Virus on superoneclick? - Samsung Infuse 4G

Microsoft Security Essential:
Expolit:AndroidOS/CVE-2011-1823
Category: Exploit
Description: This program is dangerous and exploits the computer on which it is run.
Recommended action: Remove this software immediately.
I was about to flash ZEUS but when I download the link from Youtube it just happened.
Is that a good idea to keep using it?
Thanks

reactorcooler said:
Microsoft Security Essential:
Expolit:AndroidOS/CVE-2011-1823
Category: Exploit
Description: This program is dangerous and exploits the computer on which it is run.
Recommended action: Remove this software immediately.
I was about to flash ZEUS but when I download the link from Youtube it just happened.
Is that a good idea to keep using it?
Thanks
Click to expand...
Click to collapse
If you download anything, I would make sure it originated on XDA (did the video have a link to XDA?)...it's probably a false-positive though...

it is well known that virus protection may pick rageagainstthecage out as malicious code. it may also find zergrush or psneuter out as well as these exploits can be used to push malware to the phone.
it's not a virus in soc. it's just a file that is associated with malware.

Dani897 said:
it is well known that virus protection may pick rageagainstthecage out as malicious code. it may also find zergrush or psneuter out as well as these exploits can be used to push malware to the phone.
it's not a virus in soc. it's just a file that is associated with malware.
Click to expand...
Click to collapse
What he said lol^^

turn off your antivirus when trying to use SOC.

I wouldn't download anything from youtube when it comes to an XDA application. Only use the XDA site for the proper things that aree needed for your device. All XDA stuff is virus free that I have used and seen, including superone click.

