Android Users Hit with ‘Undeletable’ Adware

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,154
Content source
https://threatpost.com/android-users-undeletable-adware/157189/
A healthy percentage of Android users targeted by mobile malware or mobile adware last year suffered a system partition infection, making the malicious files virtually undeletable.

That’s according to research from Kaspersky, which found that 14.8 percent of its users who suffered such attacks were left with undeletable files. These range from trojans that can install and run apps without the user’s knowledge, to less threatening, but nevertheless intrusive, advertising apps.

“A system partition infection entails a high level of risk for the users of infected devices, as a security solution cannot access the system directories, meaning it cannot remove the malicious files,” the firm explained, in a posting on Monday.

Moreover, research found that most devices harbor pre-installed default applications that are also undeletable – the number of those affected varies from 1 to 5 percent of users with low-cost devices, and reaches 27 percent in extreme cases.

“Infection can happen via two paths: The threat gains root access on a device and installs adware in the system partition, or the code for displaying ads gets into the firmware of the device before it even ends up in the hands of the consumer,” according to the firm.

In the latter scenario, this could lead to potentially undesired and unplanned consequences. For instance, many smartphones have functions providing remote access to the device. If abused, such a feature could lead to a data compromise of a user’s device.
Click to expand...
 
  • Like
  • +Reputation
Reactions: roger_m, Deletedmessiah, Protomartyr and 7 others
Brahman

Brahman

Level 17
Verified
Top Poster
Well-known
Aug 22, 2013
815
Vitali Ortzi said:
You can just flush the image via booting into recovery or worst case using a PC .
Click to expand...
Moreover, research found that most devices harbor pre-installed default applications that are also undeletable – the number of those affected varies from 1 to 5 percent of users with low-cost devices, and reaches 27 percent in extreme cases.
Click to expand...
If the adware comes preinstalled there is no use in re-imaging/resetting as the original image contains the adware.The way is to root it and install a custom OS or root it, find the adware files and delete it. .
 
Last edited:
  • Like
  • +Reputation
Reactions: roger_m, Stopspying, Protomartyr and 1 other person
Vitali Ortzi

Vitali Ortzi

Level 22
Verified
Top Poster
Well-known
Dec 12, 2016
1,148
JoyousBudweiser said:
If the adware comes preinstalled there is no use in re-imaging/resetting as the original image contains the adware.The way is to root it and install a custom OS or root it, fins the adware files and delete it. .
Click to expand...
Yeah if you bought a phone from wish 😂.
Anyway yeah with root access you can remove any adware/malware on system partition .

But malware can always hide elsewhere but very very very rarely it does so(APT).
 
  • Like
Reactions: roger_m, Stopspying, Protomartyr and 1 other person
Brahman

Brahman

Level 17
Verified
Top Poster
Well-known
Aug 22, 2013
815
Vitali Ortzi said:
Yeah if you bought a phone from wish 😂.
Anyway yeah with root access you can remove any adware/malware on system partition .

But malware can always hide elsewhere but very very very rarely it does so(APT).
Click to expand...
Not only wish, but xiaomi, oppo, huawei and some models from Samsung do contains provisions to track you and carter you with in app ads without your permission. I consider this too as adware.
tracking.india.miui.com
data.mistat.india.xiaomi.com
sdkconfig.ad.intl.xiaomi.com
api.ad.intl.xiaomi.com
Click to expand...
These are some tracking and ads providing address that is getting blocked frequently by nextdns in my poco.
 
Last edited:
  • Like
Reactions: roger_m, Stopspying, Protomartyr and 1 other person
Brahman

Brahman

Level 17
Verified
Top Poster
Well-known
Aug 22, 2013
815
Vitali Ortzi said:
True .
But you have access to the bootloader from the manufacturer itself on xiaomi,one plus and some oppo phones.
Others require hacks to get the open source vanilla working or you can just debloat via adb / root and unroot/disable adb and have a vanilla like experience.
Click to expand...
Yes you can to some extent. In miui you can turn off all ads without rooting. The settings for that is hidden deep inside. For miui you can't completely debloat because ads are there in " security" app which if removed will cause bootloop. Rooting and using aosp is the best way to get rid off the tracking employed by these companies. I have always rooted my android phones ( lg p500, nexus 4, OnePlus one) but not my poco. I was a flashaholic once but lost interest in rooting and flashing. I think it happens with your age ...you get lazy...you just want a decent phone which is lagfree and do your daily chores. I may root my poco when Xiaomi ends official support. But till then I have decided to go with private dns ( Nextdns ) to block the tracking and ads.
 
  • Like
Reactions: Protomartyr, Vitali Ortzi, WhiteMouse and 1 other person
F

ForgottenSeer 85179

JoyousBudweiser said:
Yes you can to some extent. In miui you can turn off all ads without rooting. The settings for that is hidden deep inside. For miui you can't completely debloat because ads are there in " security" app which if removed will cause bootloop. Rooting and using aosp is the best way to get rid off the tracking employed by these companies. I have always rooted my android phones ( lg p500, nexus 4, OnePlus one) but not my poco. I was a flashaholic once but lost interest in rooting and flashing. I think it happens with your age ...you get lazy...you just want a decent phone which is lagfree and do your daily chores. I may root my poco when Xiaomi ends official support. But till then I have decided to go with private dns ( Nextdns ) to block the tracking and ads.
Click to expand...
It's known which phones are using ads and tracking on their phones so the user can research that before and just buy phone from company which don't do that or at least provide the option to flash clean Android with re-locking Bootloader support like Pixel phones.

It just doesn't make sense to root a phone because of ads, tracking. That's dangerous misinformation on nearly all flashing guides or community's like XDA.
 
  • Like
Reactions: Vitali Ortzi
You must log in or register to reply here.

Similar threads

CyberTech
    • Like
    • +Reputation
Android adware apps on Google Play amass two million installs
Replies
0
Views
698
News Archive
CyberTech
CyberTech
MuzzMelbourne
    • Like
Over 60K Adware Apps Posing as Cracked Versions of Popular Apps Target Android Devices
Replies
0
Views
1,261
News Archive
MuzzMelbourne
MuzzMelbourne
vtqhtr413
    • +Reputation
    • Like
DogeRAT Trojan Targets Indian Android Users
Replies
0
Views
591
News Archive
vtqhtr413
vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top