Hey fellas. I rooted my device about a week ago and been trying some stuff on it.
Been using lucky Patcher to clear data on some apps and been playing around with it. I downloaded it from the first result on google and it seemed to be working fine.
Today I entered it and it said there's an update so I said why not. I'm 99% sure that since then my Gmail started messaging tons of Emails on it's own to different addresses, containing bit.ly addresses of what seems to be ads, auch as duckduckgo.com, and this address http://vkgn1w.experwea.cc/34546de4235m342356 that loads nothing
So I disabled the Gmail app and it stopped. Also changed my google password (on that account for now, and from a different phone) and ofc uninstalled lucky patcher. But now I'm scared of what kind of malware/virus it leaked to my phone since it had superuser rights. Are my passwords safe? Can I use my credit card? What can I do, some kind of antivirus check? Or is there no escape but full phone wipe?
Thanks wise folks I need your advice
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
I just realized that It probably started as I started writing a mail. So potentially it could have been a different app and not lucky patcher, and it waited till I open my gmail. But I can't think of any other app that I downloaded that could be dangerous.
dj_froyke said:
I just realized that It probably started as I started writing a mail. So potentially it could have been a different app and not lucky patcher, and it waited till I open my gmail. But I can't think of any other app that I downloaded that could be dangerous.
Click to expand...
Click to collapse
Factory reset
EugenStanis said:
Factory reset
Click to expand...
Click to collapse
I guess you're right. But begs the question, is lucky patcher safe at all, and also should I get some antivirus
dj_froyke said:
I guess you're right. But begs the question, is lucky patcher safe at all, and also should I get some antivirus
Click to expand...
Click to collapse
Lucku patcher is safe, no idea from where did you get it.
@dj_froyke
Lucky Patcher is not a safe app to use.
You will find many users saying that Lucky Patcher is a secure app, etc. However, it’s not true at all. Well, it was the app’s nature that made the app unsafe to use. In simple words, it’s ‘No’.
Lucky patcher is an app used to hack in-app resources, which are illegal. The app can steal from honest developers who worked hard to develop a fantastic app. Users choose to use Lucky Patcher to hack the in-app resources, directly affecting the developer’s revenue.
When the developer knows about the hack, they ban the account. So, with Lucky Patcher, there’s always a risk of losing an account. Another thing is that Lucky Patcher is not available on the Google Play Store for genuine reasons.
Google Play Store Protect flags Lucky Patcher. Not just that, but 4 different antivirus engines on virustotal also flag the app. So, the app has malicious files that can raise serious security concerns. The app also needs root access to work at its full potential, so we allow the app to modify system files by granting root access.
Several sites provide the latest version of Lucky Patcher Apk, but in most cases, those files are spyware and adware. So, users need to find the genuine Lucky Patcher app to avoid that spyware and adware risk.
Related
Recently, I found that the "Android System Info" app below is using Flurry Agent to send data / report via 3G/internet whenever I start using it. At least, it came out in the logging.
Do you know any alternative that does not use Flurry Agent?
I hate that thing because it uses 3G/internet and it cannot be disabled
I know Astrid is using Flurry Agent as well, but it can be disabled.
Android System Info
by ElectricSheep
>250,000 downloads, 15332 ratings (4.5 avg)
Free
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
i believe that is for the download of the ADs to sustain their income & development
use Adfree perhpas?
Well, I think that is not ads ... Ads should be the AdMob SDK or something in the logging.
Flurry Agent is about analytic:
http://www.flurry.com/
http://forum.xda-developers.com/showthread.php?t=673146
To be honest, I don't mind with ads ... Especially if that can support the dev and the app is good.
But, I don't like sending usage pattern, statistical data, usage analysis, that kind of things.
AllGamer said:
i believe that is for the download of the ADs to sustain their income & development
use Adfree perhpas?
Click to expand...
Click to collapse
Many devs find analytics to be important information to them.
You could edit your hosts file manually to block any flurry.com urls...
