it has spread amongst the google apps since my google maps app have got a spynote infection. Deleted it, but still there when rebooting my phone.

The superhuman/malware removal guy connected with me and got a friend of him, one of the best hackers to ever do it, to take a look and see what to do. They said smash the phone as soon as possible since it's not any hope left, and get it far away from my other electronic things that where connected to the internet, since they ment it could infect anything within a Bluetooths reach.

And if I where to have it at home, I should build a metal box and throw it inside since they since they both where convinced it was infectious even turned off.

So are there any hope? Anyone?
 

VidJunky

Well-known member
Dec 6, 2011
5,870
770
113
Visit site
Welcome to Android Central.

While I know it's a loosing cause I have a few questions.

First how are you detecting these viruses and malware?

Is your device rooted?

Are you going to dangerous places on the web or installing apps from places other than the Play Store, Amazon Apps or the Galaxy Store?



What do these guys know about Android? Android is based on Lynx which sandboxes apps making them very difficult to communicate between one another preventing most issues from most viruses. This is not to say that it is impossible just that there are much easier targets out there that would require a lot less effort. Having said that a vast majority of anti virus anti malware detection apps are junk. With Android being so unlikely to get an actual virus or actual malware these apps just use up your phones resources, battery, memory, CPU and spit out bologna. They often identify legit apps as spyware or malware and legit system functions as viruses. Look around the web for your self, there are no epidemics of devices with viruses or whole systems being shutdown due to infections. Most of these apps are worse than what they claim to protect you from wanting you to $ubscribe, $ign-up or buy extra $ervice$ or feature$ to prey on everyone's fear of personal information being stolen or bank account being drained. But if you have a social media account you're already putting all of your personal information out there. If you're paying for a virus or malware detection service, your bank account is already being drained.

If you stick to a few basic rules you have very little to worry about anyway;
Don't go looking for trouble. This has a double meaning. Going to shady places on the web is unadvisable but it also means if you start looking for something you're going to find it. If you're putting anti virus apps on your device you'll eventually find one that shows a positive hit even if it isn't positive.

Stick to trusted places. There aren't any apps out there that you can't find a legit version of or similar function to that you can't find at the Play Store, Amazon Apps or the Galaxy Store. Again if you're looking for apps that wouldn't be on these platforms you're looking for trouble and these shady places online are more than happy to serve it up.

Restart your phone regularly and keep it up to date. Most Android issues arise when caches don't get cleaned out or things aren't kept up to date. Simply restarting a device regularly, weekly or even every two weeks, keeps most issues at bay. Keeping the device updated means that the device has all of the up to date patches and security software to ward off attacks and hacks.

Keep calm and be objective. Acting out of fear or panic will often lead to the wrong decision. People will always prey on fear, it is literally the easiest way to take advantage of someone. Why would someone want to hack you? Most of us don't have huge amounts of money, power or influence that would make us targets. Again consider the difficulty, time and effort needed to attack the Android system, what's the gain? Does it really make sense?



To reply to this thread and receive notifications when others reply please create an account. This link will help you do that... https://forums.androidcentral.com/ask-question/409154-join-android-central-community-new-post.html


https://forums.androidcentral.com/ask-question/966023-i-ve-been-hacked-new-post.html
 
Last edited:

B. Diddy

Senior Ambassador
Moderator
Mar 9, 2012
166,964
7,048
113
Visit site
Welcome to Android Central! I'm not sure how your Google apps are getting "infected." Google apps are Google apps -- they wouldn't suddenly incorporate viruses.

I assume you've done factory resets of your phone, right? When you do that, are you restoring the phone using a prior backup, or are you setting it up from scratch? I would recommend the latter, and don't immediately start installing all of your usual apps. Use it as barebones as possible for a little while to see if the problems resurface. Many times, people who keep getting "hacked" are reinstalling the same shady or malicious app over and over, thinking it's safe and legit.

If you routinely connect your phone to your home wi-fi, make sure your wi-fi network is using the latest security protocol (typically WPA2-PSK/AES), and consider subscribing to a good VPN as well (like NordVPN -- stay away from the free ones, because almost nothing good is absolutely free). Also make sure as many of your online accounts as possible are utilizing 2-factor authentication (and don't use SMS as the 2nd factor, if possible -- use an authenticator app, or choose the option to get a call or an email for the 2nd factor).

