Hello guys,
Yesterday this strange and unknown process "zygote" started asking me root permissions. Obviously I have not given them to it but I'm worried about because googling it I read that it could be linked with Triada malware, that exploits Zygote, this fundamental part of Android.
Anyone knows what the hell is it? Thank you.
dooz96 said:
Hello guys,
Yesterday this strange and unknown process "zygote" started asking me root permissions. Obviously I have not given them to it but I'm worried about because googling it I read that it could be linked with Triada malware, that exploits Zygote, this fundamental part of Android.
Anyone knows what the hell is it? Thank you.
Click to expand...
Click to collapse
A real zygote will never ask for root, as it has it anyway. You got yourself a virus...
optimumpro said:
A real zygote will never ask for root, as it has it anyway. You got yourself a virus...
Click to expand...
Click to collapse
I found the problem, it was WhatsApp Extension, a Xposed module. Just deactivated and removed it.
optimumpro said:
A real zygote will never ask for root, as it has it anyway. You got yourself a virus...
Click to expand...
Click to collapse
I found the problem, it was WhatsApp Extension, a Xposed module. Just deactivated and removed it.
dooz96 said:
I found the problem, it was WhatsApp Extension, a Xposed module. Just deactivated and removed it.
Click to expand...
Click to collapse
I am also using it and it is asking zygote and whatsapp root privilege.. It gives a decent privacy option so should I uninstall it..??
[email protected] said:
I am also using it and it is asking zygote and whatsapp root privilege.. It gives a decent privacy option so should I uninstall it..??
Click to expand...
Click to collapse
Try to check if there is a new update
I do not have Whatsapp and Xposed and phone is clean but have Zygote asking for supersu. Why?
kimiraikkonen85 said:
I do not have Whatsapp and Xposed and phone is clean but have Zygote asking for supersu. Why?
Click to expand...
Click to collapse
yeah Same for me :/
I just encountered zygote requesting SuperSU permission today. I have Xposed but not WhatsApp. Any help on this issue will be greatly appreciated.
mel2000 said:
I just encountered zygote requesting SuperSU permission today. I have Xposed but not WhatsApp. Any help on this issue will be greatly appreciated.
Click to expand...
Click to collapse
Gamekiller also has that
Just happened here: "zygote" requesting for root permissions. Have Xposed installed and barely one single module running (Xtoast) as of now. I've been using Xposed in several devices, ranging from GB to MM and I can't remember zygote asking for root permissions before. This one (Acer S57) is KK 4.4.4, though it's not pure Android and I must say that I actually have a red warning from Xposed installer (attachment), so yes, I've installed under my own "risk". After some research on the subject, I've found some people suggest it could be either a SuperSu (v2.82) bug, or some sort of malware... After checking via Apps2SD emulator (attachment) there's only one zygote process, so I'm almost concluding that most likely, this has everything to do with Xposed being installed on Acer's custom ROM. Whatever; meanwhile I decided to follow suggestions about not granting permissions to zygote since as a "general rule", this is not supposed to happen. I'll keep an eye on this and place this question on the proper Xposed thread, because I'm pretty sure this ain't no malware but something related to Xposed...
Sent from my acer_S57 using XDA Labs
I am fairly certain that no app will ask your root permissions. That's just ridiculous and also keep in mind, that applications are developed for locked phones, which means they naturally won't have access to root. There is no reason for them to be asking root permissions.
I also had this zygote pop-up in 2 of my devices and it appeared in both devices after i Installed hebf optimiser..can anyone confirm if it's a virus? I gave it root access to see what it does
warez, piracy, or enabling of them will not be discussed on XDA.
Many of us make our living off software, no matter your beliefs on it, piracy takes from our tables. Earning a living at 99cents at a time is HARD.
Don't be a thief, pay for the work that others do for you.
Came here for answers,i have the same question. This process just popped up, haven't installed anything recently but Google maps did an update so that might be a clue.
dooz96 said:
I found the problem, it was WhatsApp Extension, a Xposed module. Just deactivated and removed it.
Click to expand...
Click to collapse
I considered appropriate to share "WhatsApp Extensions" developer quote to rovo89's answer on this matter:
https://forum.xda-developers.com/xp...pp-extensions-add-extra-t3452784/post73993216
BTW, a few minutes earlier, I just denied zygote root permission request, this time on Moto G4 Plus... and I DON'T have "WhatsApp Extensions", but a nice amount of other Xposed modules installed. Must watch which one fails to do it's job, I guess... or just do what @rovo89 says.
Sent from my Moto G4 Plus using XDA Labs
Heyho,
just came across this thread and read about a similar issue earlier. So, just to leave another hint why zygote is maybe asking for root permissions.
Here is a nice explained article
https://securelist.com/attack-on-zygote-a-new-twist-in-the-evolution-of-mobile-threats/74032/
Regards,
Sebastian
Sent from my HUAWEI WAS-LX1A using XDA Labs
k1ll3r8e said:
Heyho,
just came across this thread and read about a similar issue earlier. So, just to leave another hint why zygote is maybe asking for root permissions.
Here is a nice explained article
https://securelist.com/attack-on-zygote-a-new-twist-in-the-evolution-of-mobile-threats/74032/
Regards,
Sebastian
Click to expand...
Click to collapse
Sorry to bring up an old thread, but that link you posted made my head hurt. LOL!
Actually, I took my time and read it slowly so my old brain could grasp how it was created.
Someone put a tremendous amount of work into that clever attack.
Thanks for posting that!
Related
I have the preview build that I put on using the .zip, I then rooted the phone. But there are things I want to change of course. So I was wondering does Xposed work on M? If so what do I need to do to get it on there?
Dude.. Xposed isn't even working 100% on lollipop. Either help the project or be patient and wait like most of us around here.
Goddamn spoonfeeding has to stop, opening a thread for this wasn't necessary, since there is a general thread for Xposed right here on XDA. You would have found your answer there.
beekay201 said:
Dude.. Xposed isn't even working 100% on lollipop. Either help the project or be patient and wait like most of us around here.
Goddamn spoonfeeding has to stop, opening a thread for this wasn't necessary, since there is a general thread for Xposed right here on XDA. You would have found your answer there.
Click to expand...
Click to collapse
Little bit harsh, but I have to agree.
Android M is TOO early to be worked on, it's just a preview. Once again, I want to put my point that this release SHOULD NOT be a daily driver.
Xposed, in other hand is still in a beta / alpha state. You do not want to expect it to work on M while on Lollipop it barely works (I mean, Xposed developers are using temporary fixes to work around some issues)
Please, in all regards, be patient ! I'm sure it won't be long until M becomes a fully mature system images and we can all develop for it.
Let's try not to get too worked up about things guys. There is little information about M on the Xposed thread, and the user would, sadly, had he written such a question there, be attacked by angry members writing "Don't ask for ETAs!"
The truth is that while there hasn't been any work to port Xposed to M, the zip from 5.1.1 COULD work. So far, no one's tried it. There haven't been any changes that could totally prevent Xposed from working. That being said, due to Xposed's hack-filled nature, there is little to no chance of the phone even booting after the zip is installed, let alone after modules are installed.
Im actually shocked there hasnt been a few mods made for m yet. I mean we have custom kernels. Id agree xposed wont happen for awhile but a few simple mods would be appreciated.
You can try long press on the settings icon in the notifications area (it is an hiden option like developer hiden option) so you will have some options to modify the ui.
Cleaned the thread. Let's not be rude to each other.
It's fine if you want to talk about Xposed, M and the N5 but keep it constructive.
Please keep in mind that Marshmallow isn't even officially released and Xposed (though very functional) is still in development and even alpha on 5.1.1 so constructive discussion would actually be limited.
Let's not just speculate about it.
Thanks!
Forum moderator,
matt4321
Any updates on this?
ej8989 said:
Any updates on this?
Click to expand...
Click to collapse
http://forum.xda-developers.com/showpost.php?p=63481105&postcount=22
UPDATE
Xposed Framework has been released for Android Marshmallow 6.0 with the hard work of Rovo89.
Links are given below:
http://androiding.how/xposed-android-6-0-marshmallow/
dinzawtani said:
UPDATE
Xposed Framework has been released for Android Marshmallow 6.0 with the hard work of Rovo89.
Links are given below:
http://androiding.how/xposed-android-6-0-marshmallow/
Click to expand...
Click to collapse
We already have all required links on XDA lol
http://forum.xda-developers.com/showthread.php?t=3034811
Hello XDA forum!
Now, I know and some of you guys might've realised that I have already made a thread about it here, but it got closed before I got a chance to reply (10 posts restriction, cheers XDA admins ).
So, I've decided to re-post it again, so I could give an update what else I've tried. Quoting from here.
Hello XDA forum.
So, recently I've decided to hop back into Snapchat (as changing schools meant new friends that used Snapchat as often as Facebook), but the problem starts when I try to log back into my old account.
Firstly, it could not log me in ("Can't log in" message), so after doing a basic Google search I've found that removing Xposed and then logging into Snapchat worked for people. Needless to say, I've done that(which took about 30+ minutes to optimize apps post uninstall and reinstall), but after opening the app, all I've saw is a GUI of Snapchat(aka the buttons), camera screen was black, and after a second, the app force closed without notification(aka without "Unfortunately, XYZ has stopped" prompt or that sort of thing).
Here's the specs of device:
Device: Samsung Galaxy S2 Plus(GT-I9105P), s2vep
ROM: Unofficial CM 12.1 20160115 build, the one I've got redirected from CM wiki to
Xposed build: v80 SDK v22 build
Here's what I've tried so far:
-Reinstalling the app over 9000 times;
-Clearing the app's data/cache;
-Method mentioned in the story above;
-Bashing my head into a wall until it started to hurt;
-Praying Snapchat devs to stop using "no go for root" policy;
-Creating a new account without Xposed.
Any help on this regard would be really appreciated. I'm totally desperate on options and Casper is NOT a good alternative to me, I want the original app.
Thank you.
Auris Mat(aka Rubikon)
Click to expand...
Click to collapse
Also, Vatsal replied to use Xposed Uninstaller zip to flash it. And yes, I've tried that method, without any luck though. Even if I uninstalled Xposed and then installed Snapchat, it would still show the black cam crash. Installing Xposed back and adding Snapprefs made no difference whatsoever.
What I've also noticed that in login screen, the front camera worked flawlessly, which is weird and doesn't make any sense.
More help and suggestions will be greatly appreciated. Thanks.
Sincerely,
MrRubikon.
MrRubikon said:
Hello XDA forum!
Now, I know and some of you guys might've realised that I have already made a thread about it here, but it got closed before I got a chance to reply (10 posts restriction, cheers XDA admins ).
So, I've decided to re-post it again, so I could give an update what else I've tried. Quoting from here.
Also, Vatsal replied to use Xposed Uninstaller zip to flash it. And yes, I've tried that method, without any luck though. Even if I uninstalled Xposed and then installed Snapchat, it would still show the black cam crash. Installing Xposed back and adding Snapprefs made no difference whatsoever.
What I've also noticed that in login screen, the front camera worked flawlessly, which is weird and doesn't make any sense.
More help and suggestions will be greatly appreciated. Thanks.
Sincerely,
MrRubikon.
Click to expand...
Click to collapse
Hello,
In the thread linked above, I didn't mean to uninstall Xposed apk. I meant to flash the uninstaller zip with a custom recovery.
If you still have this issue, you may post your query here Ask any Q Noobfriendly with all relevant details, the experts there maybe able to assist you.
-Vatsal
Vatsal said:
Hello,
In the thread linked above, I didn't mean to uninstall Xposed apk. I meant to flash the uninstaller zip with a custom recovery.
If you still have this issue, you may post your query here Ask any Q Noobfriendly with all relevant details, the experts there maybe able to assist you.
-Vatsal
Click to expand...
Click to collapse
Yes, Vatsal that's what i meant after all - using custom recovery to flash xposed uninstaller(god for bid, no need to uninstall apk). Neverthless, method was fruitless.
But thanks for pointing out into another thread, i'll take a look into it.
Thanks.
-MrRubikon
hi guyz(developers),
i am extremely sorry for requesting you in this way.
i have bought the phone on launching time, and i am using it till now, but guyz in every phone , some basic things which are needed to us that
a. ROOT
b. ADSAWAY
c. BusyBox
and without these features it seems that we are missing many features.
guys i know that there are two partitions why this has not been possibled till now.
but guyz we believe on all of you, and we are always thankful for that all which you are giving to us .
so guyz i am requesting you plz have a look on this concern and make it available for us..
we are always thankful to all of u. and it is our pleasure that we have got all of you with us.
Guyz plz response on this concern. plz. and thanks a lot in advance
>Lucky Patcher
Please do not use this, not only you harm developers by not giving them money, but you also can screw up Google Play services. Use Google Play rewards if you want free Google play credit.
---------- Post added at 09:57 PM ---------- Previous post was at 09:56 PM ----------
Also why should the devs listen to you? Maybe give them money and they'll have an incentive to fulfill your requests
Guyz plz
Did someone really understand what OP wants? I am lost.. We already have working root, adaway, busybox and probably also luckypatcher (haven't tried it though).
can u plz say _mysiak_ how we can use adsaway and install in BusyBox in mi a1
educationprps said:
can u plz say _mysiak_ how we can use adsaway and install in BusyBox in mi a1
Click to expand...
Click to collapse
There loads of threads here.
_mysiak_ said:
Did someone really understand what OP wants? I am lost.. We already have working root, adaway, busybox and probably also luckypatcher (haven't tried it though).
Click to expand...
Click to collapse
plz give us the procedure through which i can install them, because many time i have gone to flash them or install , but time error occurred,
educationprps said:
plz give us the procedure through which i can install them, because many time i have gone to flash them or install , but time error occurred,
Click to expand...
Click to collapse
Unlock bootloader, boot into TWRP (don't flash it), install Magisk from there, reboot to system. Enable systemless hosts in Magisk manager, install Adaway. Install busybox module from Magisk repository.
_mysiak_ said:
Unlock bootloader, boot into TWRP (don't flash it), install Magisk from there, reboot to system. Enable systemless hosts in Magisk manager, install Adaway. Install busybox module from Magisk repository.
Click to expand...
Click to collapse
thanks bro....
i did not know that magiskmask provide the module of busybox and adsaway.
thanks
Thread Closed.
Please use the search function in this forum before starting a thread in term of rooting etc.
You can find useful information in my signature too about how to search and some stuff around, XDA Rules reminder:
1. Search before posting.
Use one of our search functions before posting or creating a new thread. Whether you have a question or just something new to share, it's very likely that someone has already asked that question or shared that news.
Click to expand...
Click to collapse
Adding to this lucky patcher got no place at all in XDA so please don't post and think about it here, You have signed up to this site with agreement to forum rules.
6. Do not post or request warez.
If a piece of software requires you to pay to use it, then pay for it. We do not accept warez nor do we permit members to request, post, promote or describe ways in which warez, cracks, serial codes or other means of avoiding payment, can be obtained or used. This is a site of developers, i.e. the sort of people who create such software. When you cheat a software developer, you cheat us as a community.
Click to expand...
Click to collapse
Thanks for understanding.
Logan, XDA Moderator
Hello everyone,
I just wanted to ask the following questions
Q1.Can any app be installed as system app without root in android?, and
Q2.Can any malware/spyware/infected file/app be installed as a system file/app without root in android?
I would really appreciate any help from you guys regarding my questions and more,
Thankyou
acegt8 said:
Hello everyone,
I just wanted to ask the following questions
Q1.Can any app be installed as system app without root in android?, and
Q2.Can any malware/spyware/infected file/app be installed as a system file/app without root in android?
I would really appreciate any help from you guys regarding my questions and more,
Thankyou
Click to expand...
Click to collapse
You can't add or remove anything from system without root.
Some malware has been known to install files/apps into system, but that is very specific and depends on the device having certain vulnerabilities.
Sent from my LGL84VL using Tapatalk
Sir, your quote "Some malware has been known to install files/apps into system, but that is very specific and depends on the device having certain vulnerabilities" i could not understand .
Could you please elaborate what kind of event you have come across regarding malware that can install files/apps into the android system and what kind of device it is , so i can understand better.
I hope someone will soon help me out .
acegt8 said:
Sir, your quote "Some malware has been known to install files/apps into system, but that is very specific and depends on the device having certain vulnerabilities" i could not understand .
Could you please elaborate what kind of event you have come across regarding malware that can install files/apps into the android system and what kind of device it is , so i can understand better.
I hope someone will soon help me out .
Click to expand...
Click to collapse
I can't give specific instances with specific specific apps on specific devices. It wouldn't matter even if I could because specific instances have nothing to do with understanding how or why malware gets into system.
It all depends on what is built into the malware and what vulnerabilities there are in the device's kernel.
A generic example is Kingroot, it's an app that is used to root devices, it is well known to install malware and extra apps into system when it is used.
Sent from my LGL84VL using Tapatalk
Hello,
I have a problem with Snapchat.
I got the last LineageOS for MicroG build from here.
I put DroidGuard Helper in system/priv-apps
Snapchat is ticked on in Magisk Hide and when I restore my Snapchat save with Titanium, it logged me out after 2 seconds of use.
Someone know how to fix this?
Thanks!
do some research on this forum you will find the solution ...
ybanks87 said:
do some research on this forum you will find the solution ...
Click to expand...
Click to collapse
Already test everything I guess, it's not working so it's for that I made a thread
leekzyy said:
Already test everything I guess, it's not working so it's for that I made a thread
Click to expand...
Click to collapse
Hum ok . So for me what i do to make snapchat working again is : installed OTA / update your ROM . Remove magisk manager with uninstaller reboot , log in to snapchat , then reboot install magisk manager don't launch snapchat go to magisk hide tike snapchat and done . For me it worked
ybanks87 said:
Hum ok . So for me what i do to make snapchat working again is : installed OTA / update your ROM . Remove magisk manager with uninstaller reboot , log in to snapchat , then reboot install magisk manager don't launch snapchat go to magisk hide tike snapchat and done . For me it worked
Click to expand...
Click to collapse
Wich ROM do you have? And do you have latest version of Snapchat? Will test your tip when I'm at home
leekzyy said:
Wich ROM do you have? And do you have latest version of Snapchat? Will test your tip when I'm at home
Click to expand...
Click to collapse
OOS last update . But i think it's the same thing with any other roms . And yeah the last update from snapchat . U can also try with the version 00.39."". Of snapchat
ybanks87 said:
OOS last update . But i think it's the same thing with any other roms . And yeah the last update from snapchat . U can also try with the version 00.39."". Of snapchat
Click to expand...
Click to collapse
I just tested your method and it's not working for me, it keeps going to logging me out ..
leekzyy said:
I just tested your method and it's not working for me, it keeps going to logging me out ..
Click to expand...
Click to collapse
Even with an old version ?
ybanks87 said:
Even with an old version ?
Click to expand...
Click to collapse
Yeah, and i just used MagiskHide Props Config and it's the same. I think my device got a problem because even with fingerprint changed I can't pass the both SafetyNet check
THREAD CLOSED! If interested in this subject, please continue or follow in this already existing thread: https://forum.xda-developers.com/oneplus-6/help/snapchat-locking-magisk-hide-t3895685
I've copied the relevant posts in here into the other thread.
XDA Forum Rules (excerpt):
1. Search before posting.
Use one of our search functions before posting or creating a new thread. Whether you have a question or just something new to share, it's very likely that someone has already asked that question or shared that news.
...
5. Create a thread topic or post a message only once, this includes external links & streaming media.
As a large forum, we don't need unnecessary clutter. You're free to edit your message as you like, so if you do not receive an answer, revisit your message and see if you can describe your problem better. Not everyone is online at the same time so it might take a while before you receive an answer.
You can bump your unanswered question once every 24 hours
Duplicate threads and posts will be removed
Always post in an existing thread if a topic already exists, before creating a new thread.
...
Click to expand...
Click to collapse