Hi All,
While installing Modded apps from Mobilism or any other forums first I used to scan at VirusTotal. If it shows below 3 or 4 detection then I would install app in my phone.
But I have doubt from many days, Is it enough to detect the both virus, malware and Data leakages like IMEI.
How to scan and analyze the APK file before installing and make sure it is safe to use on our device.
Is there any chance that modded apps uploading in forums can transmit our data like photos and videos to private servers? Can we know that by scan and analyzing the APK?
Please help me to know these details.
How to check these details of app behaviour?
I think look at permission of these apks with original apk, to more look at deep, isnt it?
Related
Hi everyone,
I see there are plenty of antiviruses for the android. Is viruses for the android very common? (Ie. Like windows virus is much more rampant vs macintosh?) What kind of precaution should we take to prevent our gadgets from being affected? (Ie. Downloading apps from untrusted sources? Via sms/email?) Is it really necessary to install an antivirus? If so, what is recommended?
Thank you!
Sent from my HTC Liberty using XDA App
manojsuper said:
I wouldn't get a virus scanner if I were you...they are pointless because the android system is possibly the most secure system in completion with the RIM Blackberry! Just make sure that every time you download an application that you are aware of the "permissions" that you are giving it and you should not get a virus anytime soon
Click to expand...
Click to collapse
How is it the most secure system? There are apps out there that access things that they don't need to access, i'll give you a few examples:
Applications that I have installed that can track my location:
Alchemy
IMDb
Why would a GAME such as Alchemy NEED to track my location? Why would IMDb need to track my location?
Apps that can read my mobile number, serial number or other data:
Alchemy
Unblock Me Free
These apps listed are only apps that I don't see them needing to access what they have the ability to access. How many people do you think have alchemy and IMDb installed? It would be so so SO easy for someone to write a malicious app that looks legit..that's just my 2 cents...not saying it doesn't exist not saying it does...
Also, only reason I have an antivirus app is because I have lookout installed and the only reason I installed that is so if I lose my phone i can lock it remotely and wipe it if needed.
I've just tried an app from a website out of stupidity and it totally took over my phone. It just kept loading a webpage over and over until I killed the app. I'm just concerned about my Nexus and my data.
Has anyone heard of http://leviathansecurity.com and the nopermissions.apk?
Stock and unrooted.
I haven't heard of that website but I think you should uninstall that app rather than just closing it.
I downloaded a bad app as well last week but it deleted all my SD content, photos and music etc
Now I only install Apks from here on XDA and play store of course
here's link about that apk,
leviathansecurity.com/blog/archives/17-Zero-Permission-Android-Applications.html
3 functions
reads sd data,
reads what apps install and access their data
device information
then sends info via url by opening webpage to send data
its just to show how easy it is to give access to your information for apps that abuse permissions or even given none like this apk, this one is intentional to show the loop holes
I didn't realise how easy it was, rooted is evem worse
GMonkey said:
I've just tried an app from a website out of stupidity and it totally took over my phone. It just kept loading a webpage over and over until I killed the app. I'm just concerned about my Nexus and my data.
Has anyone heard of http://leviathansecurity.com and the nopermissions.apk?
Stock and unrooted.
Click to expand...
Click to collapse
DELETE that app, make sure the apk is gone too.
When you approved side loading of apks, your good phone warned you to be careful with what you ok to install, no?
Install Lookout as well and let it do a full scan, you never know..
Leviathan security, and the no permissions app, is a test application to show how zero permission apps can still read and steal data from your phone without permissions. AFAIK it isn't malicious, just a test app to show how easy it is for 0 permission apps to steal your data. Just uninstall the APK. More info here: http://leviathansecurity.com/blog/archives/17-Zero-Permission-Android-Applications.html
Thanks Peeps, It did seem legit on the site before I installed it. It's just the fact it took over my browser for a bit. The app was removed but, would there be a need to hard reset or anything like that? I'm normally rooted and have a data firewall to block anything outgoing on certain apps but, with the N4 being so good as it is I've put it off until I can no longer resist the urge.
Hello. I'm working on a custom device that is not on the market yet, and I am having issues getting it to work with Google Play. I have root access, so I was able to sideload GooglePlay.apk and GoogleServicesFramework.apk. However, I am forced to use Market Helper in order to download apps. I would like to bake in compatibility to the ROM itself, but am having issues.
I've tried modifying the build.prop to have dummy values for ro.product.{model,device,manufacturer}, as well as ro.hardware and ro.com.google.clientidbase. I feel like I'm close, but the device still fails to be accepted by Play without marker helper.
Any hints or advice are tremendously appreciated!
Sorry, can't help you with the problem.
But I am really interested in your custom device. Could you please tell us more about it?
Cool.
