Problem Infected phone subscribing me to paid SMS services?

Joined
Sep 5, 2017
Messages
3
OS
Android
Antivirus
Malwarebytes
#1
2 times it happened that I got subscribed (without my will) to some SMS services that cost money. First time it happened about 1-2 months ago, second time a few days ago.

So, I installed Malwarebytes Antimalware for Android (I did not have any security software installed before), and it found 2 infections. One was Android/trojan.hiddenAds.ip, that injected itself into a system app for wireless system updates.

Other was Android/Adware.YeMobi.a, that injected into a CallerIdSearch.apk. Seems that it is pre-installed on many phones.

Neither of infections could be removed, only thing it could be done is disabling of infected apps (both system apps).

I have read on the internet, about the same infection that happened to some guy, and everyone told him that Trojan has an absolute controll of his phone now, and that he should flash it as soon as possible. No other way of fixing it

I have read on the news that Cubot is preparing Android 7 for my phone this month, and when it gets out, I will flash the phone.

Untill then, I will use the phone in Safe Mode. But, will it do anything, because safe mode only disables non-system apps?

Also, is it possible that this malware was sending SMS for subscribing to those paid services, from my phone, without me knowing?

I have contaced my mobile service provider, and they have disabled an option for me to have any paid SMS services activated in the future. But, the damage has been done.
 
D

Deleted member 65228

Guest
#2
Contact your phone network provider and explain to them what has happened. They may even be able to revert the charges of the services and put a block on it happening in the future - should be easy to do for any good network provider as long as you don't use any premium phone subscriptions that is.

I recommend you attempt to do a full restore of your device through recovery. Bear in mind you will lose data which isn't backed up appropriately... You can back up documents beforehand, but be cautious of doing this as well (not recommended unless it is essential).

Try it out and keep us updated, I'm interesting in finding out what happens. I want you to have a malware-free device and be good to go again, not struggling trying to remove infections! :)
 
Joined
Sep 5, 2017
Messages
3
OS
Android
Antivirus
Malwarebytes
#3
I have contacted them and ask to block all options for me to be subscribed to any paid SMS services. This is a scam that is present in my country, because law allows this.
I have flashed the phone with latest ROM from Cubot, and bought Malwarebytes Antimalware for Android.

That was 2 months ago.
 
D

Deleted member 65228

Guest
#4
I have contacted them and ask to block all options for me to be subscribed to any paid SMS services. This is a scam that is present in my country, because law allows this.
I have flashed the phone with latest ROM from Cubot, and bought Malwarebytes Antimalware for Android.

That was 2 months ago.
I apologise, I didn't notice the post date. I thought it was recent automatically because I was browsing the first page of the forum... My bad.

It is good to know you contacted them about blocking all subscriptions, did they ever get back to you about this and confirm they had done this?

These things happen over in France too... I once had a family member affected by this. I get a lot of spam texts/calls every few months but I simply ignore them, because answering unknown numbers or texts which seem suspicious can confirm to someone that there is someone on the other side actually operating the device. -> provides an opportunity for them to victimise.
 
Joined
Sep 5, 2017
Messages
3
OS
Android
Antivirus
Malwarebytes
#5
Yes, they confirmed it. But the damage was done (about 10-15 Euros).

Here, we can just receive an SMS saying, "You have succesfully subscribed to this SMS service, bla bla bla. It will cost you this much for every SMS received. It costs this much to unsubscribe. Bla bla bla". They can just subscribe me to it, without my consent, it seems.
 

Similar Threads

Similar Threads

Latest Threads