- Apr 29, 2017
- 12
- 0
- 0
In search of a credible spotify hack, I installed infected apk's. (After 4 tries or so, I did find a legit apk.)
A chrome tab would open to a different phishing site every 15 min or so. Also, a hover-type of app would show up and ask if I wanted to install various apps which I assume belong to the creator of the malware.
I immediately knew it was the APK's when I checked my download history and saw that the 1st 3 or so apk downloads were each 3.4 Mb and the real one was 35 or so.
I tried to remove it with Avast mobile security, but it did not detect anything.
This morning I installed MalwareBytes and it did manage to find the infected app. In the list of infected apps/files at the conclusion, it appears as an "unnamed" app with no picture.
When I tried to uninstall, it would fail saying the app had administrator permission and needed to be deleted another way. So, I did the following.
Settings > Apps >
Upper righthand menu > Special access > Device admin apps > and unchecked the permissions granted to the same mysterious app.
This allowed MalwareBytes to uninstall the app successful.
Not sure if I can post the legit link here. Just be careful out there.
A chrome tab would open to a different phishing site every 15 min or so. Also, a hover-type of app would show up and ask if I wanted to install various apps which I assume belong to the creator of the malware.
I immediately knew it was the APK's when I checked my download history and saw that the 1st 3 or so apk downloads were each 3.4 Mb and the real one was 35 or so.
I tried to remove it with Avast mobile security, but it did not detect anything.
This morning I installed MalwareBytes and it did manage to find the infected app. In the list of infected apps/files at the conclusion, it appears as an "unnamed" app with no picture.
When I tried to uninstall, it would fail saying the app had administrator permission and needed to be deleted another way. So, I did the following.
Settings > Apps >
Upper righthand menu > Special access > Device admin apps > and unchecked the permissions granted to the same mysterious app.
This allowed MalwareBytes to uninstall the app successful.
Not sure if I can post the legit link here. Just be careful out there.