Malware detected and removed

[anon(10227631)]

In search of a credible spotify hack, I installed infected apk's. (After 4 tries or so, I did find a legit apk.)

A chrome tab would open to a different phishing site every 15 min or so. Also, a hover-type of app would show up and ask if I wanted to install various apps which I assume belong to the creator of the malware.

I immediately knew it was the APK's when I checked my download history and saw that the 1st 3 or so apk downloads were each 3.4 Mb and the real one was 35 or so.

I tried to remove it with Avast mobile security, but it did not detect anything.

This morning I installed MalwareBytes and it did manage to find the infected app. In the list of infected apps/files at the conclusion, it appears as an "unnamed" app with no picture.

When I tried to uninstall, it would fail saying the app had administrator permission and needed to be deleted another way. So, I did the following.

Settings > Apps >
Upper righthand menu > Special access > Device admin apps > and unchecked the permissions granted to the same mysterious app.

This allowed MalwareBytes to uninstall the app successful.

Not sure if I can post the legit link here. Just be careful out there.

 

[Mooncatt]

I'll just say don't use hacked apps (discussions of which are against the rules here) and download the legitimate versions from reliable places like Google Play or Amazon's app store.

 

[Laura Knotek]

Discussion of cracked apps that steal paid services is not permitted here at Android Central. Thread closed.