Joined
Jul 16, 2018
Messages
1
Operating System
Android
#1
When I turn on my phone, theres a circle that pops up on my phone's homescreen, and the only way that i found to get rid of it is to tap it. When you do, you are redirected to Adsv123.com, which is named Home123 in the multitab view. This opens in Google Chrome. How do i remove this malware?
 
Likes: lowdetection

RoboMan

Level 25
Content Creator
Verified
Joined
Jun 24, 2016
Messages
1,462
Operating System
Windows 10
Antivirus
Kaspersky
#2
That's potentially caused by an installed application that's showing ads/banners. The most efficient solution tends to be to browse through your application manager and uninstall every single application you don't recognise. Given the fact that it's probably an app you reciently downloaded, that should solve the problem. Before going any further, I suggest you try this.
 
Likes: lowdetection

lowdetection

Level 7
Verified
Joined
Jul 1, 2017
Messages
338
Operating System
Linux
Antivirus
#3
From the way I see, into urlscan.io there is no reference of adsv123.com, anyway there is ads123.com,

Search - urlscan.io

Now, the best approach would be using NetMonitor and see who triggered that connection in my opinion

https://play.google.com/store/apps/details?id=org.secuso.privacyfriendlynetmonitorapp

I deal with many Android apps, thousands, this is not common way of advertising, you could expect and flag the application that do this as malware.

If you have time, you could also export the list of apps you have and analyze them one by one, from your description that seems more than an api call for advertising, an app widget launching on boot, probably is not the only domain contacted, but only what you can see, at DNS level I am quite sure there is more.

P.S. Analyzing a bit, and seeing low results, I suspect that site you see is only the final result of a redirect chain, in this case NetMonitor should be the best choice for you to detect that shady app,

Examples: Search - urlscan.io

P.P.S.

I think this domain is a sort of generator for redirect chains, used by some apps for shady advertising

 
Last edited: