Related
I was thinking about purchasing it but was wondering what the experience is like with custom ROMs and/or just stock with root. Since it's an antivirus app and is kind of expensive, I thought it might be beneficial to find out if anyone has had issues with it in those circumstances and specifically with the Moto X. Do you have Eset and a custom ROM or a rooted phone?
https://play.google.com/store/apps/details?id=com.eset.ems2.gp
Why would you even consider an antivirus app? Stick to officially recognized app distribution channels and there's nothing to worry about.
nhizzat said:
Why would you even consider an antivirus app? Stick to officially recognized app distribution channels and there's nothing to worry about.
Click to expand...
Click to collapse
Actually, the primary reason I want it is for the ability to create whitelists for texting. I'm hoping it's pretty solid in that area.
Edit: I am open to suggestions for other options that provide text whitelisting by the way. My issue is I get a lot of spam from different numbers and need to block texts for everything except about 50 numbers.
Hello!
I would like to ask for help installing either a new Cubot X6 Android or a linux based system. Until recently I wasn't aware of what kind of aggressive trojans for Android happen to compromise a phone to a degree where the solution is to buy a new one. I do not want to accept that. Therefor I am here to ask for help.
WLAN enabled - the phone runs nutts. It causes unknown apps to be installed, ruining the function of the phone completely. I bought it via ebay, a used Cubot X6. I had the device years ago until i sat on it which happened to break the display, but I liked it and bought it again, used. (The used one cost 60 bucks, a replace-display would have cost 35, so I ran with the used one - big mistake as it turned out).
Now, it's root-system is compromised. I set it to only allow apps from trusted sources. I did not download any apps beside well known trust-worthy ones, like google-maps, WhatsApp, all together.
When I first enabled WLAN, it suddenly started to display a message of the shutting down of "org.rain.ball.update" and also "ssCleaner ("suc", "chengele") is trying to obtain your current position", "ymm" cancelled, and several others. If I allow WLAN it automatically downloads 10-20 apps, some of which correlate with my laptop visited websites (alibaba), others apps from sites I have never visited ("sexy videos"). Basically the phone gets so busy that it needs to be restarted to allow any control of the phone.
I tried to fix it with Avaast, Avira, and Malewarebytes without success. With Avaast it also displays: "/storage/sdcard0/.androidsdata/is.jar", but is unable to fix it. I guess I would have to erase the SD-Card too, if I were to have the system replaced, once. None of the above things can be fixed with the tools at hand. The deletions are always interrupted, nothing gets improved permanently.
I immediately did a "Reset to factory condition", but when I enabled WLAN I didn't even install an app - it all started again, as described above.
So, a quick Google-Research turned out, there are trojan-horses, that cover themselves by pretending to be system applications, so that it would be nearly impossible to get rid of the trojan - only solution: buy a new one (See this article wwwDOTblog.lookout.com/blog/2015/11/04/trojanized-adware/).
Now, while I have a broken device and a trojan device, one solution would be to mount the display of the compromised one onto the broken one. I know it's easy to break the display during this. That's why I am here to ask, if someone might have suggestions of what else could be done to have this fixed?
Maybe it would be possible to get an uncompromised mirror-image of a Cubot X6 from the internet that would replace every data on mine? Would it fix it, if I were to install this: "Ubuntu Touch - Version 15.04 Phone"?
Any help would be appreciated. If I were to take a wild guess, I'ld say the trojan horses might have been developed by Apple...... So what am I to do now? Buy a new one?
EDIT: If you were to not believe this to be true, I could shoot a video of it with my laptop. It's really strange, but it is as it is. EDIT 2: Avaast displays a message, the phone has been rooted.
Please help!! Thank you so much!!
You won't get the virus to YOUR phone from replying ...
Am I here at the right forum for this technical problem?
Thanks
Do a search for your rom and instructions on how to flash. It will replace system partition and problem should then be gone.
tys0n said:
Do a search for your rom and instructions on how to flash. It will replace system partition and problem should then be gone.
Click to expand...
Click to collapse
I will try that. Im total newb to smartphone software. any linking would be appreciated. thanks so far!
CubotX6 said:
I will try that. Im total newb to smartphone software. any linking would be appreciated. thanks so far!
Click to expand...
Click to collapse
A google search for "cubot x6 firmware" will give you some good results.
Here's also Cubot forums, with link to downloads.
Hope that will help, and be sure to read up on the subject on how to flash before you start
So many Thanks! You linked me to the perfect spot! Thank you!
While i will redo my laptop with linux soon, you got experience with having linux on the phone? If i wee to try and mes up, it still were possible to go bac to the original cubot files u linked to, correct?
Thank you!!
Okay so ive been battling this for sometime. I'm starting to get a little more knowledgeable but still don't know what to do with all this.I experienced this first back in 2015 then I completely made a switch. Well now I'm back to same issues.
The problems I'm experiencing is it's happening on all the devices I have. The phone I'm on now bought brand new from metropcs. and not even a day 30minutes later I get an update for the phone. I new not to install or download. But it inventively did. Now it's sitting on my storage wanting me to move files to root.
LET ME MAKE THIS CLEAR. NON OF MY DEVICES ARE ROOTED.
to make this short. My devices seem to have a Bluetooth admin. And connects to any Bluetooth device without me knowing.
So far from what I see chromium and stage fright is a big part of what I'm seeing.
I'm attaching some pictures to give more detail look. And it's not just my Android devices it's my Xbox one S as well.
looking to completely remove. I'm not trying to waste money on switching networks or completly going Mia.
Fast responses please.
Sincerly,
-Desperate androidian
BLEEDCOLORYOU said:
Okay so ive been battling this for sometime. I'm starting to get a little more knowledgeable but still don't know what to do with all this.I experienced this first back in 2015 then I completely made a switch. Well now I'm back to same issues.
The problems I'm experiencing is it's happening on all the devices I have. The phone I'm on now bought brand new from metropcs. and not even a day 30minutes later I get an update for the phone. I new not to install or download. But it inventively did. Now it's sitting on my storage wanting me to move files to root.
LET ME MAKE THIS CLEAR. NON OF MY DEVICES ARE ROOTED.
to make this short. My devices seem to have a Bluetooth admin. And connects to any Bluetooth device without me knowing.
So far from what I see chromium and stage fright is a big part of what I'm seeing.
I'm attaching some pictures to give more detail look. And it's not just my Android devices it's my Xbox one S as well.
looking to completely remove. I'm not trying to waste money on switching networks or completly going Mia.
Fast responses please.
Sincerly,
-Desperate androidian
Click to expand...
Click to collapse
The Android community isn't what it used to be that's for sure. No help, no suggestions. Just nothing.
BLEEDCOLORYOU said:
Okay so ive been battling this for sometime. I'm starting to get a little more knowledgeable but still don't know what to do with all this.I experienced this first back in 2015 then I completely made a switch. Well now I'm back to same issues.
The problems I'm experiencing is it's happening on all the devices I have. The phone I'm on now bought brand new from metropcs. and not even a day 30minutes later I get an update for the phone. I new not to install or download. But it inventively did. Now it's sitting on my storage wanting me to move files to root.
LET ME MAKE THIS CLEAR. NON OF MY DEVICES ARE ROOTED.
to make this short. My devices seem to have a Bluetooth admin. And connects to any Bluetooth device without me knowing.
So far from what I see chromium and stage fright is a big part of what I'm seeing.
I'm attaching some pictures to give more detail look. And it's not just my Android devices it's my Xbox one S as well.
looking to completely remove. I'm not trying to waste money on switching networks or completly going Mia.
Fast responses please.
Sincerly,
-Desperate androidian
Click to expand...
Click to collapse
I'm no expert but I'm struggling to see your exact issue you seem to think you have, is it just t your Bluetooth is switching on. All those licences, security certs, file locations etc look normal to me (without checking numbers or being able to compare to same phone os etc) though I have disabled many of those certs eg the Turkish ones etc & my Bluetooth files are different but I can find ref hill those locations online eg Xieomi phones
You appear to have a ZTE, please give model number and current OS & rev (must be stock I suppose). ZTE was found with a backdoor in older phones, sending data to China, so it's possible, & some Chinese phones also update their apps without notification. But as you say your whole network appears compromised so the source may be something else, like your router/modem, or Bluetooth as you think (though some apps require Bluetooth admin permission legitimately, you can disable it as an Admin). Tell us what behaviors you are seeing that you believe are malicious. New phone update soon after you turn on is quite common, as I'm sure you know.
When I had a quick look at your log it did have a lot of activity going to the US DOD, would you expect this, as well as the usual google & Facebook connections. Though (perhaps) strangely also to a server from a small marketing company here in Australia, but I'm no expert even if I looked at your log line by line I wouldn't understand it all.
Ref his other post
https://forum.xda-developers.com/general/security/security-global-family-credientals-t3665851
Things to try. Run a reputable antivirus. Boot into safe mode, so only system apps run, is it still happening? Can you turn off anything that is listed as a device admin? Try run a root checker app. Even if it all comes back negative you may still have a problem as a port may already have been opened and malicious app self deleted or something. Use an app like Fing to see if any device you don't recognise are connected to your network.
You may be able to block some activity if it's not going through root with a firewall eg NetGuard no root firewall, start with everything blocked.
Above are just some general hints, without knowing specifics I can only suggest you backup any stuff you want to keep then factory reset everything & change ALL passwords to strong ones (no good just adding a number on the end of your old ones!), better still reflash all firmware (updates if available) to overwrite everything. This incl your internet access points eg router, and only reconnect to the net/networks after you have done them all (one at a time preferably then you may be able to identify source of problems)
That turned out a lot longer than I intended!
IronRoo said:
I'm no expert but I'm struggling to see your exact issue you seem to think you have, is it just t your Bluetooth is switching on. All those licences, security certs, file locations etc look normal to me (without checking numbers or being able to compare to same phone os etc) though I have disabled many of those certs eg the Turkish ones etc & my Bluetooth files are different but I can find ref hill those locations online eg Xieomi phones
You appear to have a ZTE, please give model number and current OS & rev (must be stock I suppose). ZTE was found with a backdoor in older phones, sending data to China, so it's possible, & some Chinese phones also update their apps without notification. But as you say your whole network appears compromised so the source may be something else, like your router/modem, or Bluetooth as you think (though some apps require Bluetooth admin permission legitimately, you can disable it as an Admin). Tell us what behaviors you are seeing that you believe are malicious. New phone update soon after you turn on is quite common, as I'm sure you know.
When I had a quick look at your log it did have a lot of activity going to the US DOD, would you expect this, as well as the usual google & Facebook connections. Though (perhaps) strangely also to a server from a small marketing company here in Australia, but I'm no expert even if I looked at your log line by line I wouldn't understand it all.
Things to try. Run a reputable antivirus. Boot into safe mode, so only system apps run, is it still happening? Can you turn off anything that is listed as a device admin? Try run a root checker app. Even if it all comes back negative you may still have a problem as a port may already have been opened and malicious app self deleted or something. Use an app like Fing to see if any device you don't recognise are connected to your network.
You may be able to block some activity if it's not going through root with a firewall eg NetGuard no root firewall, start with everything blocked.
Above are just some general hints, without knowing specifics I can only suggest you backup any stuff you want to keep then factory reset everything & change ALL passwords to strong ones (no good just adding a number on the end of your old ones!), better still reflash all firmware (updates if available) to overwrite everything. This incl your internet access points eg router, and only reconnect to the net/networks after you have done them all (one at a time preferably then you may be able to identify source of problems)
That turned out a lot longer than I intended!
Click to expand...
Click to collapse
Thank-you. Now for a better visual. There's to many apps.
And if u can give me links to apps that will help.
And on my oneplus one the Bluetooth thing says :1002 sharing or midi or something.
BLEEDCOLORYOU said:
Thank-you. Now for a better visual. There's to many apps.
And if u can give me links to apps that will help.
And on my oneplus one the Bluetooth thing says :1002 sharing or midi or something.
Click to expand...
Click to collapse
And code.auroa? What is this
BLEEDCOLORYOU said:
Thank-you. Now for a better visual. There's to many apps.
And if u can give me links to apps that will help.
And on my oneplus one the Bluetooth thing says :1002 sharing or midi or something.
Click to expand...
Click to collapse
I don't have that phone so can't really tell what is a suspect app or not, especially just from screen shots.
Here use this app to run on demand scans against the virustotal database (this is not an "antivirus app" like Avast so offers no protection, it only scans apps on demand, so you should run a good antivirus also)
https://play.google.com/store/apps/details?id=com.funnycat.virustotal
it should flag any suspect apps and you can submit any unknown ones you are worried about.
---------- Post added at 05:12 AM ---------- Previous post was at 05:02 AM ----------
BLEEDCOLORYOU said:
And code.auroa? What is this
Click to expand...
Click to collapse
edit: not Firefox then.
org.codeaurora.bluetooth is a legit part of Bluetooth .... Well unless it's flagged by virustotal then it probably is a malicious app just given a common name to try and hide
IronRoo said:
I don't have that phone so can't really tell what is a suspect app or not, especially just from screen shots.
Here use this app to run on demand scans against the virustotal database (this is not an "antivirus app" like Avast so offers no protection)
https://play.google.com/store/apps/details?id=com.funnycat.virustotal
it should flag any suspect apps and you can submit any unknown ones you are worried about.
Click to expand...
Click to collapse
Okay but what is provisioning? Code auroa smartcard services googleplay for instance apps and
And IV never encrypted this phone.
BLEEDCOLORYOU said:
Okay but what is provisioning? Code auroa smartcard services googleplay for instance apps and
And IV never encrypted this phone.
Click to expand...
Click to collapse
And alot of the overlay apps n simtoolkit are all questionmarked
BLEEDCOLORYOU said:
And alot of the overlay apps n simtoolkit are all questionmarked
Click to expand...
Click to collapse
ser my edit above re aurora
sometimes virustotal will have 2 or 3 antiivirus companies flag a file, these are probably false positives so probably nothing to worry about (though could just be a new submission, other companies should soon update if real malicious code, check back in a day or two). If lots of companies flag an apk then you haven a problem.
It looks like you have a problem whit overlays (unless it's an app your phone company installs for that function, not sure what you mean). You should install a proper antivirus app like Avast, malwarebytes etc as a first step, hopefully it can remove malicious apk
---------- Post added at 05:51 AM ---------- Previous post was at 05:37 AM ----------
BLEEDCOLORYOU said:
And IV never encrypted this phone.
Click to expand...
Click to collapse
Doesn't matter, encrypting phone only protects unauthorised access to your data. Once it is unlocked anyone can view your stuff. And once a malicious app is on your system it can shall read all your data even if you had encrypted it as it's unencrypted when you use it
IronRoo said:
ser my edit above re aurora
sometimes virustotal will have 2 or 3 antiivirus companies flag a file, these are probably false positives so probably nothing to worry about (though could just be a new submission, other companies should soon update if real malicious code, check back in a day or two). If lots of companies flag an apk then you haven a problem.
It looks like you have a problem whit overlays (unless it's an app your phone company installs for that function). You should install a proper antivirus app like Avast, malwarebytes etc as a first step, hopefully it can remove malicious apk
---------- Post added at 05:51 AM ---------- Previous post was at 05:37 AM ----------
Doesn't matter, encrypting phone only protects unauthorised access to your data. Once it is unlocked anyone can view your stuff. And once a malicious app is on your system it can shall read all your data even if you had encrypted it as it's unencrypted when you use it
Click to expand...
Click to collapse
Okay so now I'm trying to post screenshots of when I'm connected to wifi and it's not letting me
Pairwise cyphers and
Group cyphers
Sim_num
?
BLEEDCOLORYOU said:
And alot of the overlay apps n simtoolkit are all questionmarked
Click to expand...
Click to collapse
Tap those with question marks to submit to virustotal for analysis
IronRoo said:
Tap those with question marks to submit to virustotal for analysis
Click to expand...
Click to collapse
/sys/fs/selinux/class/appletalk_socket/perms
Not suspious?
BLEEDCOLORYOU said:
/sys/fs/selinux/class/appletalk_socket/perms
Not suspious?
Click to expand...
Click to collapse
Now I'm not stupid, this is facts. I just need defined and solution!!!
No these are normal library files. Stagefright "the malicious exploits" were called this as it was the stagefright framework it exploited. Everyone has these files, here are mine below.
You need to use tools like antivirus to identify bad files but even that is no guarantee as there is the possibility the original malicious file could have self deleted and, for example, just left open ports which would not be found as a "virus" but still allow remote access to your device.
If you cannot identify the actual exploit on your phone then the best solution is probably to just reflash the stock rom as this will wipe & overwrite everything. But if a malicious file is left on your SD card or another networked device you could soon be infected/compromised again. That is why I said before if you can't identify the source of your infection you really need to factory reset or reinstall all OS on all devices affected including your home router etc (or maybe it's your work or public network) and change all passwords.
IronRoo said:
No these are normal library files. Stagefright "the malicious exploits" were called this as it was the stagefright framework it exploited. Everyone has these files, here are mine below.
You need to use tools like antivirus to identify bad files but even that is no guarantee as there is the possibility the original malicious file could have self deleted and, for example, just left open ports which would not be found as a "virus" but still allow remote access to your device.
If you cannot identify the actual exploit on your phone then the best solution is probably to just reflash the stock rom as this will wipe & overwrite everything. But if a malicious file is left on your SD card or another networked device you could soon be infected/compromised again. That is why I said before if you can't identify the source of your infection you really need to factory reset or reinstall all OS on all devices affected including your home router etc (or maybe it's your work or public network) and change all passwords.
Click to expand...
Click to collapse
I'm on a video bridge network I got the direct TV setup with 2 wireless setups. Both secure from what I know.
BLEEDCOLORYOU said:
Pairwise cyphers and
Group cyphers
Sim_num
?
Click to expand...
Click to collapse
These are for encryption of your connection, not your phone
BLEEDCOLORYOU said:
I'm on a video bridge network I got the direct TV setup with 2 wireless setups. Both secure from what I know.
Click to expand...
Click to collapse
I'm no coding/security guru, but I have worked on telecoms, military electronics, etc but my coding & network security knowledge is limited.
I would run this app Fing to check your local network, are there any unknown devices connected?
https://play.google.com/store/apps/details?id=com.overlook.android.fing
note: this only finds currently connected devices, so you'd want to do this several times & especially when you see suspect behavior.
Also check for open ports, easiest way is probably this site, it will scan the first 1000 ports or so (select all)
https://www.grc.com/
go to shields up
but you really need to scan ALL possible ports with a tool like Zenmap (for PC) if you think you are compromised
https://nmap.org/zenmap/
However it's not clear to me if you ever installed a proper antivirus and whether it found and deleted anything? Virustotal seemed to find some suspect apks, I had a quick look at Trendmicro database but it didn't list details of the one it found in your screenshot, but the fact some of those antivirus companies called the suspect apk names with "joke" in it may suggest it's just a joke app your mate has installed, though probably not a joke app if your other devices are really also compromised, from memory there is also real malware with that name which may be able to infect other devices. Running a proper antivirus should easily find and clean any "joke" app on your phone & hopefully any real malware. If you've done this and still seeing indications you are compromised then do what I suggested above. (Also repeat malware checks on other devices and removable storage media)
You should also log into your router as admin and check settings, are you using a secure router password? Is firmware up to date. Is firewall set up correctly? Also close any open ports that you don't use. Turn off remote admin, if router has it. Etc etc what do your router logs show (turn on more detailed logging if necessary) Factory reset or reinstall firmware if you think changes have been made to your router by someone else.
Hi I am having same issues. Exact same behaviors regardless of new phones new carrier and all accounts being unconnected in name. Google etc. This is extreme. Its via bluetooth I agree something with esims or virtual sims for use of wifi access and or signal piracy for media. The DOD files are also something I am familier with seeing. Code Aurora was also a govt project way back. Its Interesting thst I have Verizon files loading on at & t phones and sprint loading on Verizon. Whatever this is has managed to infiltrate my computers as well. Its relentless. Its impressive and sophisticated. Please please help.
Spidder77 said:
Hi I am having same issues. Exact same behaviors regardless of new phones new carrier and all accounts being unconnected in name. Google etc. This is extreme. Its via bluetooth I agree something with esims or virtual sims for use of wifi access and or signal piracy for media. The DOD files are also something I am familier with seeing. Code Aurora was also a govt project way back. Its Interesting thst I have Verizon files loading on at & t phones and sprint loading on Verizon. Whatever this is has managed to infiltrate my computers as well. Its relentless. Its impressive and sophisticated. Please please help.
Click to expand...
Click to collapse
I'm having the same issmy ues. Did anyone ever resolve or figure out what is happening? I think I'm under investigation by the DOD and they own my devices. My uploads/downloads are blocked, internet searches filtered, pics/screenshots of evidence deleted off my phone, etc.
its a pretty fresh install, ota 015,twrp/magisk --SN fine.
i could install the typical things like openvpn,titanium,etc
but apk make problems,the usual tools wincomm/total,google drive...have access.
still the files get dl'ed, and i hit install,it goes up to about 90%.. then "app not installed"(11differend apk,from all kind of sources,and quite clean)
-the system is quite fresh, all 11 programs/tools would be a firsttimer on the phone
-i even cleared via twrp the delvic/art ,just in case.
i mean,i managed to hardbrick the phone in less then 6 hours after getting it(youtube link wrong boot img,and it could only get worse), unbricked it in 30 minutes via chinatool(needed that darn driver).
of course the 2nd day of install wont get smooth...
maybe someone has a idea,or maybe i have to get chinatool again...
I use Fx file explorer with root plugin them just install apk with root installer usually gets part that problem.
But would also check make sure you don't already have newer version of apk installed.
Other reason for this problem not having necessary dependencies installed like Google framework etc.
If root installer doesn't get desired results you will med to provide more detailed info. ( ie what apk, etc) and someone might be able to provide assistance.
apps2sd clean broken apps then reinstall might help
nujackk said:
I use Fx file explorer with root plugin them just install apk with root installer usually gets part that problem.
But would also check make sure you don't already have newer version of apk installed.
Other reason for this problem not having necessary dependencies installed like Google framework etc.
If root installer doesn't get desired results you will med to provide more detailed info. ( ie what apk, etc) and someone might be able to provide assistance.
Click to expand...
Click to collapse
thanks, fx f.e. iam going to try it, about the already installed,..no,its a fresh system,and most of the things arnt on it.
the apps are from tools ,system mangement ,etc up to mods,hacks, about 11 things from 8 differend kind of things, not downloaded from shaddy sides,only larger sides,with hundreds of reviews
BrianKuo1853 said:
apps2sd clean broken apps then reinstall might help
Click to expand...
Click to collapse
that worked for some things,for others i found a workaround,i like that tool,but this ads are annoying, luckypatcher couldnt remove them.
about the apk's, some are clearly not to speak of here,others are just systemmanagement,like a most simple app to change and block speaker,i cant stand,and never accept the speakerfunction,if i phone then at my ear,or via bluetooth, and to avoid any probs ,duo missclicking and loadspeak in a area where you should not,i block them by force. finding such a app on playstore....good luck
howerver all files are clean,that much i know,even kaspersky yells if a dirty apk gets downloaded,all other..i can only base on reviews etc, (they can be fake,but not 100+)
NoalFey said:
thanks, fx f.e. iam going to try it, about the already installed,..no,its a fresh system,and most of the things arnt on it.
the apps are from tools ,system mangement ,etc up to mods,hacks, about 11 things from 8 differend kind of things, not downloaded from shaddy sides,only larger sides,with hundreds of reviews
that worked for some things,for others i found a workaround,i like that tool,but this ads are annoying, luckypatcher couldnt remove them.
about the apk's, some are clearly not to speak of here,others are just systemmanagement,like a most simple app to change and block speaker,i cant stand,and never accept the speakerfunction,if i phone then at my ear,or via bluetooth, and to avoid any probs ,duo missclicking and loadspeak in a area where you should not,i block them by force. finding such a app on playstore....good luck
howerver all files are clean,that much i know,even kaspersky yells if a dirty apk gets downloaded,all other..i can only base on reviews etc, (they can be fake,but not 100+)
Click to expand...
Click to collapse
I think you should just clean install the ROM again, seems like a bit of issue u got here.
true,
which method would be the most simple and best to avoid the issue
-reset to factory-sys (unsure if it fixes a broken sys,instead of just deleting all userbased stuff)
-twrp clearing and the whole rom again (this method might work,if wiping everything is included)
-taking chinatool and start with h2o then back to the realdeal ota15 (thats what i did before,so iam not sure)
its not that i dont know the methods,its more like..i want your opinion what would be the best solution to avoid it.
NoalFey said:
thanks, fx f.e. iam going to try it, about the already installed,..no,its a fresh system,and most of the things arnt on it.
the apps are from tools ,system mangement ,etc up to mods,hacks, about 11 things from 8 differend kind of things, not downloaded from shaddy sides,only larger sides,with hundreds of reviews
that worked for some things,for others i found a workaround,i like that tool,but this ads are annoying, luckypatcher couldnt remove them.
about the apk's, some are clearly not to speak of here,others are just systemmanagement,like a most simple app to change and block speaker,i cant stand,and never accept the speakerfunction,if i phone then at my ear,or via bluetooth, and to avoid any probs ,duo missclicking and loadspeak in a area where you should not,i block them by force. finding such a app on playstore....good luck
howerver all files are clean,that much i know,even kaspersky yells if a dirty apk gets downloaded,all other..i can only base on reviews etc, (they can be fake,but not 100+)
Click to expand...
Click to collapse
Well first off I wouldn't mention lucky patcher again. It is a warez app and banned on XDA as are all mentions of the app. Also something to think about. App developers have been adding code that looks for lucky patcher and will not install if it is installed on the device. Some even cause the device to have random issues if it is installed. Heck I know one rom that removes it every time the user reboots their device.
As for the reviews. Dont put anything in the numbers. I can by 1000 downloads and 5 star reviews for about 50 bucks.
thanks for the reply
well the tool itself cant be made as "warez" since some of its functions are quite handy,like removing adds.
(whats completly legal,atleast in the EU)
about devs who enter code to sneakout other apps..no worries,
since you are in the op6 board,i assume you have one, go under apps,then tap the left border,and pull towards right,there is a secret stash,add all the fancy stuff you wanne hide there,and even google ,pokemon,fortnite run if the stuff is hidden there (of course magisk has to be set right too)
about the reviews true,but if some of those are quite names,that are known in android,linux or Minecraft business,i kinda trust them,and if that review isnt 1 day old,its fine,especially with comments like"7 weeks now,and it still works well,no flaws no hickups.." (example) makes me believe that this apps are worth the 0 bucks paid for.
iam not going to mention warez,but lucky is none of those,especially since several german speaking sides have mentioned it and praised it aswell (the big ones,with printed paper stuff),so i assume, eu rights,should fit in here aswell, (not that iam part of the EU,but swiss)
NoalFey said:
thanks for the reply
well the tool itself cant be made as "warez" since some of its functions are quite handy,like removing adds.
(whats completly legal,atleast in the EU)
about devs who enter code to sneakout other apps..no worries,
since you are in the op6 board,i assume you have one, go under apps,then tap the left border,and pull towards right,there is a secret stash,add all the fancy stuff you wanne hide there,and even google ,pokemon,fortnite run if the stuff is hidden there (of course magisk has to be set right too)
about the reviews true,but if some of those are quite names,that are known in android,linux or Minecraft business,i kinda trust them,and if that review isnt 1 day old,its fine,especially with comments like"7 weeks now,and it still works well,no flaws no hickups.." (example) makes me believe that this apps are worth the 0 bucks paid for.
iam not going to mention warez,but lucky is none of those,especially since several german speaking sides have mentioned it and praised it aswell (the big ones,with printed paper stuff),so i assume, eu rights,should fit in here aswell, (not that iam part of the EU,but swiss)
Click to expand...
Click to collapse
I don't care what other sites do or say. Lucky is banned here as a Warez app. Bottom line.
It is the ai gle most hated app on this site. People have been flamed just for having the icon on their screen.
So I'll tell you what most others will as well. You will find no help here as long as you have it installed. Until you remove it you are on your own.
https://www.google.com/amp/s/forum....lucky-patcher-broke-google-play-t3471231/amp/
Moderator note:
Lucky patcher is considered warez on xda and the discussion about it is prohibited. Yes, it does have legitimate uses, but as long as it also has illegitimate uses that cheat developers, it will remain classified as warez here.
Thanks!
speak about hornets nest,
well thanks for the clearification,there was clearly no ill intent or drama in mind.
but thats the confusion part, one of the most readed pc print magazins in the eu has on their webside guides about how to root,what rooted apps you should have,and has the mentioned one also,how could a normal person think of it as the whorst app arround.
are there more names not to mention? kinda like a list of "dont talk about,it just makes drama"
thanks again for clearing that up
NoalFey said:
speak about hornets nest,
well thanks for the clearification,there was clearly no ill intent or drama in mind.
but thats the confusion part, one of the most readed pc print magazins in the eu has on their webside guides about how to root,what rooted apps you should have,and has the mentioned one also,how could a normal person think of it as the whorst app arround.
are there more names not to mention? kinda like a list of "dont talk about,it just makes drama"
thanks again for clearing that up
Click to expand...
Click to collapse
There is a few. The easiest way is to search before asking. You know filling the rules you agreed to when you joined. Also any app that can bypass paying for an app/service is automatically banned (depending on the app)
As for the mag. Use your head and common sense. You never listen to what a reporter says about something like this. Or really anything for that matter. They just repeat what they hear. They have no real understanding of what is going on or the risks involved. I bet that magazine didn't mention that lucky patcher has a history of privacy violations and wares being installed in the background right?
hmm i think that wrighter knew exactly what he was going for,especially the anti-googlead part,well many europeans hate adds,and are able todo any and everything to get rid of them ,and in many nations are adblocker-blocker forbidden by law,means companies cant do a thing if you block adds and such a tool is fun from that side,noone mentions that is has other functions,until here mentioned,well the problem with such is, if people know tool X can block adds,they use it 100% for that,and dont touch other parts,until someone mention more functions,then it gets interesting..well until you learn the disappointment that the said functions are just for games.
why the hack would i play games on a phone? i have a tr1950 with fancy parts,for my gaminghabbits,that smartphone is a tool,not a nds or such.. i get the nonlegal part,but the sense of it is beyond me, whoever needs that shall buy a pc, *imo*
NoalFey said:
hmm i think that wrighter knew exactly what he was going for,especially the anti-googlead part,well many europeans hate adds,and are able todo any and everything to get rid of them ,and in many nations are adblocker-blocker forbidden by law,means companies cant do a thing if you block adds and such a tool is fun from that side,noone mentions that is has other functions,until here mentioned,well the problem with such is, if people know tool X can block adds,they use it 100% for that,and dont touch other parts,until someone mention more functions,then it gets interesting..well until you learn the disappointment that the said functions are just for games.
why the hack would i play games on a phone? i have a tr1950 with fancy parts,for my gaminghabbits,that smartphone is a tool,not a nds or such.. i get the nonlegal part,but the sense of it is beyond me, whoever needs that shall buy a pc, *imo*
Click to expand...
Click to collapse
Ad blocking has nothing to do with it. XDA has many of them all over the site. Look you will never be able to justify its use here. So we will end this here. If you need help again dont mention the app other wise you might get far worse flamed next time.
The latest type of hack, something I always thought was not possible, is to infect someone's phone with a mere phone call. You can read about it here.
There are very good reasons why banking apps refuse to work on phones with an unlocked bootloader. Installing random tools/ mods from unknown developers (XDA is no exception) to bypass built-in security to make them work is a very bad idea.
If you absolutely must root your main device (although I don't see too many benefits of rooting in 2023), it is advisable that you buy a 2nd phone and use that for your banking (or anything to do with money and other important things) needs. Even a super budget Android phone, COMPLETELY STOCK, will be fine.
Here's an analogy:
It is very important to follow speed limits on roads. The limits have a scientific basis and anyone who follows it will mostly be able to avoid a fatal accident. Just because accidents won't necessarily happen if the speed limit is breached, doesn't mean it is a safe thing to do.
The single biggest reason responsible for 99% of fatal accidents is overspeeding! If speed was under control, it is very highly likely that there won't be fatalities.
Applies to some Exynos models only. Details are vague. Banking, shopping and social media apps should never be installed anyway. You are what you load...
blackhawk said:
Applies to some Exynos models only. Details are vague. Banking, shopping and social media apps should never be installed anyway. You are what you load...
Click to expand...
Click to collapse
That is only in this case. Snapdragon models are not immune.
TheMystic said:
That is only in this case. Snapdragon models are not immune.
Click to expand...
Click to collapse
Documentation please...
Even if you were to post and reply about it daily in threads, there would still be similar questions about non-working apps with root or unlocked bootloader.
It's sad.
blackhawk said:
Documentation please...
Click to expand...
Click to collapse
Documentation in support of what? That Snapdragon phones are not immune? Are you implying Snapdragon phones are immune?
I'm not talking about this particular vulnerability specifically.
TheMystic said:
I'm not talking about this particular vulnerability specifically.
Click to expand...
Click to collapse
Exactly my point. This isn't a Snap vulnerability at all. Not all unpatched Exynos are vulnerable to it either.
There are multiple workarounds for most vulnerabilities for Android 9. Last time this phone was updated was 11/2019. It's current load will be 3yo in June. Zero malware so far.
Upgrades would've caused me far more lost time and inconvenience than any malware could even if the load only lasted 1 year or less.
The newest firmware isn't immune and may bring new huge vulnerabilities with it. Not doing stupid things is the best protection there is; most victims inadvertently install the malware themselves.
blackhawk said:
This isn't a Snap vulnerability at all.
Click to expand...
Click to collapse
This post isn't about this vulnerability either. It was referenced just as an example of zero day vulnerabilities that any connected tech can be a victim to.
blackhawk said:
Not doing stupid things is the best protection there is
Click to expand...
Click to collapse
Receiving a phone call isn't stupid in any way. Something like this shows that the tech we use everyday isn't as safe as we assume it to be
TheMystic said:
This post isn't about this vulnerability either. It was referenced just as an example of zero day vulnerabilities that any connected tech can be a victim to.
Click to expand...
Click to collapse
No shopping, banking, social media apps mean none multi vector vulnerabilities they bring. None of these apps are needed.
TheMystic said:
Receiving a phone call isn't stupid in any way. Something like this shows that the tech we use everyday isn't as safe as we assume it to be
Click to expand...
Click to collapse
It's a very hardware specific vulnerability. Data bandwidth over the VoLTE is limited. Just hang up. Block unknown numbers, which you should be doing anyway. Delete unknown or untrusted texts without opening.
Google is more hype than fact... wholesale purveyors of disinformation and lying by omission. It's rampant.
blackhawk said:
Block unknown numbers, which you should be doing anyway. Delete unknown or untrusted texts without opening.
Click to expand...
Click to collapse
Not a practical suggestion for most users.
TheMystic said:
Not a practical suggestion for most users.
Click to expand...
Click to collapse
That means numbers with no attached caller ID are blocked...
I'm more tolerant to play with spam in Gmail but not with texts. They are at a much higher risk level.
blackhawk said:
That means numbers with no attached caller ID are blocked...
Click to expand...
Click to collapse
I'm not sure what you mean here. Does your SIM provider have any caller ID service? Mine doesn't. I don't use Google Dialer and certainly not Truecaller, which I consider a spyware.
I do receive lots of calls from unknown numbers, and though many of them are useless marketing calls, some are indeed useful. So I block numbers after attending calls when I know I don't want to hear from them again.
TheMystic said:
I'm not sure what you mean here. Does your SIM provider have any caller ID service? Mine doesn't. I don't use Google Dialer and certainly not Truecaller, which I consider a spyware.
I do receive lots of calls from unknown numbers, and though many of them are useless marketing calls, some are indeed useful. So I block numbers after attending calls when I know I don't want to hear from them again.
Click to expand...
Click to collapse
Unless the caller blocks their caller ID I can see their number. If they block caller ID they are automatically blocked; the call is registered in call history but it doesn't ring.
More over if they phlish a number and get through they generally regret it. I rather enjoy that. Sometimes I take spam calls for sport.
Been doing that for decades
blackhawk said:
Unless the caller blocks their caller ID I can see their number. If they block caller ID they are automatically blocked;
Click to expand...
Click to collapse
You mean calls where we see 'Unknown number' on screen? I think that is a thing of the past now. Today, tech allows such scammers to make internet calls that show up as real numbers (which actually don't exist) complete with country code and city code. And the same tech also allows them to call from different number each time.
TheMystic said:
You mean calls where we see 'Unknown number' on screen? I think that is a thing of the past now. Today, tech allows such scammers to make internet calls that show up as real numbers (which actually don't exist) complete with country code and city code. And the same tech also allows them to call from different number each time.
Click to expand...
Click to collapse
I covered that. Excepting unknown callers is unacceptable today.
blackhawk said:
I covered that. Excepting unknown callers is unacceptable today.
Click to expand...
Click to collapse
That's true. I haven't received a call like that for a very long time now. May be 5 years or more.
TheMystic said:
There are very good reasons why banking apps refuse to work on phones with an unlocked bootloader.
Click to expand...
Click to collapse
My banking app needs minSdkVersion={R.0x18} or let's say min. Android 7. When using an older device with Android 7 for my banking app, would it be unsecure to unlock my bootloader to install a more secure firmware?
WoKoschekk said:
My banking app needs minSdkVersion={R.0x18} or let's say min. Android 7. When using an older device with Android 7 for my banking app, would it be unsecure to unlock my bootloader to install a more secure firmware?
Click to expand...
Click to collapse
Just login online instead using Brave.
blackhawk said:
Just login online instead using Brave.
Click to expand...
Click to collapse
And my TAN app?
An unlocked bootloader isn't unsecure at all. An attacker has got no benefits regarding banking apps on an unlocked or rooted device. Sensitive app data is stored encrypted by the app itself and even root access wouldn't help to read it. Transactions need a TAN that is only valid for the current transaction and only for a very limited time. You can't generate TANs for future transactions.
However, an attacker cannot gain access to your device via an unlocked bootloader. He gains access via an unpatched vulnerability.
Regarding the day-0-exploits: This is almost in every case a very, very theoretical construct and not executable in real life. All patches since 2015 are documented very detailed. You can download the patched and also the unpatched source code for this. It's like a instruction that tells you how to do it. But it seems that no one is able to implement it. Since 8 years Google releases every month new patches for new vulnerabilities. There are hundreds of it but they have never been used.
WoKoschekk said:
My banking app needs minSdkVersion={R.0x18} or let's say min. Android 7. When using an older device with Android 7 for my banking app, would it be unsecure to unlock my bootloader to install a more secure firmware?
Click to expand...
Click to collapse
What do you mean by 'a more secure firmware'? The most secure firmware is what your OEM released for your device. If your device is old and is no longer updated by the OEM, it can still be used safely as long as you keep everything stock and don't install random apps.
WoKoschekk said:
an attacker cannot gain access to your device via an unlocked bootloader. He gains access via an unpatched vulnerability.
Click to expand...
Click to collapse
A device with an unlocked bootloader makes it more vulnerable, and therefore more easily compromised by bad actors.
There should be reasons why banking apps don't want to work on an unlocked device, isn't it? Those apps are developed by professionals who know much more than most of us do. It is better to be safe than sorry.
WoKoschekk said:
There are hundreds of it but they have never been used.
Click to expand...
Click to collapse
Which means we shouldn't take things for granted. And definitely not increase the vulnerabilities even more by breaking the built-in defenses ourselves.