Not rooted, you cant do that.
Good developer will add an option to disable this, like Astrid.
distortedloop said:
Many devs find analytics to be important information to them.
You could edit your hosts file manually to block any flurry.com urls...
Click to expand...
Click to collapse
gogol said:
Not rooted, you cant do that.
Good developer will add an option to disable this, like Astrid.
Click to expand...
Click to collapse
Your last sentence doesn't quite sit right for some reason, but I agree overall.
Something in the back of my mind tells me there's a revenue stream to the developers who include this. Like flurry pays them a royalty for data collected. That needs confirmation, but while many devs put stuff out for the love of the device, many more need to get some income off the app to stay interested in developing/maintaining it. We all want "free" apps, but we're going to have to get used to either paying up in cash, or paying up in seeing ads, or paying up by having some analytics collected on us.
I don't want my phone spied on either. Best thing you can do is uninstall the apps that spy on you without the feature to turn it off, give the app a 1-star rating on the market, and leave a comment that it collects analytics on you and you don't like that. Kind of lousy thing to do an app that's otherwise top-notch. If enough people uninstall and bad rate these apps, the devs will get the hint and stop doing it.
As for not rooted, there's no reason not to root the Nexus S. There are hundreds of reason to root, though. Blocking ads and spyware is just one of them.
You don't even have to unlock the bootloader to do it, easy instructions here; no loss of data with that method.
Hello
Information:
Just 2 hours ago I have been hacked and I think that was in my phone. I was making a paypal payment to a friend using the paypal app when sudently, seconds after sending the payment I received a mail of paypal with that transaction and another one of 2.500€ that obviously I never did.
The payment was never make because I don't have so many funds, but they tried 5 times with different quantities and all of my cards. Well, after seeing this I changed my password and all of that **** and right now I want to know before I make a clean rom install if I could investigate where the hack came from.
I am using a Galaxy note 3, it is rooted but limited apps have access to root and I also use xprivacy.
The apps with access to root and the xposed modules are this ones
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
and my rooted apps
Hacker paypal data
The data of the money receptor is:
Sent to: Enrique Gallardo Boto (The recipient of this payment is Non-US – Verified)
Email: [email protected]
What I want
I want to investigate if is possible a little bit more of this. I was thinking on restoring a Titanium of all my apps to yesterday, open logcat or any app that can help me to know where the leak came and what app was the malware and try to make another legit transaction to see if happens anything from my phone.
The problem is that I don't really know how should I proceed and I want to solve this for me and more people.
Any idea?
Is the network you used secure out of curiosity? What kind of apps do you have as far as security just curious?
You could try taking a look at some of the applications' play store reviews as well as the modules' forum threads to see if anything had been reported. I'm always very cautious with root permissions, hard to always know what an app will use it for. Personally I stick to my PC for transactions and stay as far away from Google wallet as I can
Sent from my SCH-I605 using xda app-developers app
There's a VirusTotal app you could try, maybe one of your apps is malicious. But if you'd know how to, I'd also just copy all the apps to your PC and then upload them to VirusTotal that way, it'd be a lot easier.
There's also some pc malware out that can infect your phone even. I'd run a decent anti virus on both your phone and your pc as well. (I like Kaspersky, Malwarebytes and ESET personally).
The other thing too is maybe your passwords are just really weak. I'd recommend a password generator like Keepass.
Fyi only
Jus saw this https://blog.lookout.com/blog/2014/03/06/dendroid/ dendroid malware can takeover ur cam and audio and sneak into your googe play.. features:
Ability to intercept and block SMS received by the target device
Download Pictures from the target device
Spy on the user by taking pictures or making audio and video recordings
Download the user’s web browser history and any saved bookmarks
Download any other accounts (email, social media, VPN) stored on the device
Send texts as the device owner
Record any ongoing calls
Open a dialogue box to ask for passwords or send messages to the victim
Hi everyone,
Just wanted to share with you what we've been working on and released finally yesterday to the store. Will always be FREE and WITHOUT ADS.