See these for more ideas:
“I’ve been hacked” - Android Forums at AndroidCentral.com
[GUIDE] How To Avoid Malware - Android Forums at AndroidCentral.com
 

PattheTomcat

New member
Aug 10, 2021
1
0
0
Visit site
I do try to take the most rational approach to these things but i can relate to an extent. I seem to be experiencing a similar problem, all my devices are afected, samsung phone, tabs7, Google cast,nest, router, even ps4. I first noticed changes in settings options, or greyed out options, and à weird "services agreement" common to all devices always describing very invasive permissions I supposadly agreed to when accepting to use "open source license" I have since then identified the main app that originates all the background installs of apk files that enable remote control of basicly everything. Its a fake version of google llc apps suite, all awnsering to à fake Google pla services app, that spams messages warning me that none of the apps and fonctions of the device will work unless i enable it back on, if i try to disabke it.(and device is in fact unusable while disabled) and im very confident that this has been made possible when somehow my phone had been rooted at one point. Not by me, never tryed doing that, just a basic knowledge of the implications. I have basic safety habbits on the web, but i can think of a few people that could have a motivé for having this installed in my network, and could have had access to a device, or just connected on my wifi. The problem i have now, is i cant get rid of this, even on a nés phone, with new Google account, never connected to my wifi, even new sim card. Onle the cell number and provider linked to the sim card was not new. I find hard to beleive that a huge cellphone company like bell could be the source of that recurring breach in my accounts. I realy need to know how to ge trid of this vulnerability and hopefully not having to set fire to every electronic device i own. I dont care about my accounts and not even the phone number at this point. I WAS close to try to perform flashing firmware of my phone and reinstalling adroid10, but i expected a great risk of f*cking it all up, and afterseeing the same "open source agreement" files in my ps4, as well as error history of software trying to remote control the mic and camera among other suspicious records, i dont see the point of such a attempt to save my phone. And anyway, since last weekend, said phone is now bricked, woke up to it unresoonsive without apparent reason. Its a galaxy a71 less than a year old. Any advice?
 

B. Diddy

Senior Ambassador
Moderator
Mar 9, 2012
166,964
7,048
113
Visit site
Welcome to Android Central! Can you show us some screenshots of the suspicious apps and agreement? http://forums.androidcentral.com/ge...ide-how-post-screenshots-android-central.html

If you're unable to revive that phone, then with the next phone you get, set it up as brand new, and do NOT restore from a backup account, and don't automatically install any previous apps from the Play Store that you might have previously installed. Use the phone that way for a few days and see if any of the problems arise.
 

methodman89

Well-known member
Feb 5, 2018
4,214
383
83
Visit site
I do try to take the most rational approach to these things but i can relate to an extent. I seem to be experiencing a similar problem, all my devices are afected, samsung phone, tabs7, Google cast,nest, router, even ps4. I first noticed changes in settings options, or greyed out options, and à weird "services agreement" common to all devices always describing very invasive permissions I supposadly agreed to when accepting to use "open source license" I have since then identified the main app that originates all the background installs of apk files that enable remote control of basicly everything. Its a fake version of google llc apps suite, all awnsering to à fake Google pla services app, that spams messages warning me that none of the apps and fonctions of the device will work unless i enable it back on, if i try to disabke it.(and device is in fact unusable while disabled) and im very confident that this has been made possible when somehow my phone had been rooted at one point. Not by me, never tryed doing that, just a basic knowledge of the implications. I have basic safety habbits on the web, but i can think of a few people that could have a motivé for having this installed in my network, and could have had access to a device, or just connected on my wifi. The problem i have now, is i cant get rid of this, even on a nés phone, with new Google account, never connected to my wifi, even new sim card. Onle the cell number and provider linked to the sim card was not new. I find hard to beleive that a huge cellphone company like bell could be the source of that recurring breach in my accounts. I realy need to know how to ge trid of this vulnerability and hopefully not having to set fire to every electronic device i own. I dont care about my accounts and not even the phone number at this point. I WAS close to try to perform flashing firmware of my phone and reinstalling adroid10, but i expected a great risk of f*cking it all up, and afterseeing the same "open source agreement" files in my ps4, as well as error history of software trying to remote control the mic and camera among other suspicious records, i dont see the point of such a attempt to save my phone. And anyway, since last weekend, said phone is now bricked, woke up to it unresoonsive without apparent reason. Its a galaxy a71 less than a year old. Any advice?

How does someone apparently spend time complaining anonymously, in detail, yet fail to respond when help is offered? Seems trollish. I'll believe this one when they respond to B Diddy.
 

Forum statistics

Threads
948,554
Messages
6,939,749
Members
3,161,207
Latest member
jordaao