Related

[Q] what is this Exploit.Linux.Lotoor.g

this site tried to put this on my pc when i joined here
i also just got this alert when clicking to download an attachment added to a post here. Superoneclick.
could it be a false positive of some sort? The download hadn't begun so i doubt it was the actual attachment that was infected.
"The requested URL cannot be provided
The requested object at the URL:
http://forum.xda-developers.com/
attachment.php?attachmentid=437039&d=
1289271263
Threat detected:
object is infected by Exploit.Linux.Lotoor.g"
I am seeing it too
I am getting an alert from Kaspersky that the file rageagainstthecage file in the SuperOneClickv1.5.5-ShortFuse.zip is infected with Exploit.Linux.Lotoor.g
Kaspersky report:
detected: Trojan program Exploit.Linux.Lotoor.g file: C:\Documents and Settings\user\Desktop\SuperOneClickv1.5.5-ShortFuse\rageagainstthecage
I expect this is a false positive due to the nature of the application, but Id like someone brighter than me to confirm.
Thanks!
I'm going to have to agree with the false positive considering it says it's a linux exploit in the name. RaTC is an exploit to get root on android which is a form of linux. I've also used SuperOneClick so I know it's not malicious.
Well, maybe it is malicious if we take into consideration this:
...
Troj/DroidD-A
Aliases
* Exploit.Linux.Lotoor.k
* Exploit.Linux.Lotoor.g
* Trojan-Downloader.AndroidOS.Rooter.a
* Android.Rootcager
* Backdoor.AndroidOS.Rooter.a
* Trojan-Downloader.AndroidOS.Rooter.b
* Exploit.Linux.Lotoor.l
...
Troj/DroidD-A is a malware for Google Android phone. It purports to be legitimate application and had been on Google Market before it was taken down.
...
All the packages contains repackaged legitimate application with a trojan package in com.android.root package, which is specified to start its action prior to the normal application.
* It can access TelephonyManager and steal IMEI (International Mobile Equipment Identity) and IMSI (International Mobile Subscriber Identity) code, and various other data.
* It then add this information into an XML file
<?xml version=\"1.0\" encoding=\"UTF-8\"?>
<Request>
<Protocol>1.0</Protocol>
<Command>0</Command>
<ClientInfo>
<Partner>%s</Partner>
<ProductId>%s</ProductId>
<IMEI>%s</IMEI>
<IMSI>%s</IMSI>
<Modle>%s</Modle>
</ClientInfo>
</Request>
* using a simple XOR byte encryption with a key predefined in the class adbRoot. The decrypted byte buffer contains the IP address and the URL of the server which is used to post data about the infected phone in an XML format using an HTTP POST request
The package contains runs a set of privilege escalation exploits. These exploits are detected by Sophos as PUA HackTool "Android Local Root Exploit".
After obtaining root privilege, it tries to install another DownloadProviderManager.apk (as package com\android\providers\downloadsmanager) which is the payload (also detected as Troj/DroidD-A)
This payloads will runs as a background service "DownloadManageService" and starts whenever the phone is boot up.
* It will try to access even more information and report back, including trying to enumerate packages installed on the phone and then report back to the same control center.
* It have function to install additional packages from remote download
...
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdroidda.html
That is so confusing lol. Tbh though, I doubt they'd be malicious or else they'd be taken down off of XDA. If they were, I'm sure they'd be taken down straight away as that would be MOST DEFINETLY against the rules. Wait to see what a mod or something says though.
Skellyyy said:
That is so confusing lol. Tbh though, I doubt they'd be malicious or else they'd be taken down off of XDA. If they were, I'm sure they'd be taken down straight away as that would be MOST DEFINETLY against the rules. Wait to see what a mod or something says though.
Click to expand...
Click to collapse
Has anyone got a live link to an example of this?
pulser_g2 said:
Has anyone got a live link to an example of this?
Click to expand...
Click to collapse
Seen this in a previous post, don't know if it'll help but here: http://forum.xda-developers.com/attachment.php?attachmentid=437039&d=
1289271263
Btw, I could swear you're stalking me. jk.
pulser_g2 said:
Has anyone got a live link to an example of this?
Click to expand...
Click to collapse
Here is another link (xda-dev as host): http://forum.xda-developers.com/attachment.php?attachmentid=591335&d=1304969547
Hope it can be solved.
Thx from Germany
Has anyone confirmed or denied that this in a trojan? Kaspersky detected this file on my computer (backup of my sdcard). That file was used when I rooted my phone, so I am concerned. By the way, the two links posted above do not work.
Gaining root privileges seems to be reasonable (especially if it's part of rooting your droid), however it's legitimacy depends on the reason.
In plain English, I'm trying to say that the question about lotoor should be answered per attachment (tool) and not on a global basis.
BTW: lotoor also detected (virustotal 14/42) for zr file which is part of MTKdroidTools. I'm not qualified enough to answer if this is legit
I got this when I downloaded the ace hack kit, but disregard it.
Of COURSE it's a malicious exploit!
If you have specifically rageagainstthecage or zergrush, congratulations, your virus software has successfully discovered your ROOTING software for what it is - a malicious linux-based exploit used to root android devices!
Remember when the phone manufacturers locked the door to root? Remember we decided to break in and root em anyway? These linux exploits are what break the lock - (Super) One Click Root, root.jar files, root.exe files, etc etc. All executables with these 'virus's' that root your phone. That isn't to say you guys don't have something that may well be dangerous to linux machines, but if you still have rooting software on your Windows PC, then this is most likely what it is, and it's a-okay.
Hope you guys are sighing with relief
The4thDoctor said:
Has anyone confirmed or denied that this in a trojan? Kaspersky detected this file on my computer (backup of my sdcard). That file was used when I rooted my phone, so I am concerned. By the way, the two links posted above do not work.
Click to expand...
Click to collapse
voshell said:
this site tried to put this on my pc when i joined here
Click to expand...
Click to collapse
Have you downloaded or installed "Exynos Abuse" to root Samsung/Exynos powered device ??
Because that's what I have, and I get it all the time on my antivirus Kaspersky
Exynos Abuse main development page http://forum.xda-developers.com/showthread.php?t=2050297
wait a minute .. but my kaspersky detected it in a file named "root me " on the computer , i did root my samung mini2 with it , yet it's STILL fully functional after ks quarantined it !!
Is it something else?

Step By Step Unroot Instructions?

Kindly excuse this thread if it is located elsewhere, but can anyone point me in the direction of a step-by-step guide to unrooting my Infuse? I'd like to unroot, as I'm having difficulty connecting to AT&T servers since I rooted.
Thanks
root has nothing to do with it. or usually doesn't, people have successfully updates with root on this and the captivate. the att bloatware on the otherhand might! freeze those things so they can be unfrozen, dont uninstall them unless you want to always use xda to find .zip or odin versions. also changing the launcher could have bearing on if the update is successful, samsung likes to push tw on you in whatever ways they can.
Dani897 said:
root has nothing to do with it. or usually doesn't, people have successfully updates with root on this and the captivate. the att bloatware on the otherhand might! freeze those things so they can be unfrozen, dont uninstall them unless you want to always use xda to find .zip or odin versions. also changing the launcher could have bearing on if the update is successful, samsung likes to push tw on you in whatever ways they can.
Click to expand...
Click to collapse
Thank you for the info. I still would like to unroot.
Does anyone else have info on how to unroot step-by-step?
just so that you know. with super one click. just hit unroot.
yeah use super oneclick. but it might not work if the su binaries are in a different folder. if that's the case you might need to use adb or root explorer to remove the su file. then adb with rageagainstthecage to remove the superuser app from /system/app. though if you are using adb yoy may be able to remove that app first then the su binary just fine, i never acctually tried it.
Dani897 said:
root has nothing to do with it. or usually doesn't, people have successfully updates with root on this and the captivate. the att bloatware on the otherhand might! freeze those things so they can be unfrozen, dont uninstall them unless you want to always use xda to find .zip or odin versions. also changing the launcher could have bearing on if the update is successful, samsung likes to push tw on you in whatever ways they can.
Click to expand...
Click to collapse
I believe the person who owned the phone before me deleted bloatware Apps as I am unable to update. I know it's rooted. Any suggestions on if I should start completely over? I'd hate to have to set this all up again.
Sent from my SAMSUNG-SGH-I997 using XDA Premium App
nizmo972 said:
I believe the person who owned the phone before me deleted bloatware Apps as I am unable to update. I know it's rooted. Any suggestions on if I should start completely over? I'd hate to have to set this all up again.
Sent from my SAMSUNG-SGH-I997 using XDA Premium App
Click to expand...
Click to collapse
Do you have any AT&T apps?
I just moved my apps to a folder in my external SD card instead of actually uninstalling them.
All this has been discussed already in the infuse developers forum. Search for odin.
Good luck!
Sent from my SAMSUNG-SGH-I997 using XDA Premium App
Optimus-Prime said:
just so that you know. with super one click. just hit unroot.
Click to expand...
Click to collapse
I've seen other replies mentioning Super1Click, but I'm curious if that also works for Macintosh computers. In other forums where I've seen the suggestion to use Super1Click, it's always tied to Window computers. Does Super1Click work on Macintosh too?
egidiotx said:
I've seen other replies mentioning Super1Click, but I'm curious if that also works for Macintosh computers. In other forums where I've seen the suggestion to use Super1Click, it's always tied to Window computers. Does Super1Click work on Macintosh too?
Click to expand...
Click to collapse
If you run Mac or another Linux flavor, make sure you install Mono:
http://www.go-mono.com/mono-downloads/download.html
from
http://forum.xda-developers.com/showthread.php?t=803682
Infuse4G-BackToStock-One-Click
egidiotx said:
I've seen other replies mentioning Super1Click, but I'm curious if that also works for Macintosh computers. In other forums where I've seen the suggestion to use Super1Click, it's always tied to Window computers. Does Super1Click work on Macintosh too?
Click to expand...
Click to collapse
Runs from JAVA: Infuse4G-BackToStock-One-Click
http://forum.xda-developers.com/showthread.php?t=1216790

Root without Superuser.apk

Modded the version my buddy dodgejcr put out for the shift to work with the g2x, tested and working on cm7 & miui. Just go into recovery and flash f-su.zip.
I know some people will disagree with me on this, but I think superuser.apk is unnecessary and a nuisance. Any app that can really do damage with root permissions probably has it's own root method built into it anyway, after all, how many rogue apps have only affected rooted phones? So I choose to grant root to every app I download, if I didn't want it to have access to my phone, I wouldn't have downloaded it.
Download f-su.zip here
How do you flash an apk in Recovery?
Sent from my LG-P999 using xda premium
vn00914361 said:
How do you flash an apk in Recovery?
Sent from my LG-P999 using xda premium
Click to expand...
Click to collapse
Typo, fixed.
Joeseph Mother said:
Typo, fixed.
Click to expand...
Click to collapse
I still read "Just go into recovery and flash f-su.apk." ???
timmyjoe42 said:
I still read "Just go into recovery and flash f-su.apk." ???
Click to expand...
Click to collapse
It's still a zip file your downloading
Sent from my LG-P999 using xda premium
timmyjoe42 said:
I still read "Just go into recovery and flash f-su.apk." ???
Click to expand...
Click to collapse
Corrected. I should only be allowed to post after drinking.
You're right. I do disagree. You may understand the implications behind granting root access like it's an open door but for anyone who does not here goes. Root access to the file system means you can do anything to it. If granted root access, a renegade application can delete important system files and steal personal information. For instance, take Windows. Windows essentially runs the user at root level, not taking into account UAC in Vista on up. This is why it's so much easier to have viruses steal personal information, disable anti virus applications and delete system files. Superuser limits this access on Android to applications you specifically grant this access to. Is it necessary? No. Can renegade applications still attained root access even with it? Yes. However it just adds a layer of security that I find very useful indeed. Again though this is personal preference. I just wanted to make sure people who didn't know were educated before they do something like this. Carry on
chuckhriczko said:
You're right. I do disagree. You may understand the implications behind granting root access like it's an open door but for anyone who does not here goes. Root access to the file system means you can do anything to it. If granted root access, a renegade application can delete important system files and steal personal information. For instance, take Windows. Windows essentially runs the user at root level, not taking into account UAC in Vista on up. This is why it's so much easier to have viruses steal personal information, disable anti virus applications and delete system files. Superuser limits this access on Android to applications you specifically grant this access to. Is it necessary? No. Can renegade applications still attained root access even with it? Yes. However it just adds a layer of security that I find very useful indeed. Again though this is personal preference. I just wanted to make sure people who didn't know were educated before they do something like this. Carry on
Click to expand...
Click to collapse
Well thank you for stating your opinion in a respectful, thought out manner, seems to be rare these days.
Huge thanks man! I'm using this in my ROM (check sig ) to skip the SuperUser dialogs so the process doesn't get interrupted, then I revert it back to the normal SuperUser. Thanks a lot! =)
Joeseph Mother said:
Corrected. I should only be allowed to post after drinking.
Click to expand...
Click to collapse
Before drinking you meant, Mama? Joke
Sent from my LG-P999 using xda premium
What I wanted to do was to have the su binary in a non-default path so that I can be root only when I access my device over USB, I do not want other apps to use it.
I guess this file works only for G2x right?
link not working
does someone still have f-su.zip?
Looking for that SuperUser.apk-less su binary once again, so...
*bump* :angel:
Anyone still have that f-su.zip? :/
Bump ! I remeber how great was this file, i integrated it into one of my old phone roms, but now that link for the rom is also down. DOES SOMEONE HAVE THIS FILE??
---------- Post added at 09:07 PM ---------- Previous post was at 09:06 PM ----------
Joeseph Mother said:
Modded the version my buddy dodgejcr put out for the shift to work with the g2x, tested and working on cm7 & miui. Just go into recovery and flash f-su.zip.
I know some people will disagree with me on this, but I think superuser.apk is unnecessary and a nuisance. Any app that can really do damage with root permissions probably has it's own root method built into it anyway, after all, how many rogue apps have only affected rooted phones? So I choose to grant root to every app I download, if I didn't want it to have access to my phone, I wouldn't have downloaded it.
Download f-su.zip here
Click to expand...
Click to collapse
Reupload?

"Noob" security question

Hi all,
According to you, is rooting your device or unlock its bootloader a way for making it less secure, more vulnerable to attacks ?
Is it a false idea or a real subject ?
iwanttoknow said:
Hi all,
According to you, is rooting your device or unlock its bootloader a way for making it less secure, more vulnerable to attacks ?
Is it a false idea or a real subject ?
Click to expand...
Click to collapse
Yes it definitely is less seure
IronRoo said:
Yes it definitely is less seure
Click to expand...
Click to collapse
Thanks for your reply.
Coud you please give us more details ?
Do you mean that it can be hacked ?
What device's components are less secure when the it's rooted ?
iwanttoknow said:
Thanks for your reply.
Coud you please give us more details ?
Do you mean that it can be hacked ?
What device's components are less secure when the it's rooted ?
Click to expand...
Click to collapse
Yes, basically everything is less secure. Eg
quote "By gaining root access, you get total control over the entire system. With the right skills and tools, you can read and modify almost any parameter on your device. This is the reason why some apps, as as SuperSU, require root access in order to work properly. However, this type of access is a double edged sword as with root access nothing is there to prevent malicious applications from wreaking havoc on your system: system files can be corrupted or deleted, personal information can be skimmed, and you could even soft brick your device."
https://www.androidpit.com/5-reasons-not-to-root-your-device
And possible even just having su binary installed is an issue, though it's not clear to me whether this has been confirmed, it seems precautionary to me, if it's just a LinageOS issue or more devices are vulnerable, however this weeks update to Linage OS is trying to address this. Anyhow the fix seems to have some extra benefits
https://lineageos.org/Changelog-9/
Also, just to be clear, you are still able to be hacked even if you are not rooted, but it's a whole lot more difficult.
iwanttoknow said:
Thanks for your reply.
Coud you please give us more details ?
Do you mean that it can be hacked ?
What device's components are less secure when the it's rooted ?
Click to expand...
Click to collapse
Also just to be a tad bit more correct in nature,
Rooting or unlocking your bootloader do NOT necessarily mean your device is any less secure than it is when you first turn it on after purchase.
Many people tend to misunderstand what rooting a phone is intended for, and most of the popular "One-Click" methods are simple apps you download install and run on your phone to acquire root access through a process called "Privlidge Escalation" which gains permission as root by simply climbing a chain that eventually lets it give you access to all your phones internals,
Thus in theory, any given app could be injected with that same code & then used to MALICIOUSLY root your device (without your knowledge or control) which would obviously be a MAJOR security flaw *Cough Cough* on Google's end *Cough Cough* but since it is generally only used by geeks who want to use a phone properly they don't look too much deeper past that. However rooting your device by yourself, unlocking your bootloader by yourself, controlling root permissions via SuperSU or like application ensures if anything TRIES to gain root access YOU being the owner of YOUR device can deny the possible threat instead of never being aware of it........
Thanks for your reply.
What is *Cough Cough* ?
BTW I understand that a malicious application can take control of my device without I know it, if it's not rooted, by using the same code as applications rooting your device.
Do I have well understood what you wrote ?
But how can I have the insurance that I always will be warned by an application like SuperSU or others ?
I have necessarily to TRUST this type of application which could be also a malicious application...
It's a veritable vicious circle.
?
The question you should be asking yourself is this. Why do I want to root my device?
Though, any device may have vulnerabilities which can be exploited to gain root like mentioned. If you want to keep your device secure, do not install or use anything from an unknown source.
samehb said:
The question you should be asking yourself is this. Why do I want to root my device?
Click to expand...
Click to collapse
My main raison to root my device (if I did), would be to have a finest control on it.
But it's seems to be a difficult goal... like security in general.
?
iwanttoknow said:
My main raison to root my device (if I did), would be to have a finest control on it.
But it's seems to be a difficult goal... like security in general.
?
Click to expand...
Click to collapse
SuperSU will automatically deny anything asking it to provide root access by default . When you have an app for rooted phones installed and you run it for the first time you will get a pop-up from the SuperSU app to say "Yes, go ahead" or "No!" to anything before it even runs. So for me I always try to get devices with a way to root available because its the only way I know if stuff is trying to gain root access without my permission & watch it's actions.
@LilAnt530
Thanks for your reply.
My previous device was rooted and I used SuperSU.
But as I wrote before, "how can I have the insurance that I always will be warned by an application like SuperSU or others ?
I have necessarily to TRUST this type of application which could be also a malicious application..."
iwanttoknow said:
@LilAnt530
Thanks for your reply.
My previous device was rooted and I used SuperSU.
But as I wrote before, "how can I have the insurance that I always will be warned by an application like SuperSU or others ?
I have necessarily to TRUST this type of application which could be also a malicious application..."
Click to expand...
Click to collapse
Oh okay dude apologies the Open Source alternative to SuperSU is Phh's SuperUser & you can find it in the magisk related forum. SuperUser is only questioned as "Malicious" because ChainFire keeps the source closed from what I understand, so I believe it was Phusssion who came to light abt showing us systemless root methods with his open source root management app . You may need to root your phone with an unsafe method, & install Magisk Manager & deploy a magisk install to get the open source variant to work though, not 100% sure
It seems that it will be more and more difficult to root a mobile with new Android's versions.
iwanttoknow said:
It seems that it will be more and more difficult to root a mobile with new Android's versions.
Click to expand...
Click to collapse
I agree! And it also feels like its becoming a very heavy marketing plot aspect instead of another thing that made Android great. Like are we just supposed to pay ridiculously for the Pixel to obtain root? & for the record, that "Essential" phone, is still sorta essentially too expensive......
iwanttoknow said:
@LilAnt530
Thanks for your reply.
My previous device was rooted and I used SuperSU.
But as I wrote before, "how can I have the insurance that I always will be warned by an application like SuperSU or others ?
I have necessarily to TRUST this type of application which could be also a malicious application..."
Click to expand...
Click to collapse
Phh superuser with Magisk is a 100% open source method for managing root access on your device
Also discussed there: https://forum.xda-developers.com/showthread.php?t=2687933
Primokorn said:
Also discussed there: https://forum.xda-developers.com/showthread.php?t=2687933
Click to expand...
Click to collapse
Thanks I was trying to find one of those lol. As ive seen this question asked hundreds of times within recent months across forums
iwanttoknow said:
Hi all,
According to you, is rooting your device or unlock its bootloader a way for making it less secure, more vulnerable to attacks ?
Is it a false idea or a real subject ?
Click to expand...
Click to collapse
Rooting is a way to access the root-user on Android. It is the exact same as logging in as the root user in UNIX based operating systems. The windows equivalent of 'root' user, is an administrator account. Only difference is, within other UNIX based operating systems, the root user account is easily accessible. In android, it is blocked, so you need to do some process to gain access to the root user account. This process is known as "rooting".
Now, with administrative privileges, you gain the ability to modify the system, which is very useful, if kept in the right hands. But GOD FORBID, you get some nasty malware, such as a trojan or virus on your rooted device, that piece of malware now has access to administrative privileges, and can virtually do ANYTHING it wants to your system.
If you get some malware while the device does not have root access, the scenario is a lot less serious, as the malware cannot access system files, UNLESS there is an exploit designed SPECIFICALLY for that device or software version.
Now, unlocking bootloader in theory is a security flaw.... but then again, freedom is always inversely proportional to security... you have to sacrifice a bit of one to acquire the other. Theoretically, if all the custom operating systems you install are from trusted sources, and there is no embedded backdoors or spyware, or rootkits, or trojans, it is perfectly alright, software vulnerabilities, it is alright. But you simply cannot trust what these developers of custom roms actually embed into their roms, without actually examining the code itself.
I would recommend if you root and unlock the bootloader, install a custom recovery software such as TWRP. That way, in case your device gets compromised by hackers/malware, you can completely reformat the drive, and flash the stock firmware, thereby removing the malware.
Hope this helps.
Hope this helps.
---------- Post added at 09:31 AM ---------- Previous post was at 09:28 AM ----------
iwanttoknow said:
It seems that it will be more and more difficult to root a mobile with new Android's versions.
Click to expand...
Click to collapse
Yes, but the difficulty isn't because of the operating system necessarily. It is mostly because the phone manufacturers lock the bootloader, which makes the process of getting root very difficult. In addition to that, certain exploits that we use to gain root access are also being patched in the newer Android versions.
BIG_BADASS said:
Rooting is a way to access the root-user on Android. It is the exact same as logging in as the root user in UNIX based operating systems. The windows equivalent of 'root' user, is an administrator account. Only difference is, within other UNIX based operating systems, the root user account is easily accessible. In android, it is blocked, so you need to do some process to gain access to the root user account. This process is known as "rooting".
Now, with administrative privileges, you gain the ability to modify the system, which is very useful, if kept in the right hands. But GOD FORBID, you get some nasty malware, such as a trojan or virus on your rooted device, that piece of malware now has access to administrative privileges, and can virtually do ANYTHING it wants to your system.
If you get some malware while the device does not have root access, the scenario is a lot less serious, as the malware cannot access system files, UNLESS there is an exploit designed SPECIFICALLY for that device or software version.
Now, unlocking bootloader in theory is a security flaw.... but then again, freedom is always inversely proportional to security... you have to sacrifice a bit of one to acquire the other. Theoretically, if all the custom operating systems you install are from trusted sources, and there is no embedded backdoors or spyware, or rootkits, or trojans, it is perfectly alright, software vulnerabilities, it is alright. But you simply cannot trust what these developers of custom roms actually embed into their roms, without actually examining the code itself.
I would recommend if you root and unlock the bootloader, install a custom recovery software such as TWRP. That way, in case your device gets compromised by hackers/malware, you can completely reformat the drive, and flash the stock firmware, thereby removing the malware.
Hope this helps.
Hope this helps.
---------- Post added at 09:31 AM ---------- Previous post was at 09:28 AM ----------
Yes, but the difficulty isn't because of the operating system necessarily. It is mostly because the phone manufacturers lock the bootloader, which makes the process of getting root very difficult. In addition to that, certain exploits that we use to gain root access are also being patched in the newer Android versions.
Click to expand...
Click to collapse
Thanks a lot for your detailed answer.
If you need security, just root and install supersu or magisk.
If you have xposed framework, then try a nice fire wall like Xprivacy
As far as I can tell both SuperSU and Magisk are trusted and reliable, people wouldn't be using them, if they were untrustworthy. And I agree with Big's comments, freedom and ability to manipulate what you want in the device comes with a significant security issue. You are going to have to be careful about this either way.

is dc-unlocker's HCU safe to install ?

Hello,
I possess a GR5 BLL-L22 which is bootlocked, and I need an unlock code sinced Huawei doesn't provide them anymore.
I am willing to pay the credits needed to perform the unlock. I went into DC unlocker site and downloaded HCU on my Windows 10 computer, but there are signs that scream malware:
* download is a password protected zip
* App does not allow to run inside a Virtual machine
* Last but not least, my AV Sophos, detect it has adware and put it into quarantine
Any thoughts ?
Also, do I really need to install something on my computer to get an unlock code ? I believe I only need to pass the IMEI or some identifier to get the unlock code.
biaib said:
Hello,
I possess a GR5 BLL-L22 which is bootlocked, and I need an unlock code sinced Huawei doesn't provide them anymore.
I am willing to pay the credits needed to perform the unlock. I went into DC unlocker site and downloaded HCU, but there are signs that scream malware:
* download is a password protected zip
* App does not allow to run inside a Virtual machine
* Last but not least, my AV Sophos, detect it has adware and put it into quarantine
Any thoughts ?
Also, do I really need to install something on my computer to get an unlock code ? I believe I only need to pass the IMEI or some identifier to get the unlock code.
Click to expand...
Click to collapse
For the most port, you need to go in, get your code and then delete it. It's safe on my phone. However, you can always try Ministry of Solutions. But they may cost More. Rest assured, did you download from official site? If so, then it's safe. Just get your code and delete it.
Mannan Qamar said:
For the most port, you need to go in, get your code and then delete it. It's safe on my phone. However, you can always try Ministry of Solutions. But they may cost More. Rest assured, did you download from official site? If so, then it's safe. Just get your code and delete it.
Click to expand...
Click to collapse
Hello, thanks for the answer. What do you mean on your phone ? is there an android version of the unlocker ? because what I have is a zip archive with a windows installer in it.
If I desinstall it from windows, that does not guarantee at all it will remove any associated malware.
biaib said:
Hello, thanks for the answer. What do you mean on your phone ? is there an android version of the unlocker ? because what I have is a zip archive with a windows installer in it.
If I desinstall it from windows, that does not guarantee at all it will remove any associated malware.
Click to expand...
Click to collapse
Sorry. Typo. I meant on my PC. There is no Android version. You can always use an anti virus to check. Alternatively, if you downloaded it from Official Site you have nothing to worry about.
Its perfectly alright, I have used all their S/W on many occasions and I agree HCU flags as malware on my Win10 PC also.
I have to suspend Defender to run it.
I told them about this and they more or less said that I must be mistaken as no one else had complained.
I then sent them a screenshot and all they said that it is a false positive as their S/W is 100% virus free.
Sparkrite said:
Its perfectly alright, I have used all their S/W on many occasions and I agree HCU flags as malware on my Win10 PC also.
I have to suspend Defender to run it.
I told them about this and they more or less said that I must be mistaken as no one else had complained.
I then sent them a screenshot and all they said that it is a false positive as their S/W is 100% virus free.
Click to expand...
Click to collapse
Ok, thanks. In the end I used their dc-unlocker program which is not flagged.

Categories

Resources