Securacy is the first mobile network data application exposer. This software allows you to pinpoint exactly which applications are breaking your concerns in terms of permissions, to where the application talks and if that connection was established over a secure protocol.
Do you want:
- To know what your applications are doing without you knowing?
- To know where your applications are sending data?
- To know how safe is your application?
- To voice your privacy and security concerns?
- To notify others of potential security and privacy invasive applications?
Then this application is for YOU!
=== Data statement ===
Securacy does not collect any personal data. The only data it collects is:
- Your explicit ratings and concerns;
- The applications you use, install, remove and update (to notify you of securacy concerns);
- The details of the network connections that your applications use to send/receive data. This only includes the IP addresses of the servers, and the ports used by the connection. No other data is collected about network connections.
You can find it on the store
Let me know if you have more ideas for it, we are still developing it!
Cheers!
Some screenshots of the application:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
this app made my phone freaking slow! it just keep popping to start the accessibility service though it's on.app crashed when click to show,& app is really slow!log attached.
Sorry to hear that. I took a look at the logcat but it doesn't give me much to go on.
Can you tell me what device are you using, Android version, is it a custom ROM, do you have Google Services installed (it's required for the GMaps)? My guess is that for some reason your device is not returning the list of active accessibility services correctly or at all. If that is the case, then it's better for you to not use it, unfortunately.
Thanks!
killoid said:
this app made my phone freaking slow! it just keep popping to start the accessibility service though it's on.app crashed when click to show,& app is really slow!log attached.
Click to expand...
Click to collapse
dferreira said:
Sorry to hear that. I took a look at the logcat but it doesn't give me much to go on.
Can you tell me what device are you using, Android version, is it a custom ROM, do you have Google Services installed (it's required for the GMaps)? My guess is that for some reason your device is not returning the list of active accessibility services correctly or at all. If that is the case, then it's better for you to not use it, unfortunately.
Thanks!
Click to expand...
Click to collapse
my bad! i've not installed google play services on my device,so it's useless for me.
No problem
Cheers
killoid said:
my bad! i've not installed google play services on my device,so it's useless for me.
Click to expand...
Click to collapse
Can we make it so that us ppl who's privacy is deeper can use it I myself don't run any Google apps or gapps package
Sent from my LG-LS980 using Tapatalk
also would you mind posting app here
Sent from my LG-LS980 using Tapatalk
I keep getting popups:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
When I hit the 'back' button I get:
Something is also opening Google Play to a page for a specific app. I haven't paid much attention but the last time it was for a dating app. I thought that maybe I hit the advertising banner on some page or another, but I've been more careful about that and these still keep coming up.
I'm running 5.0.1, not rooted and using the Nova launcher. The only unauthorized (not from the Play Store) app installed is one I wrote.
Where are these coming from?
Thanks!
You're not hacked, those are popups which website use to infect/earn money on people. Just don't tap on it and you should be fine.
Yes, you've been hacked by anonymous.
Thanks.
I wonder how they can be blocked.
HankB said:
Thanks.
I wonder how they can be blocked.
Click to expand...
Click to collapse
Install Sophos Security or AVG antivirus and run a full scan on your device.
HankB said:
Thanks.
I wonder how they can be blocked.
Click to expand...
Click to collapse
Security software, or even AdAway should do it.
I had already tried CM and it found no threats beyond a lot of cookies. I uninstalled it and tried Sophos. It identified Real Piano as an app that could serve unwanted ads. I uninstalled Real Piano and so far have not seen these popups any more.
HankB said:
I had already tried CM and it found no threats beyond a lot of cookies. I uninstalled it and tried Sophos. It identified Real Piano as an app that could serve unwanted ads. I uninstalled Real Piano and so far have not seen these popups any more.
Click to expand...
Click to collapse
I'm glad Sophos helped. People believe that there are no malware threats on Android. Unsolicited adware can even be more bothersome as they are installed inside of applications but can run whether or not the application is active (malware!)
You might be interested in Mobile Security|NowSecure (ViaForensics) for further insight into where your installed applications are connecting.
HankB said:
I had already tried CM and it found no threats beyond a lot of cookies. I uninstalled it and tried Sophos. It identified Real Piano as an app that could serve unwanted ads. I uninstalled Real Piano and so far have not seen these popups any more.
Click to expand...
Click to collapse
Occasionally, some sites (including xda several months ago) will serve up similar fake (scareware) ads when they detect a mobile Android device. If you have installed adaway, these ads are usually not presented. Or if you aren't rooted, try out Ghostery browser from the play store. Works pretty good too.
Make sure you have the option to install from unknown sources (settings/security) disabled as a precaution.
(If you notice these ads on reputable sites, do contact the site administrators. XDA got the issue fixed 2-3 days after I reported it to them)
HankB said:
Thanks.
I wonder how they can be blocked.
Click to expand...
Click to collapse
install Mozilla and use adblock plus addon.
I get failed to open that page, Im using adblock from the link below.
forum.xda-developers.com/showthread.php?t=1916098
Today I tried fiddling a bit with this app. It's all good but after disabling a couple services in the Gmail app and finding out that they were needed a few minutes later, it seems like whenever I try bring them back to their prior unfrozen state they just won't stick, and every time I open the app they appear to be unchecked again. I'd really love to keep using this app but I damn sure need Gmail so...any idea on why this might be happening?
Edit: the app keeps killing the processes as shown on the attached pic.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
I also sent an email to the developer, looking forward to be able to use the app without issues if I manage, it solved all of my wakelock issues, then this happened...
Still nothing from the dev, in the meantime I switched to Inbox which doesn't seem to be affected, still hoping to fix this tho...
I am getting google play services not installed, contact manufacturer for assistance.
abs0lut3z33r0 said:
I am getting google play services not installed, contact manufacturer for assistance.
Click to expand...
Click to collapse
I used to have the same problem. It turned out that I was being too aggressive with disabling limes into Google Play Services. However if I restore them it simply sticks as it should in the app, so it's not a big deal. With Gmail however it's a whole different story, at least on my device/ROM layout. I could try a full wipe but ain't nobody got time for dat...
A factory reset didnt repair the service status. I am rethinking of using disable service , does it slow down the phone over time ?
abs0lut3z33r0 said:
A factory reset didnt repair the service status. I am rethinking of using disable service , does it slow down the phone over time ?
Click to expand...
Click to collapse
I'm mot using it right now, but I moticed that after I unistalled it the processes I blocked within the app remained blocked. A few seconds before uninstalling I just enabled Gmail, and being the app removed it just sticked for once. So even tho it's quite a crooked way to do it I managed to have Gmail working and the app doing its job anyway, even if it's currently not installed. It is a shame that one has to do such dirty workarounds in order to make things work as they should without breaking functionality, but that's the "fix" I'm using at the moment. Still no word from the dev so I've kinda lost hope anyways.
^Controlling App startup in android is tricky and i use disable services for apps that dont listen to AppOps , BootManager . All GCMIntent and Analytics Service are disabled
abs0lut3z33r0 said:
^Controlling App startup in android is tricky and i use disable services for apps that dont listen to AppOps , BootManager . All GCMIntent and Analytics Service are disabled
Click to expand...
Click to collapse
I wonder how much of a difference all of our micro managing really makes. Sure some processes are pretty toxic but when running a very slim build like deodexed XtreStoLite there isn't really much left to kill...right now I'm just using Greenify after a fresh install and I seem to be getting pretty much the same battery life...
Inviato dal mio SM-G925K utilizzando Tapatalk
No work for greenify on a clean install . The apps and service pile up over time . For me its :-
1. Freezing /unfreeze for facebook,kindle,amazon,etc
2.Disable services
3.App Ops
4. If apps crashes because of service disable then add on greenify
5. App Ops Startup + bootmanager
Using Old version of some apps like airdroid.