For those who encounter a similar problem, I will post the answer. Credit to (xkcd: Wisdom of the Ancients) for the idea.
edit: the policy of not posting outside links is really annoying. All links have the base: http: slash slash developer dot android dotcom , just add the relevant url and glue it together.
Anyway, here goes. Turns out the build.prop was not the limiting factor.
Explanation of the overall process:
- Developers create an app, and list certain features it depends on in the manifest.xml file located in the root of the apk. ( /guide/topics/manifest/uses-feature-element.html)
- When the Play Store is opened, a call is made to getSystemAvailableFeatures()
- This call is handled by an internal app called PackageManager - (/reference/android/content/pm/PackageManager.html)
-This app looks in /system/etc/permissions and parses the xml files to determine what hardware and software features the phone has. it then sends this list back to the play store. - see( /guide/practices/compatibility.html) and ( /google/play/filters.html )
- The play store then filters the apps, as per the links above.
How to modify this:
- What I’ve done is taken the files from /system/etc/permissions on a galaxy S2 Skyrocket (my personal device), and copied in all of them, without overwriting the already existing files. Now, google play works and allows the download of the same subset of apps as on the Skyrocket.
For those wondering how to include these files at compile time, here is the answer:
http://forum.xda-developers.com/showthread.php?t=2356046
I hope that this is not the wrong place for my post.
I am trying to protect an apk from being copied/extracted/backed up off the phone and installed later, on another phone.
I have to mention that the app is not (and will not be) for sale on PlayStore or on any web store, being sold along with the phone. This is why I can not use apk protection offered by GooglePlay, which is anyway cracked at his time.
But I want to take advantages on this situation: every single phone will pass trough my hands (I will install myself the app) before hitting users. How can I use this advantage in order to protect my app?
At this time my app is not visible in Running Apps drawer, is having a default Android icon and the name is disguised in something pretty innocent. GUI access by dialing a code. No worries, is not malware but only a security app regarding GSM connection security.
Also, is running as a system app, which make it invisible for apps like Astro file manager, thus impossible to copy/back up by such file manager apps. Unfortunately there are a bunch of system app managers, that can convert a system app on user app, and then copying the apk file is easy.
I know that security sucks big time when it comes about Android OS, but I am determined to find a way to protect my app.
I know also that even a licensing scheme based on IMEI, WiFi MAC or Bluetooth MAC addresses can be bypassed by some skilled crackers. This values can be spoofed or even null.
I have tried apk encryption. Doesn't work: some apps supposed to encrypt other Android apps are actually encrypting only app libraries, not the apk file itself. By encrypting apk file, the app obviously will not work.
Code obfuscation is not an option as long the app can be duplicated off the phone and installed later on another phone.
The last idea that I had: pulling some app resources (like drawables) from a server. What do you think?
At this time I'm in a dead end. I have no more ideas how to protect my app. That's why I need your help. Can you give me please some feasible ideas, based on your huge experience?
Thank you very much for your time.
theres a thread
http://forum.xda-developers.com/showthread.php?t=2279813
where we're discussing about methods to protect apps from piracy u can post it there
Sent from my GT-S5302 using Tapatalk 2
Thanks
Thx a lot sak-venom1997.
Hi all
I've had this bizarre issue on my phone where on the drop down notification bar, it says the Download Manager is downloading... It will be a strangely named document.. The last one was Skepticism and something or other... If I click on it nothing happens, I don't know what app is downloading it.. I have not downloaded anything and all I can do is cancel it if I'm quick enough.
I can't find any info on this issue on Google and I'm worried it's a virus... But again, I'm unable to establish where on earth it's coming from.
It happens occasionally (ie not every day) once I'm connected to the Internet.
Has anyone else experienced this and are there any solutions!?
Many thanks.
Hi, first use this site www.virustotal.com , this is an online virus analyzer that use more than 60 anti virus to scan the file (everything online) and gives you info about it, where it comes from etc , use this to be sure your mystery file is clean (I use this site very often it is just wonderful)
And then you are using a 3rd party download manager app? If you are be sure it is a reputable app and with my personal experience I have used a lot and the best one is by far ADM (advanced download manager), and if you know the download comes from the 3rd party download manager try to delete data of this app or if it comes from a browser you can see from which site this thing is downloading.
But if you still have this issue I can advise that;
Uninstall the kind of useless and dangerous apps like clean master, any """battery saver""" apps or flashlight apps that only display ads, use ram and battery and have very suspicious permissions and you have all those features built in.
Next do some spring cleaning, uninstall apps you aren't using and check the permissions settings to see if there is some suspect things, like a flashlight app that can access your contacts, sms, storage and location for example, you get the point
I hope it will be resolved, and you will see this website is great and will gives you infos about your file have a nice day